

# Attesting the Hardware Integrity of Constrained Embedded Systems





Bundesministerium für Bildung und Forschung

VE-ASCOT 03/2021-12/2024

### Motivation

- Critical infrastructure requires methods to attest hardware (HW) and software (SW) integrity
- Physical anti-tamper methods may be infeasible
- Goal: Create lightweight HW/SW architecture to detect tampering on the supply chain and at runtime

## Solution Components

#### Hardware Platform

- Industrial IoT sensor system
- ARM Cortex-M33
- Monitoring of serial
  - communication (I2C, SPI)
- On-device SRAM-PUF



- FHMQV-C: Reduces the communication and processing overhead of remote attestations by combining key establishment and mutual authentication
- tinyDICE: Further reduces the communication and processing overhead of remote attestations by swapping explicit for implicit certificates
- Hardware watchdog: Detects tampering at runtime by extracting meaningful features from analog characteristics
- SRAM Physically Uncloneable Function (PUF): Helps ensure supply chain integrity



## Lightweight HW/SW Architecture

| First-Stage Bootloader | Second-Stage Bootloader | Operating System and Applications |
|------------------------|-------------------------|-----------------------------------|



