| Autor: |
Litvinov E; Nokia Corporation, 90620 Oulu, Finland., Llumiguano H; Department of Technology and Information Systems, University of Castilla-La Mancha, 13001 Ciudad Real, Spain., Santofimia MJ; Department of Technology and Information Systems, University of Castilla-La Mancha, 13001 Ciudad Real, Spain., Del Toro X; Department of Technology and Information Systems, University of Castilla-La Mancha, 13001 Ciudad Real, Spain., Villanueva FJ; Department of Technology and Information Systems, University of Castilla-La Mancha, 13001 Ciudad Real, Spain., Rocha P; CINTESIS@RISE, Department of Behavioural Sciences, Abel Salazar Biomedical Sciences Institute (ICBAS), University of Porto, 4099-002 Porto, Portugal. |
| Abstrakt: |
Internet of Things cybersecurity is gaining attention as the number of devices installed in IoT environments is exponentially increasing while the number of attacks successfully addressed to these devices are also proliferating. Security concerns have, however, been mainly addressed to service availability and information integrity and confidentiality. Code integrity, on the other hand, is not receiving proper attention, mainly because of the limited resources of these devices, thus preventing the implementation of advanced protection mechanisms. This situation calls for further research on how traditional mechanisms for code integrity can be adapted to IoT devices. This work presents a mechanism for code integrity in IoT devices based on a virtual-machine approach. A proof-of-concept virtual machine is presented, specially designed for providing code integrity during firmware updates. The proposed approach has been experimentally validated in terms of resource consumption among the most-widespread micro-controller units. The obtained results demonstrate the feasibility of this robust mechanism for code integrity. |
