Sentinel: Secure Mode Profiling and Enforcement for Embedded Systems

Abstract

Embedded devices are designed to cover many possible use cases. In practice only a small subset of features may be used in a given deployment. As devices age, some features turn out to be security risks. We address these problems by creating Sentinel, a secure mode profiler for embedded devices. Sentinel uses a bus tapping interface to derive a partial control flow graph during device execution. This graph represents the subset of device modes actually observed during use. The control flow graph is generated without any prior knowledge of the device or its software and constitutes a security profile which can be used to audit device execution in order to detect attacks. The profile can be easily enforced by existing bus monitors with minor modifications.