Remote Attestation Extended to the Analog Domain

Abstract

On embedded systems, Trusted Computing schemes can be used to detect manipulations of firmware. It is however not possible to detect a wide range of hardware manipulations such as passive listeners, active signal manipulations and circuit modifications. This work extends the Trusted Computing approach of detection through integrity measurement to the analog domain. It examines the step response of a circuit for its suitability as a component’s fingerprint. These fingerprints are combined with statistical comparison methods such as the Manhattan Distance or the Root Mean Square Error in order to provide a reliable fingerprint verification scheme. The fingerprinting and verification techniques are then combined with a remote attestation protocol based on the Device Identifier Composition Engine to yield a remote attestation scheme that covers both a device’s firmware and its peripheral hardware. This scheme is implemented and evaluated on a resource-constrained MCU in order to demonstrate its feasibility for embedded systems.