{"title":"Permutation-Based Firmware Remote Attestation for Internet-of-Things Edge-Based Network","authors":"Zainab AlJabri;Jemal H. Abawajy","doi":"10.1109/JSYST.2025.3550055","DOIUrl":null,"url":null,"abstract":"Firmware security in edge-enabled IoT devices is crucial, but existing methods struggle to balance strong protection with realistic hardware trust assumptions, device privacy, nontraceability, and resilience against attacks. This article addresses these challenges by introducing a novel permutation-based firmware attestation mechanism. Our method leverages edge servers as verifiers, low-cost memory, randomized permutations, and avalanche criteria for optimized security and efficiency. Rigorous formal and informal security analysis, coupled with performance evaluation, demonstrates superior performance against various attacks, achieving over 90% detection probability and effectively mitigating both remote and mobile software attacks. These results demonstrate the significant potential of our approach for enhancing firmware security in edge-enabled IoT devices.","PeriodicalId":55017,"journal":{"name":"IEEE Systems Journal","volume":"19 2","pages":"346-357"},"PeriodicalIF":4.4000,"publicationDate":"2025-03-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Systems Journal","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10944274/","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
Firmware security in edge-enabled IoT devices is crucial, but existing methods struggle to balance strong protection with realistic hardware trust assumptions, device privacy, nontraceability, and resilience against attacks. This article addresses these challenges by introducing a novel permutation-based firmware attestation mechanism. Our method leverages edge servers as verifiers, low-cost memory, randomized permutations, and avalanche criteria for optimized security and efficiency. Rigorous formal and informal security analysis, coupled with performance evaluation, demonstrates superior performance against various attacks, achieving over 90% detection probability and effectively mitigating both remote and mobile software attacks. These results demonstrate the significant potential of our approach for enhancing firmware security in edge-enabled IoT devices.
期刊介绍:
This publication provides a systems-level, focused forum for application-oriented manuscripts that address complex systems and system-of-systems of national and global significance. It intends to encourage and facilitate cooperation and interaction among IEEE Societies with systems-level and systems engineering interest, and to attract non-IEEE contributors and readers from around the globe. Our IEEE Systems Council job is to address issues in new ways that are not solvable in the domains of the existing IEEE or other societies or global organizations. These problems do not fit within traditional hierarchical boundaries. For example, disaster response such as that triggered by Hurricane Katrina, tsunamis, or current volcanic eruptions is not solvable by pure engineering solutions. We need to think about changing and enlarging the paradigm to include systems issues.