ShieLD: Shielding Cross-zone Communication within Limited-resourced IoT Devices running Vulnerable Software Stack, an IEEE TDSC Publication

Mar 16, 2022

Authors: Anum Khurshid, Sileshi Demesie Yalew, Mudassar Aslam and Shahid Raza

Date: 1 Feb 2022

DOI Bookmark:

A new publication on TrustZone-M Technology is accepted in IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING and is now available through IEEEXplore.

TrustZone-M, a Trusted Execution Environment (TEE) for Cortex-M processors, ensures stronger security within an IoT device by allowing isolated execution of security-critical operations, without trusting the entire software stack. However, TrustZone-M does not guarantee secure cross-world communication between applications in the Normal and Secure worlds. The cryptographic protection of the communication channel is an obvious solution; however, within a low-power IoT device, it incurs high overhead if applied to each cross-world message exchange. We present ShieLD, a framework that enables a secure communication channel between the two TrustZone-M worlds by leveraging the Memory Protection Unit (MPU). ShieLD guarantees confidentiality, integrity and authentication services without requiring any cryptographic operations.

The publication is a step further towards secure execution of critical code in embedded devices that make up the critical infrastructures like industry 4.0, smart vehicles and smart homes. This is one of the major security objectives of VEDLIoT and will strengthen the trust on edge devices participating in attestation.