Cumulative attestation kernels for embedded systems

Michael Lemay, Carl A. Gunter

Research output: Chapter in Book/Report/Conference proceedingConference contribution


There are increasing deployments of networked embedded systems and rising threats of malware intrusions on such systems. To mitigate this threat, it is desirable to enable commonly-used embedded processors known as flash MCUs to provide remote attestation assurances like the Trusted Platform Module (TPM) provides for PCs. However, flash MCUs have special limitations concerning cost, power efficiency, computation, and memory that influence how this goal can be achieved. Moreover, many types of applications require integrity guarantees for the system over an interval of time rather than just at a given instant. The aim of this paper is to demonstrate how an architecture we call a Cumulative Attestation Kernel (CAK) can address these concerns by providing cryptographically secure firmware auditing on networked embedded systems. To illustrate the value of CAKs, we demonstrate practical remote attestation for Advanced Metering Infrastructure (AMI), a core technology in emerging smart power grid systems that requires cumulative integrity guarantees. To this end, we show how to implement a CAK in less than one quarter of the memory available on low end AVR32 flash MCUs similar to those used in AMI deployments. We analyze one of the specialized features of such applications by formally proving that remote attestation requirements are met by our implementation even if no battery backup is available to prevent sudden halt conditions.

Original languageEnglish (US)
Title of host publicationComputer Security - ESORICS 2009 - 14th European Symposium on Research in Computer Security, Proceedings
Number of pages16
StatePublished - 2009
Event14th European Symposium on Research in Computer Security, ESORICS 2009 - Saint-Malo, France
Duration: Sep 21 2009Sep 23 2009

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume5789 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Other14th European Symposium on Research in Computer Security, ESORICS 2009

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)


Dive into the research topics of 'Cumulative attestation kernels for embedded systems'. Together they form a unique fingerprint.

Cite this