You Can't Always Check What You Wanted: : Selective Checking and Trusted Execution to Prevent False Actuations in Real-Time Internet-of-Things

Monowar Hasan; Sibin Mohan

doi:10.1109/ISORC58943.2023.00017

You Can't Always Check What You Wanted: : Selective Checking and Trusted Execution to Prevent False Actuations in Real-Time Internet-of-Things

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Modern Internet-of-Things devices are vulnerable to attacks targeting outgoing actuation commands that modify their physical behaviors. We present a 'selective checking' mechanism that uses game-theoretic modeling to identify the suitable subset of commands to be checked in order to deter an adversary. This mechanism is coupled with a 'delay-aware' trusted execution environment to ensure that only verified actuation commands are ever sent to the physical system, thus maintaining the safety and integrity of the system. Our proposed selective checking and trusted execution (SCATE) framework is implemented on an off-the-shelf ARM platform running embedded Linux and tested on four realistic IoT-specific cyber-physical systems (a ground rover, a flight controller, a robotic arm and an automated syringe pump).

Original language	English (US)
Title of host publication	Proceedings - 2023 IEEE 26th International Symposium on Real-Time Distributed Computing, ISORC 2023
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	42-53
Number of pages	12
ISBN (Electronic)	9798350339024
DOIs	https://doi.org/10.1109/ISORC58943.2023.00017
State	Published - 2023
Externally published	Yes
Event	26th IEEE International Symposium on Real-Time Distributed Computing, ISORC 2023 - Nashville, United States Duration: May 23 2023 → May 25 2023

Publication series

Name	Proceedings - 2023 IEEE 26th International Symposium on Real-Time Distributed Computing, ISORC 2023

Conference

Conference	26th IEEE International Symposium on Real-Time Distributed Computing, ISORC 2023
Country/Territory	United States
City	Nashville
Period	5/23/23 → 5/25/23

ASJC Scopus subject areas

Computer Networks and Communications
Hardware and Architecture
Information Systems
Safety, Risk, Reliability and Quality

Online availability

10.1109/ISORC58943.2023.00017

Library availability

Discover UIUC Full Text

Cite this

Hasan, M., & Mohan, S. (2023). You Can't Always Check What You Wanted: : Selective Checking and Trusted Execution to Prevent False Actuations in Real-Time Internet-of-Things. In Proceedings - 2023 IEEE 26th International Symposium on Real-Time Distributed Computing, ISORC 2023 (pp. 42-53). (Proceedings - 2023 IEEE 26th International Symposium on Real-Time Distributed Computing, ISORC 2023). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/ISORC58943.2023.00017

You Can't Always Check What You Wanted: : Selective Checking and Trusted Execution to Prevent False Actuations in Real-Time Internet-of-Things. / Hasan, Monowar; Mohan, Sibin.
Proceedings - 2023 IEEE 26th International Symposium on Real-Time Distributed Computing, ISORC 2023. Institute of Electrical and Electronics Engineers Inc., 2023. p. 42-53 (Proceedings - 2023 IEEE 26th International Symposium on Real-Time Distributed Computing, ISORC 2023).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Hasan, M & Mohan, S 2023, You Can't Always Check What You Wanted: : Selective Checking and Trusted Execution to Prevent False Actuations in Real-Time Internet-of-Things. in Proceedings - 2023 IEEE 26th International Symposium on Real-Time Distributed Computing, ISORC 2023. Proceedings - 2023 IEEE 26th International Symposium on Real-Time Distributed Computing, ISORC 2023, Institute of Electrical and Electronics Engineers Inc., pp. 42-53, 26th IEEE International Symposium on Real-Time Distributed Computing, ISORC 2023, Nashville, United States, 5/23/23. https://doi.org/10.1109/ISORC58943.2023.00017

Hasan M, Mohan S. You Can't Always Check What You Wanted: : Selective Checking and Trusted Execution to Prevent False Actuations in Real-Time Internet-of-Things. In Proceedings - 2023 IEEE 26th International Symposium on Real-Time Distributed Computing, ISORC 2023. Institute of Electrical and Electronics Engineers Inc. 2023. p. 42-53. (Proceedings - 2023 IEEE 26th International Symposium on Real-Time Distributed Computing, ISORC 2023). doi: 10.1109/ISORC58943.2023.00017

Hasan, Monowar ; Mohan, Sibin. / You Can't Always Check What You Wanted : : Selective Checking and Trusted Execution to Prevent False Actuations in Real-Time Internet-of-Things. Proceedings - 2023 IEEE 26th International Symposium on Real-Time Distributed Computing, ISORC 2023. Institute of Electrical and Electronics Engineers Inc., 2023. pp. 42-53 (Proceedings - 2023 IEEE 26th International Symposium on Real-Time Distributed Computing, ISORC 2023).

@inproceedings{91e88313189f4db18b2013f8fddbbddb,

title = "You Can't Always Check What You Wanted: : Selective Checking and Trusted Execution to Prevent False Actuations in Real-Time Internet-of-Things",

abstract = "Modern Internet-of-Things devices are vulnerable to attacks targeting outgoing actuation commands that modify their physical behaviors. We present a 'selective checking' mechanism that uses game-theoretic modeling to identify the suitable subset of commands to be checked in order to deter an adversary. This mechanism is coupled with a 'delay-aware' trusted execution environment to ensure that only verified actuation commands are ever sent to the physical system, thus maintaining the safety and integrity of the system. Our proposed selective checking and trusted execution (SCATE) framework is implemented on an off-the-shelf ARM platform running embedded Linux and tested on four realistic IoT-specific cyber-physical systems (a ground rover, a flight controller, a robotic arm and an automated syringe pump).",

author = "Monowar Hasan and Sibin Mohan",

note = "The material in this paper is based upon work supported in part by the U.S. National Science Foundation (NSF) under grant NSF 2246937. Any findings, opinions, recommendations or conclusions expressed in the paper are those of the authors and do not necessarily reflect the views of sponsors.; 26th IEEE International Symposium on Real-Time Distributed Computing, ISORC 2023 ; Conference date: 23-05-2023 Through 25-05-2023",

year = "2023",

doi = "10.1109/ISORC58943.2023.00017",

language = "English (US)",

series = "Proceedings - 2023 IEEE 26th International Symposium on Real-Time Distributed Computing, ISORC 2023",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "42--53",

booktitle = "Proceedings - 2023 IEEE 26th International Symposium on Real-Time Distributed Computing, ISORC 2023",

address = "United States",

}

TY - GEN

T1 - You Can't Always Check What You Wanted

T2 - 26th IEEE International Symposium on Real-Time Distributed Computing, ISORC 2023

AU - Hasan, Monowar

AU - Mohan, Sibin

N1 - The material in this paper is based upon work supported in part by the U.S. National Science Foundation (NSF) under grant NSF 2246937. Any findings, opinions, recommendations or conclusions expressed in the paper are those of the authors and do not necessarily reflect the views of sponsors.

PY - 2023

Y1 - 2023

N2 - Modern Internet-of-Things devices are vulnerable to attacks targeting outgoing actuation commands that modify their physical behaviors. We present a 'selective checking' mechanism that uses game-theoretic modeling to identify the suitable subset of commands to be checked in order to deter an adversary. This mechanism is coupled with a 'delay-aware' trusted execution environment to ensure that only verified actuation commands are ever sent to the physical system, thus maintaining the safety and integrity of the system. Our proposed selective checking and trusted execution (SCATE) framework is implemented on an off-the-shelf ARM platform running embedded Linux and tested on four realistic IoT-specific cyber-physical systems (a ground rover, a flight controller, a robotic arm and an automated syringe pump).

AB - Modern Internet-of-Things devices are vulnerable to attacks targeting outgoing actuation commands that modify their physical behaviors. We present a 'selective checking' mechanism that uses game-theoretic modeling to identify the suitable subset of commands to be checked in order to deter an adversary. This mechanism is coupled with a 'delay-aware' trusted execution environment to ensure that only verified actuation commands are ever sent to the physical system, thus maintaining the safety and integrity of the system. Our proposed selective checking and trusted execution (SCATE) framework is implemented on an off-the-shelf ARM platform running embedded Linux and tested on four realistic IoT-specific cyber-physical systems (a ground rover, a flight controller, a robotic arm and an automated syringe pump).

UR - http://www.scopus.com/inward/record.url?scp=85168769545&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85168769545&partnerID=8YFLogxK

U2 - 10.1109/ISORC58943.2023.00017

DO - 10.1109/ISORC58943.2023.00017

M3 - Conference contribution

AN - SCOPUS:85168769545

T3 - Proceedings - 2023 IEEE 26th International Symposium on Real-Time Distributed Computing, ISORC 2023

SP - 42

EP - 53

BT - Proceedings - 2023 IEEE 26th International Symposium on Real-Time Distributed Computing, ISORC 2023

PB - Institute of Electrical and Electronics Engineers Inc.

Y2 - 23 May 2023 through 25 May 2023

ER -

You Can't Always Check What You Wanted: : Selective Checking and Trusted Execution to Prevent False Actuations in Real-Time Internet-of-Things

Abstract

Publication series

Conference

ASJC Scopus subject areas

Online availability

Library availability

Related links

Fingerprint

Cite this