Abstract
No doubt, a person of modern society relying on Embedded Systems (ESs) has increased rapidly and the era of digital machines is gaining popularity among users and also systems providers. At the same time, such instruments face substantial security challenges because they usually operate in a physically unprotected environment, and thus attract the attackers to gain unauthorized access for utilizing the system functions. Accordingly, system integrity is important and hence there is a need to propose a technique/tool to verify that the original/pure systems codes have been used in those devices. In this research, our main objective is to design a system architecture with a secure communication for code integrity attestation of an ES. Indeed, the study presents the proposed system architecture for ESs integrity attestation which includes two main phases: fetching an ES code at a server site and examining the ES at a remote site (using a designed user application). Essentially, the hash function (SHA-2) with a random key to calculate a unique digest value for a targeted system have been utilized. Also, the study used timestamps and nonce values, two secure keys, and public key algorithm to design a secure protocol in-order to prevent potential attacks during data and the associated values transfer between the server and the remote user application. As many researchers state that the formal methods are very precise and accurate for presenting system specifications; this study modeled and analyzed the proposed attestation protocol using the Communicating Sequential Processes (CSP) formal method approach. Besides, the Compiler for the Analysis of Security Protocols (Casper) has been used to translate the protocol description into the corresponding process algebra CSP model. Then, the researcher used the Failures Divergences Refinement (FDR) to evaluate the proposed protocol. Those formal method tools are considered as a reliable verification measurement in-order to figure-out potential flaws and correct them. Overall, the final output of checking all the defined secrecy and authentication assertions using FDR 4.2.0, and thus all the secrecy and authentication specifications defined in the developed Casper script are passed.
Highlights
Embedded Systems (ESs) are available anywhere and anytime and they are considered as established part of daily routines
FROM THE FORMAL METHOD APPROACH As many researchers state that the formal methods are very precise and accurate for presenting system specifications [48], [49]; this study modeled and analyzed the proposed verification protocol using the Communicating Sequential Processes (CSP) formal method approach
The CSP approach has been proven practically to be successful in verifying security protocols and in identifying attacks upon a number of them
Summary
Embedded Systems (ESs) are available anywhere and anytime and they are considered as established part of daily routines. Their usage in sensing, storing, processing, and transferring personal and private data in devices such as ATM. Privacy and security concerns are influencing the ESs utilization; such as the adoption of smart wearable devices and Internet of Things (IoT) [1], [2]. Developers of those systems face significant challenges in relation to the issue of code integrity and information security.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
