Software-Based Security Approach for Networked Embedded Devices

Abstract

As the Internet of Things (IoT) continues to expand, data security has become increasingly important for ensuring privacy and safety, especially given the sensitive and, sometimes, critical nature of the data handled by IoT devices. There exist hardware-based trusted execution environments used to protect data, but they are not compatible with low-cost devices that lack hardware-assisted security features. The research in this paper presents software-based protection and encryption mechanisms explicitly designed for embedded devices. The proposed architecture consists of two parts: the Agent, which is designed to work with low-cost, low-end devices without requiring modifications to the underlying hardware, and the Computing Module, which is designed for slightly more computationally powerful devices. The Computing Module enables devices to write data in protected memory and continuously verifies its integrity to provide protection. Additionally, it utilizes the Agents located on the device to safeguard device applications against attacks by requesting the Agent to generate an application code signature and validating it. The proposed solution is an alternative data security approach for low-cost IoT devices without compromising performance or functionality. Our work underscores the importance of developing secure and cost-effective solutions for protecting data in the context of IoT.