Provisioning Software with Hardware-Software Binding

Robert Lee; Konstantinos Markantonakis; Raja Akram

doi:10.1145/3098954.3103158

Provisioning Software with Hardware-Software Binding

Robert Lee, Konstantinos Markantonakis, Raja Akram

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

183 Downloads (Pure)

Abstract

Smart cities are a concept of interest to many industrial, academic and government organisations. However, smart cities present a large attack surface to adversaries if every traffic light, power relay and water pipe are connected to the internet. This paper describes the problem of distributing software in a smart city when strong protection of device software, software installation and update provision are required. A set of requirements for a secure software provisioning system is presented and two models for the software distribution are proposed. Three protocols for distributing software are presented that meet the requirements stated. A formal analysis using Tamarin Prover is described that proves the security of the proposed protocols. Finally, an implementation has been developed using a laptop and Raspberry Pi 3 to demonstrate the proposed protocols in action and the performance of them.

Original language	English
Title of host publication	FARES '17 Proceedings of the 12th International Workshop on Frontiers in Availability, Reliability and Security
Publisher	ACM
Pages	1-9
Number of pages	9
ISBN (Print)	978-1-4503-5257-4
DOIs	https://doi.org/10.1145/3098954.3103158
Publication status	Published - 29 Aug 2017

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access to Document

10.1145/3098954.3103158

Accepted ManuscriptAccepted author manuscript, 622 KB

Cite this

@inproceedings{88c5321bfc19452180c48e877596ca94,

title = "Provisioning Software with Hardware-Software Binding",

abstract = "Smart cities are a concept of interest to many industrial, academic and government organisations. However, smart cities present a large attack surface to adversaries if every traffic light, power relay and water pipe are connected to the internet. This paper describes the problem of distributing software in a smart city when strong protection of device software, software installation and update provision are required. A set of requirements for a secure software provisioning system is presented and two models for the software distribution are proposed. Three protocols for distributing software are presented that meet the requirements stated. A formal analysis using Tamarin Prover is described that proves the security of the proposed protocols. Finally, an implementation has been developed using a laptop and Raspberry Pi 3 to demonstrate the proposed protocols in action and the performance of them.",

author = "Robert Lee and Konstantinos Markantonakis and Raja Akram",

year = "2017",

month = aug,

day = "29",

doi = "10.1145/3098954.3103158",

language = "English",

isbn = "978-1-4503-5257-4",

pages = "1--9",

booktitle = "FARES '17 Proceedings of the 12th International Workshop on Frontiers in Availability, Reliability and Security",

publisher = "ACM",

}

TY - GEN

T1 - Provisioning Software with Hardware-Software Binding

AU - Lee, Robert

AU - Markantonakis, Konstantinos

AU - Akram, Raja

PY - 2017/8/29

Y1 - 2017/8/29

N2 - Smart cities are a concept of interest to many industrial, academic and government organisations. However, smart cities present a large attack surface to adversaries if every traffic light, power relay and water pipe are connected to the internet. This paper describes the problem of distributing software in a smart city when strong protection of device software, software installation and update provision are required. A set of requirements for a secure software provisioning system is presented and two models for the software distribution are proposed. Three protocols for distributing software are presented that meet the requirements stated. A formal analysis using Tamarin Prover is described that proves the security of the proposed protocols. Finally, an implementation has been developed using a laptop and Raspberry Pi 3 to demonstrate the proposed protocols in action and the performance of them.

AB - Smart cities are a concept of interest to many industrial, academic and government organisations. However, smart cities present a large attack surface to adversaries if every traffic light, power relay and water pipe are connected to the internet. This paper describes the problem of distributing software in a smart city when strong protection of device software, software installation and update provision are required. A set of requirements for a secure software provisioning system is presented and two models for the software distribution are proposed. Three protocols for distributing software are presented that meet the requirements stated. A formal analysis using Tamarin Prover is described that proves the security of the proposed protocols. Finally, an implementation has been developed using a laptop and Raspberry Pi 3 to demonstrate the proposed protocols in action and the performance of them.

U2 - 10.1145/3098954.3103158

DO - 10.1145/3098954.3103158

M3 - Conference contribution

SN - 978-1-4503-5257-4

SP - 1

EP - 9

BT - FARES '17 Proceedings of the 12th International Workshop on Frontiers in Availability, Reliability and Security

PB - ACM

ER -