Secure Boot Process for Wireless Sensor Node

2010 International Conference on Computer Applications and Industrial Electronics (ICCAIE 2010), December 5-7, 2010, Kuala Lumpur, Malaysia

Secure Boot Process for Wireless Sensor Node L.H Adnan, Y.M. Yussoff, H. Hashim Centre of Computer Engineering Studies, Faculty of Electrical Engineering University Teknologi MARA Shah Alam, Malaysia

Abstract— The Wireless Sensor Node serves as one of the crucial components needed for various wireless applications and services in the modern environment. As Wireless Sensor Networks (WSN) becomes more popular due to benefits they bring such as in smart home systems, transportation, military and etc, security issues emerge because this platform generally exposed to too many potential threats such as physical attack. Common physical attack in WSN system is the initial boot phase of the device. Currently, most wireless sensor nodes only depend on software based security to prevent attacks on the system but due to it being currently widely deployed in critical areas such as the military and in health monitoring, software-based security is no longer adept. Generally, considering security in the design of the physical sensor together with software based security will enhance the security level of the sensor node and its overall system. While majority of available sensor node left the security issues to communications level, our work focus on securing the wireless sensor node and its credential information from physical types of attack. In this paper we propose a method to enhance the security features in the sensor node utilizing ARM11 32 bit processor with on-SOC memory and TrustZone. KeywordsüWSN; ARM11, TrustZone

I.

INTRODUCTION

Improvements in electronics, sensor, energy and communication technology have made possible the sensor platforms to approach several millimeters in dimension [1], become cheaper and also provide the means to deploy large number of sensors in a variety of conditions. This improvement represents significant changes over traditional sensors.

646

COMPARISON BETWEEN EXISTING WSN DEVICES Description ATmega128 Atmega processor

Cluster Node Proposed work

Create cluster head ARM11 microprocessor

1281

Method No hardware security Using AT97SC3203S TPM as secure chip TPM chip Using embedded security

This paper outlines the design of a secure boot process for wireless sensor node platform with higher security features. It focuses on the use of the ARM TrustZone technology provided by ARM to provide secure boot and secure the memory location from unintended access for wireless sensor node. This paper is organized as follows. Section 2 gives a brief overview of ARM TrustZone and ARM secure boot scheme and related technologies. At the end of section 2 references are made to related work on ARM TrustZone. In Section 3, requirements of secure boot process presented. In Section 4, we propose our sensor node design based on ARM11 TrustZone, where the preliminary considerations in the design are described in detail. Power-efficient hardware management strategies are also proposed for the sensor node. Finally, Section 5 gives the conclusion. II.

Wireless sensor network has a potential in a wide range of application areas such as military, health and home monitoring. These sensitive application areas need to be secure in terms of physical attack such as JTAG, bootstrap loader and etc [2]. Current popular method available in hardware layer security is using Trusted Platform Module (TPM) such as [3] and [4], but this method poses a number of implementation problems and challenges such as adding extra chip to the device. Table I clearly compare between existing WSN devices with proposed work.

978-1-4244-9055-4/10/$26.00 ©2010 IEEE

TABLE I. Node Type Mica2 Fleck3

ARM TRUSTZONE AND SECURE BOOT

In computer security, it is very important to make sure that only trusted software and hardware are running in the system especially in more critical areas like e-banking. To construct this environment, a chain of trust is established by validating each component of hardware and software from bottom up. Several years earlier, the Trusted Computing Group (TCG) released a set of specifications for devices which enable trusted computing. In a nutshell, TCG specifications enable a more secure computing environment to help protect and strengthened the platform against attacks, be it software attacks or physical attacks. Trusted computing, herein, refers to technologies that offer solutions to computer security through hardware enhancements and associated software modifications. In this respect, TCG has also produced an implementation of the published specification in the form of a security chip called the Trusted Platform Module (TPM). The TPM provides cryptographic functions and ensures that important information such as keys, passwords and digital certificates are stored in a shielded location where it is

safe from attacks. However, the TPM must be bound to the platform which makes it particularly suitable to be integrated onto a PC platform. For embedded and mobile applications, the TCG has released new specification, the Mobile Trusted Module (MTM), which introduces the concept of “secure boot” and supports the implementation of the MTM as functionality rather than a hardware implementation for the device. Nevertheless, the authors of [5] have identified specific problem areas in the MTM specifications which affect power consumption and performance of cryptographic functions, among others. Manufacturers of the ARM processors, on the other hand, have integrated the TPM-like features directly into the processor core with the objective of achieving the security goals of the TPM specifications. This done by implementing the ARM TrustZone. This approach has several advantages in that it provides a cost effective yet flexible implementation of the trust primitives. In addition to that it is able to support other cryptographic algorithms other than SHA-1 and RSA. Muhammad Amin et.al [6] in his paper also claims that the ARM TrustZone chip is the only trusted hardware that is designed for embedded appliances. The set of hardware-based security extension to the ARM processor core implemented in the TrustZone approach has been described in detail in [7] and [8]. This extension comes with TrustZone technology not only to secure the core processor but also the bus system such as bus fabric, memory and secure peripherals [Figure 1]. For on-chip memory, this controller will secure boot ROM, EPROM and On-chip SRAM by tying their AXI interconnect to secure state using TrustZone Memory Adapter (TZMA) such that it can be accessed only in secure mode. TrustZone Address Space Controller (TZASC) extends on-chip security to protect multiple regions of external memory and partitions this memory into secure and non-secure regions. Other on-chip peripherals such as TIMERS, GPIO and Watchdog can be dynamically secured using TrustZone Protection Controller.

memory. This boot up firmware contains the preinitialized configuration of the system before the OS take control. This type of attack happens when the attacker probes the on- board USB or serial interface. A secure boot implementation is needed to protect against this and one of the way is to put the boot-up firmware in more secure boot ROM [see Figure 1]which resides on the chip itself. This will ensure integrity of the code as this memory is a one time programming memory and will prevent the attacker from changing the firmware. Figure 2 shows the ARM TrustZone secure boot scheme. The secure boot scheme adds cryptographic checks to each stage of the secure world boot process. This process aims to assert the integrity of all images that run after device power on.

Figure 2: Secure Boot

One related work using ARM TrustZone technology by the authors of [9] focused on embedded Linux-based platforms. They rely on a secure boot loader as the root of trust for the system. The task of this boot loader is to authenticate the secure-world Linux kernel image together with any kernel parameters, before handing over control to the Linux kernel. At the time of writing, this prototype platform used a slightly adapted version of “Das U-boot” as secure boot loader. The modified u-boot version is capable of measuring the Linux kernel image, its initial ramdisk and the kernel command line. Before control is handed over to the operating system kernel, these measurement values are compared to a Reference Integrity Metric (RIM) certificate to the kernel image. The boot process only continues if the kernel’s RIM certificate can be successfully validated. Another work [10] applied the TrustZone technology on a mobile ticketing system. The project aims at securing content of the mobile device from physical attack as the user performs online transactions over mobile environments. This technology will add another level of security within the core hardware of mobile device and would increase the level confidence of the consumers and manufacturers as they are able to offer better secure services to consumers. III. REQUIREMENT OF SECURE BOOT PROCESS In this section, we discuss the requirements of the secure boot process. Firstly, common vulnerability source in embedded system is the initial boot phase of the device. Solution to this problem related on two major inputs: the first boot code itself, whether the ‘secure boot’ solution is

Figure 1: Block Diagram of TrustZone System

One of the common methods used to attack a wireless sensor node is by reading or reprogramming the boot-up firmware in nonvolatile memory such as flash or on chip

647

trying to protect the boot code itself from loss, reverse engineering, and how the process of the boot can be secure. The first question is whether a ‘secure boot’ solution is actually protecting the boot code of the embedded device or system is depending on the location which the code is store. If this location is easily to be access or hack, the hacker will be able to access the code then use it for reverse-engineering purposes or understand the operation. Second question is related to how the process after the first boot can be secure. This question is a little bit more complicated. Some solutions use signature and hash value in the process so that the first boot process can only call the true image [Figure 2]. Other solutions attempt to limit changeable parameters in the device as it loads, so that no interruption can happen when boot process and substitute false commands by the attacker. IV. PROPOSED WORK This section brieftly discuss our proposed wireless sensor node concentrating on the security features only. The design will focus on the location of credential informations such as security keys and the system images. Based on the above requirement, we propose the design of wireless sensor networks. It consists of an embedded processor with TrustZone technology and on-SOC region. SAMSUNG’s S3C6410 is adopted as the embedded processor of the sensor node to support high processing power and hardware security. The 16/32-bit RISC microprocessor is developed using an ARM1176JZ-F core, 0.13 μm CMOS standard cells and designed to provide a cost-effective, low-power capabilities, high performance solution for general applications and embedded systems. It built for low-power applications and is suitable for cost sensitive and power sensitive applications. By providing a complete set of common system peripherals, the S3C6410 minimizes overall system costs and eliminates the need to configure additional components [11].

L0 Image Integrity (I0) =TRUE =1 L0 = I0 =TRUE (ROT)

Root of Trust On-SoC ROM Disable external interrupts Initialize TZMA

L1 Check the hash image of nd 2 BL before load. I1= 1: (H(BL2’) == H(BL2)) L1= TRUE if: I0 & I1 = TRUE

2nd Bootloader Initialize Basic Configuration Initilize TZPAC

L2 Load RTOS

H : Hash 1 : Boolean operator for TRUE X’ = new value generated X = value stored in memory

I2= 1: ( H(RTOS’) == H(RTOS)) Level 2= TRUE if: I0 & I1 & I2 = TRUE

Figure 3: Proposed Secure Boot Process

648

Figure 4: Secure block diagram

An important feature of S3C6410 is it provides the hardware security base which is the TrustZone technology. This technology aims to provide a security framework that enables a platform to counter potential threats.The primary security objective of the design is to secure the boot code of the system from physical attack because this firmware is the root of trust for the system. Apart from that, the design will also secure the main external memory using TZASC. In the proposed design, the sensor node will perform the secure boot process by booting up from “Boot Rom” location [Figure 4]. After the device power on, the core processor will boot from secure ROM to enter to secure state as the firmware will initialize the TZMA to secure on-chip memory.This process will disable all external interupts and check the integrity of the second bootloader residing on external flash by measuring the hash value of the image. Before control is handed to the second bootloader, these measurements are compared to the reference value residing in the secure EPROM. After the integrity checking and the image is correct, the control will be passed to the second bootloader. Second bootloader will initialize basic configuration and enable TZASC to partition the secure and non secure region of main memory. This process aims to check the confidentiality and integrity of the hardware and software to prevent any malicious code or modified software from being executed. S3C6410 also provides power management functions to make this platform more power efficient . It mainly consists of four modes: General Clock gating mode, IDLE mode, STOP mode, and SLEEP mode. General Clock Gating mode is used to control the ON/OFF of clocks for internal peripherals in S3C6410. The system will optimize the power consumption of S3C6410 by using this General Clock Gating mode by supplying clocks for peripherals that are required for a certain application. For example, if a timer is not required, then the user can disconnect the clock to the timer to reduce power. IDLE mode disconnects the ARMCLK only to CPU core while it supplies the clock to all peripherals. By using IDLE mode, the power consumed by the CPU core

is reduced. STOP mode freezes all clocks to the CPU as well as peripherals by disabling PLLs. The power consumption is only due to the leakage current in S3C6410. SLEEP mode disconnects the internal power. Therefore, the power consumption due to CPU and the internal logic except the wakeup logic will be zero. In order to use the SLEEP mode two independent power sources are required. One of the two power sources supplies the power for the wake-up logic. The other one supplies other internal logic including CPU, and must be controlled in order to be turned ON/OFF. In SLEEP mode, the source for the CPU comes from the second power supply and the internal logic will be turned off. V.

CONCLUSION

In this paper, we present a preliminary work on secure boot process by focussing on secure credential information. It consists of embedded processor with ARM TrustZone technology to provide hardware security and secure memory location. The design takes advantage of built-in-efficient power management strategies to minimize the power consumption of the sensor node by modifying the clocking option. In the future, we will implement this technique into wireless sensor node and look at ways how to verify our system from vulnerability. REFERENCES [1]

[2]

B. Warneke, M. Last, B. Liebowitz, and K. S. J. Pister, "Smart dust: communicating with a cubic-millimeter computer," Computer, vol. 34, pp. 44-51, 2001. A. Becher, Z. Benenson, and M. Dornseif, "Tampering with motes: Real-world physical attacks on wireless sensor networks,"

649

in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). vol. 3934 LNCS York, 2006, pp. 104-118. [3] W. Hu, P. Corke, W. C. Shih, and L. Overs, "SecFleck: A public key technology platform for wireless sensor networks," Cork, Ireland, 2009, pp. 296-311. [4] X. Mingdi, D. Ruiying, and Z. Huanguo, "A New Hierarchical Trusted Model for Wireless Sensor Networks," in Computational Intelligence and Security, 2006 International Conference on, 2006, pp. 1541-1544. [5] J. Grobschadl, T. Vejda, and D. Page, "Reassassing the TCG Specifications for Trusted Computing in Mobile Embedded Systems," in 1st IEEE Workshop on hardware-Oriented Security and Trust HOST2008, 2008, pp. 84-90. [6] M. Amin, S. Khan, T. Ali, and S. Gul, "Trends and Directions in Trusted Computing:Models, Architectures and Technologies," in International MultiConference of Engineers and Computer Scientists 2008, Hong Kong, 2008. [7] T. A. a. D. Felton., "TrustZone: Integrated Hardware and Software Security - Enabling Trusted Computing in Embedded Systems.," July 2004. [8] "ARM Ltd. TrustZone Technology Overview. Introduction available at: http://www.arm.com/products/processors/technologies/trustzone.p hp." [9] J. Winter, "Trusted computing building blocks for embedded linux-based ARM trustzone platforms," in Proceedings of the ACM Conference on Computer and Communications Security, 2008, pp. 21-30. [10] W. H. W. Hussin, P. Coulton, and R. Edwards, "Mobile ticketing system employing TrustZone technology," in Mobile Business, 2005. ICMB 2005. International Conference on, 2005, pp. 651654. [11] S. E. Inc., "SAMSUNG Electronics Data Manual."