Abstract

To mitigate the threat of malware intrusions on networked embedded systems, it is desirable to provide remote attestation assurances for them. Embedded systems have special limitations concerning cost, power efficiency, computation, and memory that influence how this goal can be achieved. Moreover, many types of applications require integrity guarantees for the system over an interval of time rather than just at a given instant. We propose a Cumulative Attestation Kernel (CAK) that addresses these concerns. We demonstrate the value of CAKs for Advanced Metering Infrastructure (AMI) and show how to implement a CAK in less than one quarter of the memory available on low end flash MCUs similar to those used in AMI deployments. Regarding this prototype, we present the first formal proof we are aware of that a system is tolerant to power supply interruptions. We also discuss how to provide cumulative attestation for devices with tighter memory constraints by offloading computation and storage onto a Cumulative Attestation Coprocessor (CAC).