In many IoT applications a compromised device can often bring down an entire system. For example, many industrial applications involve processes that must keep running to prevent disasters from occurring.
Sequitur Labs’ demo illustrates how Atmel® SMART | SAMA5D2-based devices with the ARM® TrustZone® and Sequitur CoreTEETM can be used to protect critical processes in industrial IoT, automotive and other “smart” IoT applications.
The demo begins with concurrent execution of processes running in both CoreTEE and Linux that controls the counters displayed on the small LCD screens. Pressing the “Hang Linux” button produces a visible crash of Linux on the LCD. Or, by using a mobile application, a code injection exploit is activated and is visible with a malware display on the large LCD. When kernel changes are detected, remediation occurs by means of rebooting to the last signed image of Linux. Note that applications running in the secure world continue to run unaffected by the Linux reboot.
Linux Crash, Linux reboot
When someone presses the “Hang Linux” button, viewers will witness a visible crash of Linux on the LCD. CoreTEE™ uses run-time integrity checking of the rich OS via ICM. When kernel changes are detected, remediation occurs by means of rebooting to the last signed image of Linux. Applications running in the secure world will continue to run unaffected by the Linux reboot.
Normal World: Crash Button was pushed, causing Linux to hang.
Secure World: Watchdog times out after Linux failed to respond.
Exploit: Code Injection
When someone uses the mobile application to activate the code injection exploit, viewers will see the malware display a banner on the large LCD followed by CoreTEE enforcing a restart of Linux. CoreTEE uses run-time integrity checking of the rich OS via ICM. When kernel changes are detected, remediation occurs by means of rebooting to the last signed image of Linux. Applications running in the secure world will continue to run unaffected by the Linux reboot.
Normal World: Linux experiencing a code injection exploit.
Specifically, the demonstration illustrates:
Concurrent Process Execution
How critical processes can run concurrently and reliably in CoreTEETM but separately, from processes in a rich OS such as Linux.
Real Time Integrity Checking
The use of Atmel’s Integrity Check Monitor (ICM) technology for checking the integrity of the rich OS, such as Linux.
How CoreTEE can protect processes from faults occurring in Linux such as faulty updates and crashed drivers.
The use of CoreTEE to prevent exploits originating from a mobile device.
Unique ability of CoreTEE to remediate failures within the rich OS while maintaining secured execution of trusted applications.
Pressing the button causes Linux to hang while CoreTEE continues to run. CoreTEE then restarts Linux.
Linux Counter LCD
This unsecure display is controlled by Linux. The counter increments by 1 every ~3 seconds as long as Linux is running. When Linux hangs/crashes, the display is frozen. When Linux restarts, this counter goes to zero and restarts.
CoreTEE Counter LCD
This is a secure display controlled in TrustZone. This display has 2 counters:
The “C” counter increments by 1 every ~3 seconds while CoreTEE is running.
The “R” counter increments by 1 every time Linux is restarted by CoreTEE.
This window shows a console for Linux. Messages display here while Linux is running.
This window shows a console for CoreTEE. Console messages display here while CoreTEE is running.