Software-Based Remote Attestation for Safety-Critical Systems

Assuring system integrity to a remote communication partner through attestation is a security concept which also is very important for safety-critical systems facing security threats. Most remote attestation methods are based on integrity measurement mechanisms embedded in the underlying hardware or software (e.g. operating system). Alternatively, the application software can measure itself, whereas the security of this approach relies on obscurity of the measurement mechanism. There are several tools available to introduce such obscurity through automatic code transformations, but these tools cannot be applied to safety-critical systems, because automatic code transformations are difficult to justify during safety certification. We present a software-based remote attestation concept for safety-critical systems and apply it to an automation system case study. The attestation concept utilizes the safety-related black channel principle to allow the application of code protection tools in order to protect the attestation mechanism without increasing the safety certification effort for the system.