Abstract:Verifying the integrity of embedded device characteristics is required to ensure secure operation of a device. One central challenge is to securely extract and store device-specific configurations for future verification. Existing device attestation schemes suffer from notable limitations, including a lack of standardization and a failure to encompass all hardware and software aspects inherent to a platform. This paper proposes an extension of the NSA Cybersecurity Directorate's Platform Attribute Certificate Creator (PACCOR) for the ESP32, a widely-used microcontroller series. Platform Attribute Certificates store device characteristics as per the Trusted Computing Group's Platform Certificate Profile. As of today, there is little research on hybrid attestation schemes utilizing Platform Attribute Certificates on embedded devices, which this work addresses. This paper presents a collection of attacks that can be detected using PACCOR4ESP. The toolkit extracts security-relevant information from an ESP32-S3, such as the firmware hash, bootloader hash, GPIO pin configuration, and a reference to the endorsement key of the secure element, and automatically embeds it into a Platform Attribute Certificate. Lastly, this work shows how PACCOR4ESP can be integrated with existing embedded device attestation frameworks, such as RAS, CRAFT, and SEDA.

What problem does this paper attempt to address?

### Problems the paper attempts to solve This paper aims to solve several key problems in the security attestation of embedded devices: 1. **Lack of standardization**: Existing embedded device attestation schemes lack uniform standards, resulting in poor interoperability and integration. This makes it difficult to uniformly manage the attestation between different platforms. 2. **Incomplete coverage of hardware and software characteristics**: Existing attestation methods fail to cover all platform - related hardware and software characteristics and cannot provide comprehensive device integrity assurance. 3. **Insufficient security**: Pure - software attestation schemes are vulnerable to attacks because they do not rely on secure hardware elements and the encryption keys stored therein. Although coprocessor - based attestation schemes are more secure, they are not common in low - end embedded devices and are costly. 4. **Insufficient application of Platform Attribute Certificates (PAC)**: Although PAC is a lightweight and secure method that can be used to verify the integrity of devices, it is currently less applied in the security attestation of embedded devices. ### Specific problem statements The paper pays special attention to the following problems: - **How to apply PAC to the security attestation of embedded devices**: By extending the NSA's Platform Attribute Certificate Creator (PACCOR) to make it suitable for the ESP32 microcontroller series, so as to achieve the integrity verification of embedded devices. - **How to ensure the integrity and non - tamperability of the attestation results**: Using PAC can ensure the integrity and authenticity of the attestation results. Even if the verifier's machine is compromised, the previous results can be guaranteed not to be tampered with. - **How to improve the compatibility and efficiency of the existing attestation frameworks**: By introducing the PAC standard, the existing attestation frameworks can better handle the hardware and software characteristics of devices and improve the efficiency of resource utilization. ### Solutions The paper proposes the following solutions: 1. **PACCOR4ESP**: Extend the PACCOR tool to support the ESP32 microcontroller, extract and embed the key security information of the device into PAC, including firmware hash, bootloader hash, GPIO pin configuration, etc. 2. **Security considerations**: Explore the effectiveness of PACCOR4ESP in detecting threats related to embedded devices, and show its resistance to firmware, ELF file, GPIO pin and non - repudiation attacks. 3. **Framework integration**: Analyze existing attestation frameworks (such as RAS, CRAFT, SEDA), and propose to integrate PAC into these frameworks to enhance the integrity assurance of the platform and help detect attacks against embedded devices. Through these contributions, the paper fills the research gap of PAC in the security attestation of embedded devices and provides a basis for future standardization and wide - spread application.

PACCOR4ESP: Embedded Device Security Attestation using Platform Attribute Certificates

Kcpa: Towards Sensitive Pointer Full Life Cycle Authentication for OS Kernels

SEDAT:Security Enhanced Device Attestation with TPM2.0

RASCv2: Enabling Remote Access to Side-Channels for Mission Critical and IoT Systems

Every Step You Take, I’ll Be Watching You: Practical StepAuth-Entication of RFID Paths

Design and implementation of a portable TPM scheme for general-purpose trusted computing based on EFI

SRACARE: Secure Remote Attestation with Code Authentication and Resilience Engine

Attestation Waves: Platform Trust via Remote Power Analysis

The Cost of OSCORE and EDHOC for Constrained Devices

A secured TPM integration scheme towards smart embedded system based collaboration network

Scalable Attestation Resilient to Physical Attacks for Embedded Devices in Mesh Networks

Caveat (IoT) Emptor: Towards Transparency of IoT Device Presence (Full Version)

ISC-FLAT: On the Conflict Between Control Flow Attestation and Real-Time Operations

MAG-PUFs: Authenticating IoT devices via electromagnetic physical unclonable functions and deep learning

UCCA: A Verified Architecture for Compartmentalization of Untrusted Code Sections in Resource-Constrained Devices

PARseL: Towards a Verified Root-of-Trust over seL4

Untrusted Code Compartmentalization for Bare Metal Embedded Devices

Exploring Power Side-Channel Challenges in Embedded Systems Security

System-on-Chip Platform Security Assurance: Architecture and Validation

A Security Framework for Increasing Data and Device Integrity in Internet of Things Systems

A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components