Practical analysis framework for software-based attestation scheme

Li Li, Hong Hu, Jun Sun, Yang Liu, Jin Song Dong

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Scopus citations


An increasing number of "smart" embedded devices are employed in our living environment nowadays. Unlike traditional computer systems, these devices are often physically accessible to the attackers. It is therefore almost impossible to guarantee that they are un-compromised, i.e., that indeed the devices are executing the intended software. In such a context, software-based attestation is deemed as a promising solution to validate their software integrity. It guarantees that the software running on the embedded devices are un-compromised without any hardware support. However, designing software-based attestation protocols are shown to be error-prone. In this work, we develop a framework for design and analysis of software-based attestation protocols. We first propose a generic attestation scheme that captures most existing software-based attestation protocols. After formalizing the security criteria for the generic scheme, we apply our analysis framework to several well-known software-based attestation protocols and report various potential vulnerabilities. To the best of our knowledge, this is the first practical analysis framework for software-based attestation protocols.

Original languageEnglish (US)
Title of host publicationFormal Methods and Software Engineering - 16th International Conference on Formal Engineering Methods, ICFEM 2014, Proceedings
EditorsStephan Merz, Jun Pang
PublisherSpringer Verlag
Number of pages16
ISBN (Electronic)9783319117362
StatePublished - 2014
Event16th International Conference on Formal Engineering Methods, ICFEM 2014 - Luxembourg, Luxembourg
Duration: Nov 3 2014Nov 5 2014

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Conference16th International Conference on Formal Engineering Methods, ICFEM 2014

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)


Dive into the research topics of 'Practical analysis framework for software-based attestation scheme'. Together they form a unique fingerprint.

Cite this