Sunday 09 March 2025
A team of researchers has developed a new approach to ensuring the integrity of software on low-end devices, which are increasingly vulnerable to attacks due to their limited resources and lack of robust security features.
These devices, such as smart home appliances or medical equipment, are often used in critical applications where reliability is paramount. However, they typically have limited processing power and memory, making it difficult to implement traditional security measures like encryption and secure boot mechanisms.
The new approach, called EILID (Execution Integrity for Low-End IoT Devices), uses a combination of hardware and software techniques to ensure that the code running on these devices is authentic and has not been tampered with. This is achieved by monitoring the flow of control within the program, ensuring that it follows a predetermined path and does not deviate from its intended behavior.
The system consists of two main components: EILIDsw (Software) and EILIDhw (Hardware). The software component is responsible for instrumenting the code to be executed, inserting additional instructions to monitor the flow of control. This includes checking the return addresses of functions, ensuring that they are valid and have not been tampered with.
The hardware component is responsible for providing a secure environment for the execution of the instrumented code. This includes ensuring that the device’s memory is protected from unauthorized access, and that any attempts to modify the program’s behavior are detected and prevented.
To evaluate the effectiveness of EILID, the researchers tested it on several real-world applications, including smart home devices and medical equipment. Their results showed that EILID was able to detect and prevent a range of attacks, including those designed to manipulate the control flow of the program.
The team believes that their approach has significant implications for the security of low-end devices, which are increasingly being used in critical applications where reliability is paramount. By providing a robust mechanism for ensuring the integrity of software on these devices, EILID could help prevent attacks and ensure the continued trustworthiness of these systems.
In addition to its potential impact on device security, EILID also has implications for the development of new secure programming languages and tools. The approach’s focus on monitoring control flow within programs could lead to the creation of more secure coding practices, which would benefit a wide range of applications beyond just low-end devices.
Cite this article: “Ensuring Integrity of Software on Low-End Devices with EILID”, The Science Archive, 2025.
Low-End Devices, Iot, Security, Integrity, Software, Hardware, Execution, Control Flow, Monitoring, Programming Languages
