REWIRE: Innovative approaches to firmware security

by SECURA,  

SECURA’s focus within the REWIRE project has been on advancing the security of firmware during run-time. Building upon our earlier contributions in design-time analysis, detailed in a previous blog post, we are now exploring innovative approaches to firmware security.

A significant aspect of our research involves the use of static binary instrumentation to modify the bytecode of firmware. This technique allows us to embed monitoring points within the firmware code, which serve as critical checkpoints to observe and report the control flow of the program’s execution. This level of detail in monitoring is invaluable for a comprehensive understanding and protection of vital firmware functions.

However, monitoring alone is not sufficient. It must be supported by an holistic secure design that can effectively process and make use of the gathered data. This is where REWIRE contributes and aims to make the difference in the domain of IoT and embedded systems security. REWIRE exploits and extends further the Keystone TEE and combines the qualities of attestation and isolated execution of process in enclaves. REWIRE designs and deploys in embedded devices “enclavanised” attestation agents – thus, operating within a trusted environment – which analyse the collected data to verify if a program is functioning as intended, thereby preventing misuse by malicious actors.

The incorporation of secure enclaves is a game-changer, creating isolated environments that shield critical operations and data from external threats. By situating the attestation agent within such an enclave, we significantly enhance the security of the analysis process, making it more challenging for attackers to interfere with or access sensitive data.

But how attestation and firmware monitoring points work together? Firmware monitoring, attestation agents, and secure enclaves form a comprehensive security design in REWIRE. The monitoring points allow for real-time and lightweight monitoring of firmware execution, while isolated attestation operation guarantees that attestation on the operational correctness of firmware is indisputable, as it strengthens it against unauthorized changes and cyber threats. This proactive approach is crucial for organizations to detect, analyze, and respond to potential security incidents in embedded systems effectively.

Nevertheless, this technology presents its own set of challenges, including the overhead caused by instrumentation and the complexity of integrating these methods into existing firmware architectures. Although there is complexity added due to monitoring points integration, the actual monitoring during runtime becomes way more efficient. In fact, runtime execution monitoring is the main technical challenge that undermines the runtime behavioral attestation technologies of reaching their potential and REWIRE aspires to change that! While the combination of static binary instrumentation with attestation agents in a secure enclave significantly enhances firmware security, it also demands continued development and refinement.

Leave a Reply