Abstract

In the recent past, technologies like Trusted Execution Environments (TEE) have emerged that provide sound security guarantees even against power adversaries exercising control over the privileged untrusted kernel. As such, TEEs have become the centrepiece to implementing critical operations in an embedded systems setting.

In modern IoT settings, physical attacks (like side-channel and fault attacks) are increasingly relevant. However, by physical characteristics (like electromagnetic shields) or software checks (memory encryption), TEEs defend against physical attacks on processors and memory chips. In this research, however, we demonstrate practical attack scenarios on TEEs using a new dimension: SoC system bus. We first unearth the fault characteristics of both aspects of the system bus- data bus and address bus. We then use these bus faults to mount an end-to-end attack on a commercial Trusted Execution Environment (Open Portable Trusted Execution Environment, or OP-TEE) implementation for embedded systems. Additionally, we also demonstrate loopholes in TEE specification (specifically GlobalPlatform API specification) as well as in Linux function return conventions that aid adversarial objectives.

Our research puts forth a vital perspective in the purview of embedded systems: development of (1) API specifications as well as (2) independent software implementations of TEEs for embedded systems need to be revisited keeping in mind an adversary which can fault not only the processor or memory, but also the system bus. Overall, this research reinforces the importance of considering not only the software implementation of abstract specification, but also the execution environment where the implementation is expected to operate.