Scientific knowledge map · Paper #42
Reconciling Remote Attestation and Safety-Critical Operation on Simple IoT Devices
2018 · 55th Design Automation Conference (DAC)
- Theory
- protocol
Research question
What does the paper try to establish?
How can remote attestation preserve malware-detection value when its atomic memory scan can delay safety-critical work, yet making the scan interruptible creates opportunities for transient or self-relocating malware?
Central answer
What is the proposed answer?
There is no single cost-free reconciliation. The paper organizes a protocol design space around periodic self-measurement, randomized traversal, and lock-scheduled interruptible measurements; each changes freshness, false-negative probability, temporal consistency, availability, hardware assumptions, or communication requirements.
Evidence profile
Six dimensions, kept separate
The chart summarizes documented evidence and process. It is not a correctness probability, confidence score, or ranking, and no composite score is calculated.
LowMediumHighN/A = not assessed
A smaller value means less documented support for that dimension, not that the paper is false or unimportant.
- Epistemic evidence Medium
-
The complete paper offers explicit threat scenarios, timing evidence, and mechanism/probability analysis, but it is an invited synthesis without a new implementation, full formal proof, or independent evaluation.
Hashing cost and safety-critical fire-alarm example SMARM shuffled-measurement analysis Conclusions and tradeoff boundary - Auditability High
-
Checked-in author text with SHA-256/page count, an NSF copy, precise page anchors, and a DOI make all represented arguments directly inspectable.
Safety/security conflict, malware classes, and mitigation overview Official invited-paper publication identity - Production provenance Medium
-
Authorship, invited status, venue, date, DOI, and manuscript are documented; contributor roles, revision history, and exact source lineage are not.
Safety/security conflict, malware classes, and mitigation overview Official invited-paper publication identity - External scrutiny Medium
-
DAC publication establishes external exposure, but review reports, artifact review, and independent validation of the synthesis were not found.
Official invited-paper publication identity - Reception High
-
OpenAlex reported 12 citations on 2026-07-11; under the author-defined rule, more than 10 located citations is High.
Dated citation-count snapshot - Contribution significance Medium
-
The paper clearly exposes a safety/security conflict and organizes practical protocol choices, but it primarily synthesizes mechanisms developed across prior work.
Safety/security conflict, malware classes, and mitigation overview Conclusions and tradeoff boundary
Assessment: Ai draft author review pending · 2026-07-11 · rubric 0.2. These dimensions describe documented support and process, not truth, correctness, or a universal ranking. No composite score is calculated.
Top-down and bottom-up view
Hierarchical knowledge map
Collapse a branch for a top-level reading, or follow its source links and child nodes to audit the evidence and boundaries underneath it.
Remote attestation under safety-critical constraints
A protocol-level analysis of why atomic attestation threatens availability and why interruptibility threatens malware detection, with a taxonomy of imperfect mitigations.
Safety/security conflict, malware classes, and mitigation overview-
question Research question
research questionCan a simple IoT prover remain responsive to critical events while still producing a fresh, meaningful malware measurement?
Safety/security conflict, malware classes, and mitigation overview Hashing cost and safety-critical fire-alarm example -
contribution Central answer
analytical synthesisUse explicit tradeoffs among periodic self-measurement, randomized order, and progressive locking; no surveyed protocol dominates on freshness, detection, consistency, availability, and assumptions.
All-Lock, decreasing-lock, and increasing-lock protocols SMARM shuffled-measurement analysis ERASMUS and SeED self-measurement designs and assumptions -
protocol On-demand RA baseline
definedA verifier sends a fresh challenge, the prover computes an authenticated measurement over selected memory, returns it, and the verifier checks it against an admissible state.
RA approaches, on-demand protocol, and coverage assumptions -
threat model Malware and availability threats
definedTransient malware can leave between measurements, self-relocating malware can evade a predictable interruptible scan, and malware may trigger a nominally critical task to preempt attestation.
Transient, self-relocating, and interrupt-triggering malware -
assumption Mechanism-dependent assumptions
model dependentSolutions variously need secure keys and measurement code, memory-lock enforcement, secret scan order, protected clocks or counters, authenticated channels, and predictable verifier expectations.
RA approaches, on-demand protocol, and coverage assumptions All-Lock, decreasing-lock, and increasing-lock protocols ERASMUS and SeED self-measurement designs and assumptions -
method Mitigation design space comparative analysis
The paper compares three protocol families rather than presenting a single deployed system.
All-Lock, decreasing-lock, and increasing-lock protocols SMARM shuffled-measurement analysis ERASMUS and SeED self-measurement designs and assumptions-
protocol Progressive locking
specifiedAll-Lock freezes all memory; Dec-Lock releases measured blocks and targets start-time consistency; Inc-Lock progressively locks measured blocks and targets end-time consistency.
All-Lock, decreasing-lock, and increasing-lock protocols -
protocol Shuffled measurement
probability analyzedSMARM hides traversal order so roving malware cannot know which block is safe; one scan leaves escape probability near e^-1, so repeated independent scans reduce but do not eliminate false negatives.
SMARM shuffled-measurement analysis -
protocol Periodic self-measurement
comparative analysisERASMUS decouples measurement frequency from verifier collection; SeED makes reports prover-initiated but adds protected time/replay and expected-delivery requirements.
ERASMUS and SeED self-measurement designs and assumptions
-
-
claim group Main conclusions
analyticalAtomic scans can be dangerously slow, while interruptible or scheduled protocols exchange stronger availability for weaker or more assumption-heavy detection guarantees.
Hashing cost and safety-critical fire-alarm example Conclusions and tradeoff boundary -
evidence group Evidence basis
synthesis of prior resultsSupport consists of measured hashing costs, worked attack scenarios, cited probability analysis for shuffled measurement, and a structured comparison of existing mechanisms; no new prototype or formal proof is reported.
Hashing cost and safety-critical fire-alarm example SMARM shuffled-measurement analysis ERASMUS and SeED self-measurement designs and assumptions -
limitation group Limits of reconciliation
explicitSelf-measurement can be stale; shuffled scans need repetition; locking impairs writes; protected time and communication expectations add hardware and availability assumptions; on-demand RA remains necessary for maximum freshness.
All-Lock, decreasing-lock, and increasing-lock protocols SMARM shuffled-measurement analysis ERASMUS and SeED self-measurement designs and assumptions Conclusions and tradeoff boundary -
artifact group Artifacts
publication onlyFull author and NSF copies plus the DOI are public. The invited synthesis does not claim a new implementation, dataset, proof artifact, or reproduction package.
Safety/security conflict, malware classes, and mitigation overview Official invited-paper publication identity -
scrutiny External scrutiny
invited venue paperDAC publication provides external venue exposure, while the represented source is an invited analytical paper and public review reports were not located.
Official invited-paper publication identity -
lineage Relation to temporal consistency
documentedThe locking taxonomy and consistency vocabulary are drawn from the fuller treatment in paper
All-Lock, decreasing-lock, and increasing-lock protocols Conclusions and tradeoff boundary
Audit trail
Source index
Locators state the depth of the current audit. PDF page numbers, where present, are one-based file pages; metadata-, summary-, and abstract-bounded records explicitly identify their limitations.
- Safety/security conflict, malware classes, and mitigation overview Abstract and Section 1, PDF page 1
- RA approaches, on-demand protocol, and coverage assumptions Sections 2.1-2.3, PDF pages 1-2
- Hashing cost and safety-critical fire-alarm example Sections 2.4-2.5 and Figure 2, PDF pages 2-3
- Transient, self-relocating, and interrupt-triggering malware Section 2.5, PDF page 3
- All-Lock, decreasing-lock, and increasing-lock protocols Section 3.1, PDF pages 3-5
- SMARM shuffled-measurement analysis Section 3.2, PDF page 5
- ERASMUS and SeED self-measurement designs and assumptions Section 3.3, PDF pages 5-6
- Conclusions and tradeoff boundary Section 4, PDF page 6
- Official invited-paper publication identity DAC 2018, DOI 10.1145/3195970.3199853
- Dated citation-count snapshot OpenAlex reported 12 citing works on 2026-07-11