MMBnet 2017 - Proceedings of the 9th GI/ITG Workshop „Leistungs-, Verlässlichkeits- und Zuverlässigkeitsbewertung von Kommunikationsnetzen und Verteilten Systemen“

Nowadays, mathematical methods of systems and network monitoring, modeling, simulation, and performance, dependability and reliability analysis constitute the foundation of quantitative evaluation methods with regard to software-defined next-generation networks and advanced cloud computing systems. Considering the application of the underlying methodologies in engineering practice, these sophisticated techniques provide the basis in many different areas. The GI/ITG Technical Committee “Measurement, Modelling and Evaluation of Computing Systems“ (MMB) and its members have investigated corresponding research topics and initiated a series of MMB conferences and workshops over the last decades. Its 9th GI/ITG Workshop MMBnet 2017 „Leistungs-, Verlässlichkeits- und Zuverlässigkeitsbewertung von Kommunikationsnetzen und Verteilten Systemen“ was held at Hamburg University of Technology (TUHH), Germany, on September 14, 2017. The proceedings of MMBnet 2017 summarize the contributions of one invited talk and four contributed papers of young researchers. They deal with current research issues in next-generation networks, IP-based real-time communication systems, and new application architectures and intend to stimulate the reader‘s future research in these vital areas of modern information society

RealSWATT: Remote Software-Based Attestation for Embedded Devices under Realtime Constraints

Smart factories, critical infrastructures, and medical devices largely rely on embedded systems that need to satisfy realtime constraints to complete crucial tasks. Recent studies and reports have revealed that many of these devices suffer from crucial vulnerabilities that can be exploited with fatal consequences. Despite the security and safety-critical role of these devices, they often do not feature state-of-the-art security mechanisms. Moreover, since realtime systems have strict timing requirements, integrating new security mechanisms is not a viable option as they often influence the device's runtime behavior. One solution is to offload security enhancements to a remote instance, the so-called remote attestation.We present RealSWATT, the first software-based remote attestation system for realtime embedded devices. Remote attestation is a powerful security service that allows a party to verify the correct functionality of an untrusted remote device. In contrast to previous remote attestation approaches for realtime systems, RealSWATT does neither require custom hardware extensions nor trusted computing components. It is designed to work within real-world IoT networks, connected through Wi-Fi. RealSWATT leverages a dedicated processor core for remote attestation and provides the required timing guarantees without hardware extensions. We implement RealSWATT on the popular ESP32 microcontroller, and we evaluate it on a real-world medical device with realtime constraints. To demonstrate its applicability, we furthermore integrate RealSWATT into a framework for off-the-shelf IoT devices and apply it to a smart plug, a smoke detector, and a smart light bulb.}, booktitle = {Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Securit