Sentinel: Secure Mode Profiling and Enforcement for Embedded Systems

By Paul D. Martin, David Russell, Aviel D. Rubin, Stephen Checkoway, and Malek Ben Salem.

In Proceedings of IoTDI. IEEE Computer Society/ACM, April 2018.


Embedded devices are designed to cover many possible use cases. In practice only a small subset of features may be used in a given deployment. As devices age, some features turn out to be security risks. We address these problems by creating Sentinel, a secure mode profiler for embedded devices. Sentinel uses a bus tapping interface to derive a partial control flow graph during device execution. This graph represents the subset of device modes actually observed during use. The control flow graph is generated without any prior knowledge of the device or its software and constitutes a security profile which can be used to audit device execution in order to detect attacks. The profile can be easily enforced by existing bus monitors with minor modifications.



  author =    {Paul D. Martin and David Russel and Malek Ben Salem
               and Stephen Checkoway and Avi Rubin},
  title =     {Sentinel: Secure Mode Profiling and Enforcement for
               Embedded Systems},
  booktitle = {Proceedings of the ACM/IEEE International Conference
               on Internet of Things Design and Implementation, 2018},
  editor =    {Olaf Landsiedel and Klara Nahrstedt},
  publisher = {ACM/IEEE},
  year =      2018,
  month =     apr,
  url =       {},