RESERVE: Remote Attestation of Intermittent IoT devices

Abstract

Internet of Things (IoT) devices have enveloped our surroundings and have been increasingly deployed in many domains. Even though the IoT has generated unprecedented opportunities, the poorly secured design of IoT devices makes them an easy target for cyber attacks. Aimed at securing IoT devices, Remote Attestation (RA) is a security technique that identifies threat presence in IoT systems. Typically, RA is an atomic procedure that requires uninterrupted connectivity to execute. However, in energy harvesting context where intermittent IoT devices go into sleep mode immediately after regular operations, the atomic property is difficult to achieve. In this paper, we propose RESERVE, a novel lightweight RA protocol designed specifically for Intermittent IoT devices. RESERVE aims to improve the security of intermittent systems by detecting malware presence during online mode and guaranteeing with some probability software legitimacy during offline mode. In particular, RESERVE ensures trustworthiness by organizing the device's software into modules, and after regular operation each device attests as many modules as fit in its energy budget.