Verifying integrity of software execution in low-end micro-controller units (MCUs) is a well-known open problem. The central challenge is how to securely detect software exploits with minimal overhead, since these MCUs are designed for low cost, low energy and small size. Some recent work yielded inexpensive hardware/software co-designs for remotely verifying code and execution integrity. In particular, a means of detecting unauthorized code modifications and control-flow attacks were proposed, referred to as Remote Attestation (RA) and Control-Flow Attestation (CFA), respectively. Despite this progress, detection of data-only attacks remains elusive. Such attacks exploit software vulnerabilities to corrupt intermediate computation results stored in data memory, changing neither the program code nor its control flow. Motivated by lack of any current techniques (for low-end MCUs) that detect these attacks, in this paper we propose, implement and evaluate DIALED, the first Data-Flow Attestation (DFA) technique applicable to the most resource-constrained embedded devices (e.g., TI MSP430). DIALED works in tandem with a companion CFA scheme to detect all (currently known) types of runtime software exploits at fairly low cost.

翻译：低端微控制器单位(MCUs)软件执行的核查完整性是一个众所周知的未决问题,中心挑战是如何以最低管理费用安全地探测软件开发利用情况,因为这些管理单位的设计成本低、能量低、体积小,因为这些管理单位设计成本低、能量低、体积小,最近的一些工作产生了廉价的硬件/软件共同设计,用于远程核查代码和执行完整性,特别是提议了一种探测未经授权的代码修改和控制流程攻击的手段,分别称为遥控器(RA)和控制器(CFA),尽管取得了这一进展,但只发现数据攻击的情况仍然难以找到。这种攻击利用软件弱点来腐蚀中间计算存储在数据记忆中的结果,既不改变程序编码,也不改变其控制流程。由于缺少任何当前探测这些攻击的技术(低端 MCUs),我们在本文件中提议、实施和评价DIALED,即适用于资源最紧缺的嵌入装置(例如TI MSP430)的首种数据-低功能(DFA)技术。