IoT devices are systematically vulnerable to vendor introduced bugs, network as well as supply chain attacks. Further, unprotected and unmonitored physical access is common while single board computer based IoT devices have limited or no ability to detect and mitigate most types of attacks. Various methods have been described that use software based analysis, execution monitoring, and other cryptographic functions but these methods are not practical for small devices and often require modifications or additions to a simple sensor board that uses more power and is itself vulnerable to software bugs. Also, additional software space for non-mission code is difficult or not possible to add. This paper describes a novel light weight method to detect a compromise or abnormal behavior through the monitoring of readable and writable hardware elements on the device. An example prototype is described using an Arduino class device, common for many commercial sensing applications.
|