iMRC: Integrated Monitoring & Recovery Component,
a Solution to Guarantee the Security of Embedded Systems


Pierre-Henri Thevenon1+, Sébastien Riou2, Duc-Minh Tran3, Maxime Puys1, Nikolaos Foivos Polychronou1, Mustapha El Majihi1, and Camille Sivelle1

 

1Univ. Grenoble Alpes, CEA, LETI, DSYS, F-38000, Grenoble, France
{Pierre-Henri.Thevenon, Maxime.Puys, Nikolaos.Polychronou, Mustapha.Elmajihi, Camille Sivelle}@cea.fr

2Tiempo Secure, Montbonnot-Saint-Martin, F-38330, France
Sebastien.Riou@tiempo-secure.com

3Universite Paris-Saclay, CEA, LIST, Palaiseau, F-91120, France
Duc-Minh.Tran@cea.fr

 

Abstract

In recent years, the security of connected objects has become a real challenge. Indeed, more and more IoT devices are being built for increasingly critical applications and as shown by multiple famous botnet attacks such as Mirai, IoT devices are often poorly protected. In this paper, we introduce a new solution called iMRC (integrated Monitoring & Recovery Component) to improve the resilience of embedded systems in case of proven attacks. This innovative solution integrates a hardware component whose main function is to extract the hardware performance counters of the processor in order to be analyzed by the artificial intelligence of the control server. This one is able to remotely restore the devices to a known secure state upon detection of malwares or other abnormal behaviors. We define a use case based on a home automation network in which the iMRC component is added to a gateway. We implement a set of scripts reproducing malicious behaviors in order to test our detection capabilities and show that all malwares are detected within less than 20 seconds after the launch of a malware execution.

Keywords: IoT, IIoT, cybersecurity, resilience, AI, detection, secure element.

 

+: Corresponding author: Pierre-Henri Thevenon
CEA-Leti, 17 rue des Martyrs, 38054 GRENOBLE CEDEX 9, France

 

Journal of Internet Services and Information Security (JISIS), 12(2): 70-94, May 2022
Received: March 25, 2022; Accepted: May 6, 2022; Published: May 31, 2022

DOI: 10.22667/JISIS.2022.05.31.070 [pdf]