dTEE: A Declarative Approach to Secure IoT Applications Using TrustZone

Publication
Proc. of ACM/IEEE IPSN 2024

Internet of Things (IoT) applications have recently been widely used in safety-critical scenarios. To prevent sensitive information leaks, IoT device vendors provide hardware-assisted protections, called Trusted Execution Environments (TEEs), like ARM TrustZone. Programming aTEE-basedapplication requires separate code for two components, significantly slowing down the development process. Existing solutions tackle this issue by automatic code partition while not successfully applying it in two complicated scenarios: adding trusted logic and interactions with secure peripherals. We propose dTEE, a declarative approach to secure IoT applications based on TrustZone. dTEE proposes a rapid approach that enables developers to declare tiered-sensitive variables and functions of existing applications. Besides, dTEE automatically transforms device drivers into trusted ones. We evaluate dTEE on four real world IoT applications and seven micro-benchmarks. Results show that dTEE achieves high expressiveness for supporting 50% more applications than existing approaches and reduces 90% of the lines of code against handcrafted development.

Borui Li
Borui Li

Borui Li is a lecturer at the College of Computer Science and Engineering, Southeast University.

Yi Gao
Yi Gao
Professor

Yi Gao is an Professor at the College of Computer Science, Zhejiang University.

Wei Dong
Wei Dong
Professor

Wei Dong is currently a full Professor at the College of Computer Science, Zhejiang University.