Accompanying Material for C-FLAT: Control Flow Attestation for Embedded Systems Software
This archive contains the accompanying material for C-FLAT: Control Flow Attestation for Embedded Systems Software.
This repository contains the source code for the C-FLAT Runtime Tracer, Measurement engine, C-FLAT Library and the sample applications used for evaluation. It also contains our binary instrumentation tool for ARM binaries and pre-build kernel images of the sample applications instrumented with C-FLAT runnable on Raspberry Pi 2.
Note: Due to confidentiality reasons, we are unable to make the complete platform source code available in this release. It may, however, be open sourced in the future, in which case this README will be updated with information on how to access the complete source code.
Those wishing to reproduce C-FLAT on a Raspberry Pi 2 or other ARM-based board will need to provide the implementation for the bootloader and secure world kernel. In particular the kernel needs to provide:
Basic UART functionality and printf-style formatted printing (used through
debug()macros throughout the source code).
Dynamic memory allocation (through
free()). For the evaluation, we ported v3.0 of the Two-Level Segregated Fit memory allocator implementation by Matthew Conte to the Raspberry Pi 2
memset(). For the evaluation, we used the
memsetoptimized for the Raspberry Pi from Simon J. Halls copies-and-fills library.
binaries: Runnable pre-build kernel images for Raspberry Pi 2
instrumentation: instrumentation tool
library: C-FLAT Library code
runtime-tracer: Runtime Tracer Trampolines
measurement-engine: C-FLAT Measurement Engine
samples/syringe: Sample program and output discussed in paper
samples/soldering: Sample program and output discussed in technical report
- Raspberry Pi 2 Model B with Broadcom BCM2836 SoC and ARM Cortex-A7 CPU
- USB TO UART interface, such as Waveshare DVK512
Running the pre-built kernel images
The assume that the Raspberry Pi 2 SD card has been prepared with pre-compiled binaries of the current bootloader/GPU firmware available from the Raspberry Pi Foundation. The easiest way to obtain these is to install a prebuilt Raspbian image on the SD card using the offical instructions.
NOTE: WE DO NOT USE RASPBIAN LINUX IN THIS PROTOTYPE. THE ONLY THING NEEDED ARE THE FIRMWARE IMAGES NEEDED TO BOOT UP THE BOARD AND THE BARE-METAL KERNEL IMAGE REFERRED TO BELOW.
In order to seize control of the TrustZone secure world, the bootloader needs to
obtain control of the board while it’s still in secure mode. This can be
achieved by setting the
kernel_old=1 option in
config.txt on the Raspberry 2
With this done, the bare-metal
kernel.img can be loaded onto the Raspberry Pi
2 SD card:
$ cp binaries/kernel-<version>.img /boot/kernel.img
/boot is the boot partition of the Raspberry Pi 2 SD card.
Please make sure that
kernel.img is the only
.img file present. In
kernel7.img is NOT present on the SD card.
All implementations are only research prototypes!
Our code is NOT safe for production use! Please use it only for tests.
Copyright (c) 2016 Aalto University
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.