Go to DBLP homepageTrusted Timing Services with Timeguard
Abstract: The importance of timing services in edge systems makes them a lucrative target for privileged adversaries. Mali-cious agents with Operating System (OS) privileges can stealthily manipulate timing services and provide altered timestamps to user applications. In this paper, we first demonstrate the ad-verse impact of time attacks on the accuracy of sensor fusion algorithms at the edge. Then, we introduce Timeg Uard, our proposed architecture that protects against time attacks and provides trusted time to user applications. Timeguard's design leverages the secure interrupt and memory primitives of trusted execution environments (TEEs) to bypass untrusted privileged software and acquire time securely. Yet, these secure primitives come at a high computational cost. Timeg Uardalso introduces a probabilistic security framework - bounded by a time error - to limit the cost of our timing service. We prototype our design on ARM TrustZone - the dominant secure architecture in edge systems, and evaluate the trade-off in security, accuracy, and system overhead. TIMEGUARD's secure performance ranges from a microsecond to tens of milliseconds at 3.9% and 1.2% CPU overhead respectively, catering to a variety of application requirements.
Loading