On Securing Cloud-hosted Cyber-physical Systems Using Trusted Execution Environments
Abstract
Recently, cloud control systems have gained increasing attention from the research community as a solution to implement networked cyber-physical systems (CPSs). Such an architecture can reduce deployment and maintenance costs albeit at the expense of additional security and privacy concerns. In this paper, first, we discuss state-of-the-art security solutions for cloud control systems and their limitations. Then, we propose a novel control architecture based on Trusted Execution Environments (TEE). We show that such an approach can potentially address major security and privacy issues for cloud-hosted control systems. Finally, we present an implementation setup based on Intel Software Guard Extensions (SGX) and validate its effectiveness on a testbed system.
- Publication:
-
arXiv e-prints
- Pub Date:
- March 2021
- DOI:
- 10.48550/arXiv.2104.01011
- arXiv:
- arXiv:2104.01011
- Bibcode:
- 2021arXiv210401011N
- Keywords:
-
- Computer Science - Cryptography and Security;
- Electrical Engineering and Systems Science - Systems and Control