国科大密码学院王跃武研究员指导博士生史昊天,在22nd Annual IEEE International Conference on Sensing, Communication, and Networking(IEEE SECON)发表了题为“FBRoT: Transforming Flash Memory into Root of Trust for IoT Terminals”的研究论文。该研究聚焦于利用通用的闪存存储器,为缺乏专用安全硬件的物联网终端提供一个可靠的信任根。本次会议于2026年6月3日至5日于意大利比萨举行,研究成果在会议上进行了报告。
Abstract:With the popularity of IoT applications, their security has become a focus of academic and industrial attention. Root of trust (RoT) may ensure that only the correct image can be loaded onto to to mitigate the risk of malicious code intrusion. However, existing RoT solutions for the IoT terminals usually require the introduction of additional specific hardware. This does not meet the stringent size, cost, and power requirements of IoT terminal. In addition, some IoT terminals may be used for leasing, which requires their RoT to be able to be updated by the tenant. Existing RoT does not address the issue well. Therefore, this paper proposes an approach to build a RoT for IoT terminals using flash memory, named FBRoT. FBRoT implements the RoT security functions based on the computing power of NAND flash FTL (Flash translation layer). NAND flash is a versatile component for IoT terminals and usually used to store system image. Flash read and write operations for image loading must be performed by the FTL. So, the security functions of RoT cannot be bypassed easily. As a compute unit independent of the host device, FBRoT may isolate the potential malicious attacks from the host effectively. Since the implementation is based on reusing flash's inherent computing power, FBRoT does not need to introduce specialized security hardware. We have also designed a secure RoT update mechanism for FBRoT, which may make different IoT terminal tenants to build their own proprietary trust chains. Evaluation of the FBRoT prototype system shows that FBRoT incurs reasonable overhead, making it a practical security solution for resource-constrained IoT terminals.
论文信息:Haotian Shi, Siyuan Ma, Yuewu Wang, Lingguang Lei, Shijie Jia, Jiwu Jing.: “FBRoT: transforming flash memory into root of trust for IoT terminals,” in 22nd Annual IEEE International Conference on Sensing, Communication, and Networking (SECON). IEEE, 2026.
