Have your PI and Eat it Too: Practical Security on a Low-cost Ubiquitous Computing Platform

Amit Vasudevan, Sagar Chaki, Proceedings of the 3rd IEEE European Symposium on Security and Privacy (EUROS&P), April 24-26, 2018.

Abstract: Robust security on a commodity low-cost and popular computing platform is a worthy goal for today's Internet of Things (IoT) and embedded ecosystems. We present the first practical security architecture on the Raspberry PI (PI), a ubiquitous and popular low-cost compute module. Our architecture and framework - called UBERPI - focuses on three goals which are keys to achieving practical security: commodity compatibility (e.g., runs unmodified Raspbian/Debian Linux) and unfettered access to platform hardware, performance (avg. 2%-6% overhead), and low trusted computing base and complexity (modular 5544 SLoC).We present a full implementation followed by a comprehensive evaluation and lessons learned. We believe that our contributions and findings elevate the PI into a next generation, secure, low-cost IoT embedded computing platform.