On Securing Cloud-hosted Cyber-physical Systems Using Trusted Execution Environments
This addresses security issues for cloud control systems, though it appears incremental as it builds on existing TEE technology.
The paper tackles security and privacy concerns in cloud-hosted cyber-physical systems by proposing a novel control architecture based on Trusted Execution Environments, and validates its effectiveness using Intel SGX on a testbed system.
Recently, cloud control systems have gained increasing attention from the research community as a solution to implement networked cyber-physical systems (CPSs). Such an architecture can reduce deployment and maintenance costs albeit at the expense of additional security and privacy concerns. In this paper, first, we discuss state-of-the-art security solutions for cloud control systems and their limitations. Then, we propose a novel control architecture based on Trusted Execution Environments (TEE). We show that such an approach can potentially address major security and privacy issues for cloud-hosted control systems. Finally, we present an implementation setup based on Intel Software Guard Extensions (SGX) and validate its effectiveness on a testbed system.