Browse by author
Lookup NU author(s): Dr Carlton Shepherd
This work is licensed under a Creative Commons Attribution 4.0 International License (CC BY 4.0).
© 2024. Control-flow attestation unifies the worlds of control-flow integrity and platform attestation by measuring and reporting a target's run-time behaviour to a verifier. Trust assurances in the target are provided by testing whether its execution follows an authorised control-flow path. The problem has been explored in various settings, such as assessing the trustworthiness of cloud platforms, cyber–physical systems, and Internet of Things devices. Despite a significant number of proposals being made in recent years, the area remains fragmented, with different adversarial behaviours, verification paradigms, and deployment challenges being addressed. In this paper, we present the first survey of control-flow attestation, examining the core ideas and solutions in state-of-the-art schemes. In total, we survey over 30 papers published between 2016–2024, consolidate and compare their key features, and pose several challenges and recommendations for future research in the area.
Author(s): Sha Z, Shepherd C, Rafi A, Markantonakis K
Publication type: Article
Publication status: Published
Journal: Computers and Security
Year: 2025
Volume: 150
Print publication date: 01/03/2025
Online publication date: 07/12/2024
Acceptance date: 02/12/2024
Date deposited: 02/01/2025
ISSN (print): 0167-4048
ISSN (electronic): 1872-6208
Publisher: Elsevier Ltd
URL: https://doi.org/10.1016/j.cose.2024.104254
DOI: 10.1016/j.cose.2024.104254
Data Access Statement: No data was used for the research described in the article.
