{"id":"https://openalex.org/W3122803386","doi":"https://doi.org/10.1109/globecom42002.2020.9322370","title":"On Runtime Software Security of TrustZone-M Based IoT Devices","display_name":"On Runtime Software Security of TrustZone-M Based IoT Devices","publication_year":2020,"publication_date":"2020-12-01","ids":{"openalex":"https://openalex.org/W3122803386","doi":"https://doi.org/10.1109/globecom42002.2020.9322370","mag":"3122803386"},"language":"en","primary_location":{"id":"doi:10.1109/globecom42002.2020.9322370","is_oa":false,"landing_page_url":"https://doi.org/10.1109/globecom42002.2020.9322370","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"GLOBECOM 2020 - 2020 IEEE Global Communications Conference","raw_type":"proceedings-article"},"type":"preprint","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5021904060","display_name":"Lan Luo","orcid":"https://orcid.org/0000-0002-5627-3521"},"institutions":[{"id":"https://openalex.org/I106165777","display_name":"University of Central Florida","ror":"https://ror.org/036nfer12","country_code":"US","type":"education","lineage":["https://openalex.org/I106165777"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Lan Luo","raw_affiliation_strings":["University of Central Florida, Orlando, FL, USA"],"affiliations":[{"raw_affiliation_string":"University of Central Florida, Orlando, FL, USA","institution_ids":["https://openalex.org/I106165777"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5100333755","display_name":"Yue Zhang","orcid":"https://orcid.org/0000-0002-7786-0231"},"institutions":[{"id":"https://openalex.org/I159948400","display_name":"Jinan University","ror":"https://ror.org/02xe5ns62","country_code":"CN","type":"education","lineage":["https://openalex.org/I159948400"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Yue Zhang","raw_affiliation_strings":["College of Information Science and Technology, Jinan University, Guangzhou, Guangzhou, China"],"affiliations":[{"raw_affiliation_string":"College of Information Science and Technology, Jinan University, Guangzhou, Guangzhou, China","institution_ids":["https://openalex.org/I159948400"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5052179538","display_name":"Cliff C. Zou","orcid":"https://orcid.org/0000-0003-4229-6957"},"institutions":[{"id":"https://openalex.org/I106165777","display_name":"University of Central Florida","ror":"https://ror.org/036nfer12","country_code":"US","type":"education","lineage":["https://openalex.org/I106165777"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Cliff Zou","raw_affiliation_strings":["University of Central Florida, Orlando, FL, USA"],"affiliations":[{"raw_affiliation_string":"University of Central Florida, Orlando, FL, USA","institution_ids":["https://openalex.org/I106165777"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5074141748","display_name":"Xinhui Shao","orcid":null},"institutions":[{"id":"https://openalex.org/I76569877","display_name":"Southeast University","ror":"https://ror.org/04ct4d772","country_code":"CN","type":"education","lineage":["https://openalex.org/I76569877"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Xinhui Shao","raw_affiliation_strings":["School of Computer Science and Engineering, Southeast University, Nanjing, China"],"affiliations":[{"raw_affiliation_string":"School of Computer Science and Engineering, Southeast University, Nanjing, China","institution_ids":["https://openalex.org/I76569877"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5044255077","display_name":"Zhen Ling","orcid":"https://orcid.org/0000-0001-9691-8702"},"institutions":[{"id":"https://openalex.org/I76569877","display_name":"Southeast University","ror":"https://ror.org/04ct4d772","country_code":"CN","type":"education","lineage":["https://openalex.org/I76569877"]}],"countries":["CN"],"is_corresponding":false,"raw_author_name":"Zhen Ling","raw_affiliation_strings":["School of Computer Science and Engineering, Southeast University, Nanjing, China"],"affiliations":[{"raw_affiliation_string":"School of Computer Science and Engineering, Southeast University, Nanjing, China","institution_ids":["https://openalex.org/I76569877"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5063375840","display_name":"Xinwen Fu","orcid":"https://orcid.org/0000-0003-2391-7789"},"institutions":[{"id":"https://openalex.org/I106165777","display_name":"University of Central Florida","ror":"https://ror.org/036nfer12","country_code":"US","type":"education","lineage":["https://openalex.org/I106165777"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Xinwen Fu","raw_affiliation_strings":["University of Central Florida, Orlando, FL, USA"],"affiliations":[{"raw_affiliation_string":"University of Central Florida, Orlando, FL, USA","institution_ids":["https://openalex.org/I106165777"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":6,"corresponding_author_ids":["https://openalex.org/A5021904060"],"corresponding_institution_ids":["https://openalex.org/I106165777"],"apc_list":null,"apc_paid":null,"fwci":1.0875,"has_fulltext":false,"cited_by_count":11,"citation_normalized_percentile":{"value":0.83438028,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"1","last_page":"7"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9955000281333923,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9898999929428101,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/buffer-overflow","display_name":"Buffer overflow","score":0.786295473575592},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7696281671524048},{"id":"https://openalex.org/keywords/attack-surface","display_name":"Attack surface","score":0.754278302192688},{"id":"https://openalex.org/keywords/microcontroller","display_name":"Microcontroller","score":0.6929302215576172},{"id":"https://openalex.org/keywords/embedded-system","display_name":"Embedded system","score":0.632409393787384},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.5456495881080627},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.49845027923583984},{"id":"https://openalex.org/keywords/context","display_name":"Context (archaeology)","score":0.4519587755203247},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.42043831944465637},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.3642593026161194},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.20725670456886292},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.12464550137519836}],"concepts":[{"id":"https://openalex.org/C40842320","wikidata":"https://www.wikidata.org/wiki/Q19423","display_name":"Buffer overflow","level":2,"score":0.786295473575592},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7696281671524048},{"id":"https://openalex.org/C2776576444","wikidata":"https://www.wikidata.org/wiki/Q303569","display_name":"Attack surface","level":2,"score":0.754278302192688},{"id":"https://openalex.org/C173018170","wikidata":"https://www.wikidata.org/wiki/Q165678","display_name":"Microcontroller","level":2,"score":0.6929302215576172},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.632409393787384},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.5456495881080627},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.49845027923583984},{"id":"https://openalex.org/C2779343474","wikidata":"https://www.wikidata.org/wiki/Q3109175","display_name":"Context (archaeology)","level":2,"score":0.4519587755203247},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.42043831944465637},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.3642593026161194},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.20725670456886292},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.12464550137519836},{"id":"https://openalex.org/C86803240","wikidata":"https://www.wikidata.org/wiki/Q420","display_name":"Biology","level":0,"score":0.0},{"id":"https://openalex.org/C151730666","wikidata":"https://www.wikidata.org/wiki/Q7205","display_name":"Paleontology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1109/globecom42002.2020.9322370","is_oa":false,"landing_page_url":"https://doi.org/10.1109/globecom42002.2020.9322370","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"GLOBECOM 2020 - 2020 IEEE Global Communications Conference","raw_type":"proceedings-article"}],"best_oa_location":null,"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G1816119329","display_name":null,"funder_award_id":"2018YFB2100300,2018YFB0803400,2017YFB1003000","funder_id":"https://openalex.org/F4320335777","funder_display_name":"National Key Research and Development Program of China"},{"id":"https://openalex.org/G3736233273","display_name":null,"funder_award_id":"DE-EE0009152","funder_id":"https://openalex.org/F4320306084","funder_display_name":"U.S. Department of Energy"},{"id":"https://openalex.org/G4095914778","display_name":null,"funder_award_id":"U1736203,61877029,61972088,61532013","funder_id":"https://openalex.org/F4320335777","funder_display_name":"National Key Research and Development Program of China"},{"id":"https://openalex.org/G4746029074","display_name":null,"funder_award_id":"BK20190060","funder_id":"https://openalex.org/F4320322769","funder_display_name":"Natural Science Foundation of Jiangsu Province"},{"id":"https://openalex.org/G6093004338","display_name":null,"funder_award_id":"1931871,1915780","funder_id":"https://openalex.org/F4320306076","funder_display_name":"National Science Foundation"}],"funders":[{"id":"https://openalex.org/F4320306076","display_name":"National Science Foundation","ror":"https://ror.org/021nxhr62"},{"id":"https://openalex.org/F4320306084","display_name":"U.S. Department of Energy","ror":"https://ror.org/01bj3aw27"},{"id":"https://openalex.org/F4320322769","display_name":"Natural Science Foundation of Jiangsu Province","ror":"https://ror.org/01h0zpd94"},{"id":"https://openalex.org/F4320335777","display_name":"National Key Research and Development Program of China","ror":null}],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":12,"referenced_works":["https://openalex.org/W1985395048","https://openalex.org/W2108860402","https://openalex.org/W2686866989","https://openalex.org/W2960696436","https://openalex.org/W2963934162","https://openalex.org/W2969978901","https://openalex.org/W2986458967","https://openalex.org/W2993659480","https://openalex.org/W2995876284","https://openalex.org/W3008878014","https://openalex.org/W3016246341","https://openalex.org/W6676006331"],"related_works":["https://openalex.org/W2181627506","https://openalex.org/W3040945190","https://openalex.org/W2387089893","https://openalex.org/W2588479842","https://openalex.org/W3122803386","https://openalex.org/W2293245356","https://openalex.org/W2589805430","https://openalex.org/W2152749196","https://openalex.org/W4253678082","https://openalex.org/W2139419048"],"abstract_inverted_index":{"Internet":[0],"of":[1,65,105],"Things":[2],"(IoT)":[3],"devices":[4,16,37],"have":[5],"been":[6],"increasingly":[7],"integrated":[8],"into":[9],"our":[10],"daily":[11],"life.":[12],"However,":[13],"such":[14],"smart":[15],"suffer":[17],"a":[18,43],"broad":[19],"attack":[20,81],"surface.":[21],"Particularly,":[22],"attacks":[23,96,110,132],"targeting":[24],"the":[25,61,76,103,112,119,124],"device":[26],"software":[27,67,131],"at":[28],"runtime":[29],"are":[30,133],"challenging":[31],"to":[32,128],"defend":[33],"against":[34,97],"if":[35],"IoT":[36,56],"use":[38],"resource-constrained":[39],"microcontrollers":[40],"(MCUs).":[41],"TrustZone-M,":[42],"TrustZone":[44],"extension":[45],"for":[46,82],"MCUs,":[47],"is":[48],"an":[49],"emerging":[50],"security":[51,63,68],"technique":[52],"fortifying":[53],"MCU":[54],"based":[55],"devices.":[57],"This":[58],"paper":[59],"presents":[60],"first":[62],"analysis":[64],"potential":[66],"issues":[69],"in":[70,102],"TrustZone-M":[71,125],"enabled":[72],"MCUs.":[73],"We":[74,107],"explore":[75],"stack-based":[77],"buffer":[78],"overflow":[79],"(BOF)":[80],"code":[83],"injection,":[84],"return-oriented":[85],"programming":[86],"(ROP)":[87],"attack,":[88,91,94],"heap-based":[89],"BOF":[90],"format":[92],"string":[93],"and":[95],"Non-secure":[98],"Callable":[99],"(NSC)":[100],"functions":[101],"context":[104],"TrustZone-M.":[106],"validate":[108],"these":[109,130],"using":[111],"Microchip":[113],"SAM":[114],"L11":[115],"MCU,":[116],"which":[117],"uses":[118],"ARM":[120],"Cortex-M23":[121],"processor":[122],"with":[123],"technology.":[126],"Strategies":[127],"mitigate":[129],"also":[134],"discussed.":[135]},"counts_by_year":[{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":1},{"year":2022,"cited_by_count":5},{"year":2021,"cited_by_count":2},{"year":2020,"cited_by_count":1}],"updated_date":"2026-04-09T08:11:56.329763","created_date":"2025-10-10T00:00:00"}