Atlas: Application Confidentiality in Compromised Embedded Systems

Maene P, Götzfried J, Müller T, de Clercq R, Freiling F, Verbauwhede I (2018)

Publication Type: Journal article, Original article

Publication year: 2018


Publisher: Institute of Electrical and Electronics Engineers Inc.

DOI: 10.1109/TDSC.2018.2858257


Due to the requirements of the Internet-of-Things, modern embedded systems have become increasingly complex, running different applications. In order to protect their intellectual property as well as the confidentiality of sensitive data they process, these applications have to be isolated from each other. Traditional memory protection and memory management units provide such isolation, but rely on operating system support for their configuration. However, modern operating systems tend to be vulnerable and cannot guarantee confidentiality when compromised. We present Atlas, a hardware-based security architecture, complementary to traditional memory protection mechanisms, ensuring code and data confidentiality through transparent encryption, even when the system software has been exploited. Atlas relies on its zero-software trusted computing base to protect against system-level attackers and also supports secure shared memory. We implemented Atlas based on the LEON3 softcore processor, including toolchain extensions for developers. Our FPGA-based evaluation shows minimal cycle overhead at the cost of a reduced maximum frequency.

Authors with CRIS profile

Involved external institutions

How to cite


Maene, P., Götzfried, J., Müller, T., de Clercq, R., Freiling, F., & Verbauwhede, I. (2018). Atlas: Application Confidentiality in Compromised Embedded Systems. IEEE Transactions on Dependable and Secure Computing.


Maene, Pieter, et al. "Atlas: Application Confidentiality in Compromised Embedded Systems." IEEE Transactions on Dependable and Secure Computing (2018).

BibTeX: Download