Secure software attestation for military telesurgical robot systems

Telesurgical robot systems (TRS) are often deployed in unattended environments such as battlefields or rural areas. Therefore, adversaries can easily access the devices, compromise the system, and install their own malware. If the integrity and health of the system software and configuration files are not verified before their usage, the safety and lives of the injured soldiers and patients may be in danger. Many existing software attestation mechanisms depend on the calculation delay to distinguish a correct memory image from a compromised system. We cannot directly apply this technique to transcontinental TRS when we consider the long transmission delay between the verifier and the prover. In this paper, we propose a software attestation mechanism that can distinguish between these two kinds of delay. A secure communication protocol among the verifier, telesurgical robot, and secure token of the remote medical personnel is designed. The safety of the approach is analyzed and its overhead is evaluated.