Tock Logo

MobiSys 2025 Tock Tutorial

Tock, Secure Root-of-Trust, and IoT

We will be holding a full-day tutorial at MobiSys on the Tock Operating System. This event will take place on June 27, 2025.

The goal of this tutorial is to provide members of the mobile systems and computing community a contemporary guide to the foundations of security for modern computational systems.

The event is divided into four semi-independent sessions. The first session will allow participants to introduce themselves, their background, and their interest in secure devices and software.

Each of the subsequent technical sessions is a mixture of educational content and hands-on hardware experience. Over the course of the day, we will develop an end-to-end system which dynamically deploys signed, verified applications onto edge, microcontroller-class devices where the application will generate a stream of tamper-proof sensor readings for a cloud endpoint.

While participants are encouraged to attend for the full day, each session aims to be sufficiently standalone to allow “drop-ins” for different portions of the event.

Call For Lightning Introduction Talks

We encourage participants to submit one slide introducing themselves and their research area. During the first session of the tutorial we will invite participants who submitted a slide to introduce themselves, their background, and their interest in secure IoT operating systems. Our goal is to get better sense of the participants in the tutorial so we can facilitate a more interactive tutorial and adapt some of the content based on participant interest and background.

Please submit your slide here in either .pdf or .pptx form.

If capacity for the tutorial is reached priority will be given to participants who have submitted an introduction slide.

Times are estimates!

[1hr] Session 0: Welcome, Getting Started, & Lightning Talks
Chair: Pat Pannuto, UC San Diego
8:45 (5m) Welcome and Overview of the Day
8:50 (10m) Setting up your development environment
  • Get started if anyone needs help.
9:00 (25m) Introduction Lightning Talks
  • 1 slide / person, 2 minutes
  • Tell us a bit about who you are and what your research area or background is.
9:25 (20m) Introduction to Tock
  • Key Tock features.
  • Comparison to other OSes.
9:45 (10m) Coffee Break
[2hr] Session 1: Roots of Trust
Chair: Kat Fox, zeroRISC
10:00 (10m+10m) A Primer on Roots of Trust
  • What is a RoT?
  • Examples of RoTs you use already? (Directly, e.g. SecureEnclave; Indirectly, e.g. cloud)
  • From top down: what does a RoT provide to platform/app developers? Why should they care?
  • From bottom up: what hardware/software does a RoT require to operate? What makes one secure?
  • Tock + OpenTitan silicon RoT live demo
  • Current advances/challenges in RoT development; open source ushering in a new era of secure HW + SW systems
  • Q&A
10:30 (25m+5m) TockOS as firmware for RoT
  • Who is using Tock in a RoT solution today?
  • What components of a RoT does Tock provide?
  • How does Tock go above and beyond e.g. bare metal RoT firmware?
  • What does Tock's security model look like, and how does that fit with a RoT's security model?
  • What can a mobile/edge device developer gain from learning about RoTs and Tock?
11:00 (1h) Interactive Session
  • Explore Root of Trust features in Tock
12:00 [1h] Lunch
[1hr45m] Session 2: Dynamic Applications and Security-by-Policy
Chair: Viswajith Govinda Rajan, University of Virginia
13:00 (10m+5m) A Policy-Based Approach to Secure and Flexible Platform Design
  • Dynamic app loading architecture
  • App identity in Tock
  • What the Tock kernel can enforce
  • Q&A
13:15 (90m) Interactive Session
  1. Basic interaction with multiple, static processes on Tock
  2. Process loading example
  3. Policy enforcement for dynamic apps
14:45 [15m] Coffee Break
[1hr45m] Session 3: Networking and End-to-End Integration
Chair: Tyler Potyondy, UC San Diego
15:00 (10m+5m) Thread Networking Primer
  • What networking options does Tock provide?
  • What is thread, why focus on it?
  • How does thread work, how does Tock implement Thread?
  • What can we do with Thread?
  • How do Tock apps share a Thread network connection?
15:45 (30m) Interactive Session
  1. Basic interaction with Thread networking on Tock
  2. Running multiple processes which all use Thread
16:15 (10m+5m) End-to-end Examples / Security in distributed environments
  • What does trust look like across multiple endpoints? Edge, mobile, cloud?
  • Scenario: Deploy app to collect trusted data
  • (walk through security model/steps to): Get new app loaded on (semi-?)trusted(?) platform [maybe Signpost as motivating example?]
  • (walk through security model/steps to): Have the app create authenticated sensor measurements, sent over untrusted network, to trusted cloud endpoint
16:30 (30m) Interactive Session (Implement scenarios above)
  1. Remote-load of a trusted app
  2. Demonstrate e2e signed data to cloud endpoint
17:00 Wrap-up, feedback, etc