MobiSys 2025 Tock Tutorial

Tock, Secure Root-of-Trust, and IoT

We will be holding a full-day tutorial at MobiSys on the Tock Operating System. This event will take place on June 27, 2025.

The goal of this tutorial is to provide members of the mobile systems and computing community a contemporary guide to the foundations of security for modern computational systems.

The event is divided into four semi-independent sessions. The first session will allow participants to introduce themselves, their background, and their interest in secure devices and software.

Each of the subsequent technical sessions is a mixture of educational content and hands-on hardware experience. Over the course of the day, we will develop an end-to-end system which dynamically deploys signed, verified applications onto edge, microcontroller-class devices where the application will generate a stream of tamper-proof sensor readings for a cloud endpoint.

While participants are encouraged to attend for the full day, each session aims to be sufficiently standalone to allow “drop-ins” for different portions of the event.

Call For Lightning Introduction Talks

We encourage participants to submit one slide introducing themselves and their research area. During the first session of the tutorial we will invite participants who submitted a slide to introduce themselves, their background, and their interest in secure IoT operating systems. Our goal is to get better sense of the participants in the tutorial so we can facilitate a more interactive tutorial and adapt some of the content based on participant interest and background.

Please submit your slide here in either .pdf or .pptx form.

If capacity for the tutorial is reached priority will be given to participants who have submitted an introduction slide.

Session 0: Welcome, Getting Started, & Lightning Talks
Chair: Pat Pannuto, UC San Diego
Note: This session has a soft-start where tutorial organizers will be available for questions, support, etcetera at 8:45 that overlaps with breakfast and registration to help folks get set up and such. The main program begins at 9:00. Feel free to join as you are able throughout this session!
8:45	Setting up your development environment Get started if anyone needs help.
9:00	Welcome and Overview of the Day
9:10	Introduction Lightning Talks 1 slide / person, 2 minutes Tell us a bit about who you are and what your research area or background is. Slide submission info for attendees!
9:25	Introduction to Tock Key Tock features. Comparison to other OSes.

9:45	(15m) Coffee Break

Session 1: Roots of Trust
Chair: Kat Fox, zeroRISC
10:00	A Primer on Roots of Trust What is a RoT? Examples of RoTs you use already? (Directly, e.g. SecureEnclave; Indirectly, e.g. cloud) From top down: what does a RoT provide to platform/app developers? Why should they care? From bottom up: what hardware/software does a RoT require to operate? What makes one secure? Current advances/challenges in RoT development; open source ushering in a new era of secure HW + SW systems Q&A
10:30	TockOS as firmware for RoTs Who is using Tock in a RoT solution today? What components of a RoT does Tock provide? How does Tock go above and beyond e.g. bare metal RoT firmware? What does Tock's security model look like, and how does that fit with a RoT's security model? What can a mobile/edge device developer gain from learning about RoTs and Tock?
11:00	Interactive Session Explore Root of Trust features in Tock

12:00

Lunch

(Outside Restaurant with other Workshop and Tutorial participants)

Session 2: Dynamic Applications and Security-by-Policy
Chair: Viswajith Govinda Rajan, University of Virginia
14:00	A Policy-Based Approach to Secure and Flexible Platform Design Dynamic app loading architecture App identity in Tock What the Tock kernel can enforce Q&A
14:15	Interactive Session Basic interaction with multiple, static processes on Tock Process loading example Policy enforcement for dynamic apps

Session 2: Dynamic Applications and Security-by-Policy

Chair: Viswajith Govinda Rajan, University of Virginia

14:00

A Policy-Based Approach to Secure and Flexible Platform Design

Dynamic app loading architecture
App identity in Tock
What the Tock kernel can enforce

14:15

Interactive Session

Basic interaction with multiple, static processes on Tock
Process loading example
Policy enforcement for dynamic apps

Session 3: Networking, Secure Communications, and End-to-End Integration
Chair: Tyler Potyondy, UC San Diego
15:45	Thread Networking Primer What networking options does Tock provide? What is thread, why focus on it? How does thread work, how does Tock implement Thread? What can we do with Thread? How do Tock apps share a Thread network connection?
16:00	Interactive Session Basic interaction with Thread networking on Tock Running multiple processes which all use Thread
16:15	Security in distributed environments and End-to-End Examples What does trust look like across multiple endpoints? Edge, mobile, cloud? Scenario: Deploy app to collect trusted data Walk through security model/steps to: Get new app loaded on (semi-)trusted platforms Walk through security model/steps to: Have the app create authenticated sensor measurements, sent over untrusted network, to trusted cloud endpoint
16:30	Interactive Session (Implement scenarios above) Remote-load of a trusted app Demonstrate e2e signed data to cloud endpoint

17:00

Wrap-up, feedback, closing thoughts, and next steps with Tock.