1 / 31

Hardware Support for Trustworthy Systems

Hardware Support for Trustworthy Systems. Ted Huffmire ACACES 2012 Fiuggi , Italy. Disclaimer. The views presented in this course are those of the speaker and do not necessarily reflect the views of the United States Department of Defense. About Me. Assistant Professor of CS at NPS

spence
Download Presentation

Hardware Support for Trustworthy Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Hardware Support for Trustworthy Systems Ted Huffmire ACACES 2012 Fiuggi, Italy

  2. Disclaimer • The views presented in this course are those of the speaker and do not necessarily reflect the views of the United States Department of Defense.

  3. About Me • Assistant Professor of CS at NPS • Research • Computer Architecture, Computer Security • Fast and Secure • Hardware-Oriented Security

  4. Course Overview • Lecture 1: Overview: Hardware-Oriented Security and Security Engineering • Lecture 2: Reconfigurable Security Primitives • Lecture 3: Apply Primitives to Memory Protection, Design Example • Lecture 4: Forward-Looking Problems

  5. Lecture 1 Overview • Hardware-Oriented Security • Security Engineering

  6. Hardware-Oriented Security • Hardware-Oriented Security • Security Engineering

  7. What is Hardware Security? • Many of the issues of hardware security are similar to traditional computer security • Anything can be hacked, but the attacker has finite resources. • Each security technique has tradeoffs.

  8. What is Hardware Security? • Foundry Trust • Intellectual Property • Operational Attacks • Developmental Attacks • System Assurance

  9. What is Hardware Security? • Interfaces • Composition • Metrics • Education

  10. Problems • Global Supply Chain of Integrated Circuits • System Assurance

  11. Confronting Security at the Hardware Level • Opportunities of the hardware level • Challenges of the hardware level

  12. A Brief Word About ‘Cyber’ • Beware of propaganda • Think critically

  13. Security Engineering • Hardware-Oriented Security • Security Engineering

  14. Security Engineering • Defending against skilled attackers is hard • Holistic view of entire system • Use the scientific method • Every security technique has tradeoffs

  15. Security Engineering • Assume the enemy will be in your networks • Increase the risk and cost for the adversary

  16. Security Engineering • Do not rely on security through obscurity • Principle of least privilege • Minimize system complexity

  17. Security Engineering • Reference monitor concept • Separation (of duties and system components)

  18. Security Engineering • Penetrate & patch vs. inherently trustworthy • Platform diversity • Checklists and hardening guides

  19. Security Engineering • Study past success • Secure defaults • Backups, recovery, and rollback

  20. Security Engineering • Important Considerations • Approaches to Security Engineering

  21. Rigorous Design Practices • Configuration management of tools/IP • Eliminate support for insecure legacy technology • Default configuration disables unnecessary services

  22. Rigorous Design Practices • Only develop the features needed • Debugging messages not in production code • Error messages that don’t reveal information

  23. Rigorous Design Practices • Secure coding practices • Use of formal security analysis and evaluation • Covert channel analysis • Side channel analysis

  24. Rigorous Design Practices • Protocol analysis • Robust protocols and authentication schemes • Is the implementation faithful to the spec? • Manage complexity. Reference monitor concept.

  25. Self-protection • Do not expose critical security functions to attack from other circuitry. • Examples

  26. Layered Dependencies • Security-critical circuitry must not depend on circuitry of lesser trustworthiness • In trusted software stack, applications depend on OS libraries, which depend on secure kernel

  27. Lecture 1 Reading • Secure Design • Reflections on Trusting Trust • http://dl.acm.org/citation.cfm?id=358210 • The Protection of Information in Computer Systems • http://www.acsac.org/secshelf/papers/protection_information.pdf • Design Principles for Security (NPS Technical Report) • http://www.cisr.us/downloads/techpubs/nps_cs_05_010.pdf

  28. Lecture 1 Reading • Secure Design • Design and verification of secure systems • http://dl.acm.org/citation.cfm?id=806586 • Shared Resource Matrix Methodology: An Approach to Identifying Storage and Timing Channels • http://dl.acm.org/citation.cfm?id=357374 • On the Buzzword ‘Security Policy’ • http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=130789

  29. Lecture 1 Reading • Hardware-Oriented Security and Trust • Trustworthy Hardware: Identifying and Classifying Hardware Trojans • http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=5604161 • Security Engineering • http://www.cl.cam.ac.uk/~rja14/book.html • Micro-Architectural Cryptanalysis • http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=4288047 • Physical Unclonable Functions for Device Authentication and Secret Key Generation • http://dl.acm.org/citation.cfm?id=1278484

  30. Lecture 1 Reading • Physical Attacks • Temperature Attacks • http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=4812164 • Information Leakage from Optical Emanations • http://dl.acm.org/citation.cfm?id=545189 • Differential Power Analysis • http://www.springerlink.com/content/kx35ub53vtrkh2nx/ • Keyboard Acoustic Emanations • http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=1301311

  31. Lecture 1 Reading • trust-HUB.org • http://trust-hub.org/ • Introduction to Hardware Security and Trust • http://springer.com/978-1-4419-8079-3 • Towards Hardware-Intrinsic Security • http://springer.com/978-3-642-14451-6

More Related