hardware support for trustworthy systems
DESCRIPTION
Hardware Support for Trustworthy Systems. Ted Huffmire ACACES 2012 Fiuggi , Italy. Disclaimer. The views presented in this course are those of the speaker and do not necessarily reflect the views of the United States Department of Defense. About Me. Assistant Professor of CS at NPS - PowerPoint PPT PresentationTRANSCRIPT
![Page 1: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/1.jpg)
Hardware Support for Trustworthy Systems
Ted HuffmireACACES 2012Fiuggi, Italy
![Page 2: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/2.jpg)
Disclaimer
• The views presented in this course are those of the speaker and do not necessarily reflect the views of the United States Department of Defense.
![Page 3: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/3.jpg)
About Me
• Assistant Professor of CS at NPS• Research
– Computer Architecture, Computer Security– Fast and Secure– Hardware-Oriented Security
![Page 4: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/4.jpg)
Course Overview
• Lecture 1: Overview: Hardware-Oriented Security and Security Engineering
• Lecture 2: Reconfigurable Security Primitives• Lecture 3: Apply Primitives to Memory
Protection, Design Example• Lecture 4: Forward-Looking Problems
![Page 5: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/5.jpg)
Lecture 1 Overview
• Hardware-Oriented Security• Security Engineering
![Page 6: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/6.jpg)
Hardware-Oriented Security
• Hardware-Oriented Security• Security Engineering
![Page 7: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/7.jpg)
What is Hardware Security?
• Many of the issues of hardware security are similar to traditional computer security
• Anything can be hacked, but the attacker has finite resources.
• Each security technique has tradeoffs.
![Page 8: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/8.jpg)
What is Hardware Security?
• Foundry Trust• Intellectual Property• Operational Attacks• Developmental Attacks• System Assurance
![Page 9: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/9.jpg)
What is Hardware Security?
• Interfaces• Composition• Metrics• Education
![Page 10: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/10.jpg)
Problems
• Global Supply Chain of Integrated Circuits• System Assurance
![Page 11: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/11.jpg)
Confronting Security at the Hardware Level
• Opportunities of the hardware level• Challenges of the hardware level
![Page 12: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/12.jpg)
A Brief Word About ‘Cyber’
• Beware of propaganda• Think critically
![Page 13: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/13.jpg)
Security Engineering
• Hardware-Oriented Security• Security Engineering
![Page 14: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/14.jpg)
Security Engineering
• Defending against skilled attackers is hard• Holistic view of entire system• Use the scientific method• Every security technique has tradeoffs
![Page 15: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/15.jpg)
Security Engineering
• Assume the enemy will be in your networks• Increase the risk and cost for the adversary
![Page 16: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/16.jpg)
Security Engineering
• Do not rely on security through obscurity• Principle of least privilege• Minimize system complexity
![Page 17: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/17.jpg)
Security Engineering
• Reference monitor concept• Separation (of duties and system components)
![Page 18: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/18.jpg)
Security Engineering
• Penetrate & patch vs. inherently trustworthy• Platform diversity• Checklists and hardening guides
![Page 19: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/19.jpg)
Security Engineering
• Study past success• Secure defaults• Backups, recovery, and rollback
![Page 20: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/20.jpg)
Security Engineering
• Important Considerations• Approaches to Security Engineering
![Page 21: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/21.jpg)
Rigorous Design Practices
• Configuration management of tools/IP• Eliminate support for insecure legacy
technology• Default configuration disables unnecessary
services
![Page 22: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/22.jpg)
Rigorous Design Practices
• Only develop the features needed• Debugging messages not in production code• Error messages that don’t reveal information
![Page 23: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/23.jpg)
Rigorous Design Practices
• Secure coding practices• Use of formal security analysis and evaluation• Covert channel analysis• Side channel analysis
![Page 24: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/24.jpg)
Rigorous Design Practices
• Protocol analysis• Robust protocols and authentication schemes• Is the implementation faithful to the spec?• Manage complexity. Reference monitor
concept.
![Page 25: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/25.jpg)
Self-protection
• Do not expose critical security functions to attack from other circuitry.
• Examples
![Page 26: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/26.jpg)
Layered Dependencies
• Security-critical circuitry must not depend on circuitry of lesser trustworthiness
• In trusted software stack, applications depend on OS libraries, which depend on secure kernel
![Page 27: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/27.jpg)
Lecture 1 Reading
• Secure Design– Reflections on Trusting Trust
• http://dl.acm.org/citation.cfm?id=358210– The Protection of Information in Computer Systems
• http://www.acsac.org/secshelf/papers/protection_information.pdf
– Design Principles for Security (NPS Technical Report)• http://www.cisr.us/downloads/techpubs/
nps_cs_05_010.pdf
![Page 28: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/28.jpg)
Lecture 1 Reading
• Secure Design– Design and verification of secure systems
• http://dl.acm.org/citation.cfm?id=806586– Shared Resource Matrix Methodology: An
Approach to Identifying Storage and Timing Channels
• http://dl.acm.org/citation.cfm?id=357374– On the Buzzword ‘Security Policy’
• http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=130789
![Page 29: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/29.jpg)
Lecture 1 Reading
• Hardware-Oriented Security and Trust– Trustworthy Hardware: Identifying and Classifying
Hardware Trojans• http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=5604161
– Security Engineering• http://www.cl.cam.ac.uk/~rja14/book.html
– Micro-Architectural Cryptanalysis• http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=4288047
– Physical Unclonable Functions for Device Authentication and Secret Key Generation
• http://dl.acm.org/citation.cfm?id=1278484
![Page 30: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/30.jpg)
Lecture 1 Reading
• Physical Attacks– Temperature Attacks
• http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=4812164
– Information Leakage from Optical Emanations• http://dl.acm.org/citation.cfm?id=545189
– Differential Power Analysis• http://www.springerlink.com/content/kx35ub53vtrkh2nx/
– Keyboard Acoustic Emanations• http://ieeexplore.ieee.org/xpls/abs_all.jsp?
arnumber=1301311
![Page 31: Hardware Support for Trustworthy Systems](https://reader036.vdocuments.mx/reader036/viewer/2022062520/56816374550346895dd4501e/html5/thumbnails/31.jpg)
Lecture 1 Reading
• trust-HUB.org– http://trust-hub.org/
• Introduction to Hardware Security and Trust– http://springer.com/978-1-4419-8079-3
• Towards Hardware-Intrinsic Security– http://springer.com/978-3-642-14451-6