secure resource sharing for embedded protected module
play

Secure Resource Sharing for Embedded Protected Module Architectures - PowerPoint PPT Presentation

Mar 05, 2024 •217 likes •515 views

Secure Resource Sharing for Embedded Protected Module Architectures Jo Van Bulck imec-DistriNet, KU Leuven, Celestijnenlaan 200A, B-3001 Belgium MSc Thesis Presentation BELCLIV-CLUSIB, April 21, 2017 Jo Van Bulck Secure Resource Sharing for

  1. Secure Resource Sharing for Embedded Protected Module Architectures Jo Van Bulck imec-DistriNet, KU Leuven, Celestijnenlaan 200A, B-3001 Belgium MSc Thesis Presentation BELCLIV-CLUSIB, April 21, 2017 Jo Van Bulck Secure Resource Sharing for Embedded Protected Module Architectures MSc Thesis 1 / 20

  2. Introduction “Internet of Things [in]security keeps me up at night.” — Rob Joyce, NSA’s Tailored Access Operations chief (MIT Technology Review, January 2016). Jo Van Bulck Secure Resource Sharing for Embedded Protected Module Architectures MSc Thesis 2 / 20

  3. Introduction Source: https://www.ncta.com/platform/industry-news/infographic-the-growth-of-the-internet-of-things/ Jo Van Bulck Secure Resource Sharing for Embedded Protected Module Architectures MSc Thesis 3 / 20

  4. Introduction Motivation: Embedded Device Security TI MSP430: low-cost, low-power computing Runs ˜13 years on a single AA battery [Sea08] Single-address-space without memory protection Attacker can modify all code and data, and forge sensor readings or node identity http://martybugs.net/ electronics/msp430/ Jo Van Bulck Secure Resource Sharing for Embedded Protected Module Architectures MSc Thesis 4 / 20

  5. Introduction Motivation: Embedded Device Security TI MSP430: low-cost, low-power computing Runs ˜13 years on a single AA battery [Sea08] Single-address-space without memory protection Attacker can modify all code and data, and forge sensor readings or node identity http://martybugs.net/ electronics/msp430/ Protected Module Architectures: isolation and attestation Minimal (hardware-only) Trusted Computing Base Server/desktop: Intel SGX, ARM TrustZone Low-end embedded: SMART, TrustLite, TyTAN, Sancus Maene et al.: “Hardware-Based Trusted Computing Architectures for Isolation and Attestation”, 2017 [MGDC + 17]. Jo Van Bulck Secure Resource Sharing for Embedded Protected Module Architectures MSc Thesis 4 / 20

  6. Background: Protected Module Architectures Background: Protected Module Architectures Isolated execution in a single-address-space 0x000000 Unprotected memory Protected mem. Code Data ... 0xFFFFFF Jo Van Bulck Secure Resource Sharing for Embedded Protected Module Architectures MSc Thesis 5 / 20

  7. Background: Protected Module Architectures Background: Protected Module Architectures Isolated execution in a single-address-space Program counter based access control 0x000000 Unprotected memory Protected mem. Code From \ to Protected Unprotected Data Entry Code Data Protected r-x r-x rw- rwx ... Unprotected / other SM r-x r-- --- rwx 0xFFFFFF Strackx et al.: “Efficient Isolation of Trusted Subsystems in Embedded Systems”, 2010 [SPP10]. Jo Van Bulck Secure Resource Sharing for Embedded Protected Module Architectures MSc Thesis 5 / 20

  8. Background: Protected Module Architectures Background: Protected Module Architectures Isolated execution in a single-address-space Program counter based access control 0x000000 Unprotected memory Secure fully abstract compilation Protected mem. Code From \ to Protected Unprotected Secure stack Data Entry Code Data Fields Protected r-x r-x rw- rwx ... Unprotected / other SM r-x r-- --- rwx 0xFFFFFF Strackx et al.: “Efficient Isolation of Trusted Subsystems in Embedded Systems”, 2010 [SPP10]. Agten et al.: “Secure Compilation to Modern Processors”, 2012 [ASJP12]. Jo Van Bulck Secure Resource Sharing for Embedded Protected Module Architectures MSc Thesis 5 / 20

  9. Background: Protected Module Architectures Sancus PMA [NAD + 13, NVBM + 17] Zero-software TCB: extended openMSP430 instruction set Node SM 1 text section SM 1 data section Entry point Memory Unprotected Code & constants Unprotected Unprotected Protected data Next ID K N , SP , SM 1 ID SM 1 SM 1 metadata Protected Caller ID storage area K N Layout Key ID Noorman et al.: “Sancus 2.0: A Low-Cost Security Architecture for IoT Devices”, 2017 [NVBM + 17]. Jo Van Bulck Secure Resource Sharing for Embedded Protected Module Architectures MSc Thesis 6 / 20

  10. Background: Protected Module Architectures Sancus PMA [NAD + 13, NVBM + 17] Zero-software TCB: extended openMSP430 instruction set SM == unit of isolation + authentication: Remote attestation / secure linking Hardware-level cryptographic key + ID per SM Node SM 1 text section SM 1 data section Entry point Memory Unprotected Code & constants Unprotected Unprotected Protected data Next ID K N , SP , SM 1 ID SM 1 SM 1 metadata Protected Caller ID storage area K N Layout Key ID Noorman et al.: “Sancus 2.0: A Low-Cost Security Architecture for IoT Devices”, 2017 [NVBM + 17]. Jo Van Bulck Secure Resource Sharing for Embedded Protected Module Architectures MSc Thesis 6 / 20

  11. Research Objectives Secure Resource Sharing PMAs assume the presence of an attacker: � Strong HW-enforced security guarantees � No secure sharing of platform resources SM_A Unprotected R MMIO SM_B Jo Van Bulck Secure Resource Sharing for Embedded Protected Module Architectures MSc Thesis 7 / 20

  12. Research Objectives Secure Resource Sharing PMAs assume the presence of an attacker: � Strong HW-enforced security guarantees � No secure sharing of platform resources ⇒ Self-protecting “OS” modules to supplement HW: ↔ Monolithic privileged kernel ˜ Extreme microkernel idea SM_A Protected R SM_Server MMIO SM_B Jo Van Bulck Secure Resource Sharing for Embedded Protected Module Architectures MSc Thesis 7 / 20

  13. Logical File Access Control Sancus File System (SFS) System boundary SM A SM B SFS API Front-End Access Control Layer CFS API CFS API Shared Memory Flash Storage MMIO Serial Flash OR Back-End Back-End Drive Protected fi le system SMsfs boundary Jo Van Bulck Secure Resource Sharing for Embedded Protected Module Architectures MSc Thesis 8 / 20

  14. Logical File Access Control Sancus File System (SFS) System boundary UNIX like fi le system SM A SM B API (incl. chmod) SFS API Front-End Access Control Layer CFS API CFS API Shared Memory Flash Storage MMIO Serial Flash OR Back-End Back-End Drive Protected fi le system SMsfs boundary Jo Van Bulck Secure Resource Sharing for Embedded Protected Module Architectures MSc Thesis 8 / 20

  15. Logical File Access Control Sancus File System (SFS) System boundary UNIX like fi le system SM A SM B API (incl. chmod) SFS API Access control using sancus_get_caller_id Front-End Access Control Layer CFS API CFS API Shared Memory Flash Storage MMIO Serial Flash OR Back-End Back-End Drive Protected fi le system SMsfs boundary Jo Van Bulck Secure Resource Sharing for Embedded Protected Module Architectures MSc Thesis 8 / 20

  16. Logical File Access Control Sancus File System (SFS) System boundary UNIX like fi le system SM A SM B API (incl. chmod) SFS API Access control using sancus_get_caller_id Front-End Access Control Layer Pluggable private back-end encapsulating resource CFS API CFS API Shared Memory Flash Storage MMIO Serial Flash OR Back-End Back-End Drive Protected fi le system SMsfs boundary Jo Van Bulck Secure Resource Sharing for Embedded Protected Module Architectures MSc Thesis 8 / 20

  17. Logical File Access Control Example Scenario Jo Van Bulck Secure Resource Sharing for Embedded Protected Module Architectures MSc Thesis 9 / 20

  18. Logical File Access Control Discussion ⇒ Generic resource sharing mechanism SW-based access control guarantees: Build upon HW primitives (isolation + authentication) Non-persistent file protection Confined and explicit TCB : Principle of least privilege (˜ microkernel) Attestable via sancus verify Jo Van Bulck Secure Resource Sharing for Embedded Protected Module Architectures MSc Thesis 10 / 20

  19. Secure Scheduling Secure Multithreading Thread == synchronous control flow within address space Local thread context on call stack Conventional OS kernel saves CPU state on interrupt Jo Van Bulck Secure Resource Sharing for Embedded Protected Module Architectures MSc Thesis 11 / 20

  20. Secure Scheduling Secure Multithreading Thread == synchronous control flow within address space Local thread context on call stack Conventional OS kernel saves CPU state on interrupt PMA multithreading challenges: Unit of threading >> SM Compiler-generated sm entry asm stubs Inter-SM call/return flow integrity guards SM_A SM_Foo SM_Bar 1: call_foo 1.1: call_bar 1.1.1: illegal return to A Jo Van Bulck Secure Resource Sharing for Embedded Protected Module Architectures MSc Thesis 11 / 20

  21. Secure Scheduling Cooperative Scheduler Prototype ⇒ Scheduler SM interleaves multiple control flows Regis- Killed tered start_fct report_entry_violation register_thread_portal return from start_fct Running yield Finished Ready return from yield Jo Van Bulck Secure Resource Sharing for Embedded Protected Module Architectures MSc Thesis 12 / 20

  22. Secure Scheduling Threading-aware SMs ⇒ SM maintains at most one internal call stack per thread-ID SM_sched SM_foo SM_bar 1: ... 2: call_foo 3: get_cur_thr_id 5: return busy 4: cur_thr_id 6: yield 7: yield_get_next 8: continue 9: ... Jo Van Bulck Secure Resource Sharing for Embedded Protected Module Architectures MSc Thesis 13 / 20

  23. Secure Scheduling Example Scenario Jo Van Bulck Secure Resource Sharing for Embedded Protected Module Architectures MSc Thesis 14 / 20

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Secure Resource Sharing for Embedded Protected Module Architectures Jo Van Bulck, Job Noorman,

Secure Resource Sharing for Embedded Protected Module Architectures Jo Van Bulck, Job Noorman,

Secure Resource Sharing for Embedded Protected Module Architectures Jo Van Bulck, Job Noorman, Jan T obias Mhlberg and Frank Piessens August 24, 2015 Contents 1. Embedded Problem Domain 2. Protected Module Architectures 3.

511 views • 23 slides
Research Overview SBA Research Edgar R. Weippl Secure Information Sharing & Self Monitoring

Research Overview SBA Research Edgar R. Weippl Secure Information Sharing & Self Monitoring

Research Overview SBA Research Edgar R. Weippl Secure Information Sharing & Self Monitoring Amin Anjomshoaa, Vo Sao Khue, Nick Amirreza Tahamtan, Edgar Weippl Resource Sharing Resource Sharing Resource Sharing Integration with data

836 views • 45 slides
UTSA Hierarchical Secure Information and Resource Sharing in OpenStack Community Cloud Cyber

UTSA Hierarchical Secure Information and Resource Sharing in OpenStack Community Cloud Cyber

UTSA Hierarchical Secure Information and Resource Sharing in OpenStack Community Cloud Cyber Incident Response An Model for Information and Resource Sharing Amy(Yun) Zhang, Farhan Patwa, Ravi Sandhu, Bo Tang Institute for Cyber Security

522 views • 17 slides
UTSA Secure Information and Resource Sharing in Cloud Infrastructure as a Service Cyber Incident

UTSA Secure Information and Resource Sharing in Cloud Infrastructure as a Service Cyber Incident

UTSA Secure Information and Resource Sharing in Cloud Infrastructure as a Service Cyber Incident Response Models for Information and Resource Sharing Amy(Yun) Zhang, Ravi Sandhu Institute for Cyber Security University of Texas at San

704 views • 42 slides
UTSA Community-Based Secure Information and Resource Sharing in AWS Public Cloud Cyber Incident

UTSA Community-Based Secure Information and Resource Sharing in AWS Public Cloud Cyber Incident

UTSA Community-Based Secure Information and Resource Sharing in AWS Public Cloud Cyber Incident Response A Model for Information and Resource Sharing Amy(Yun) Zhang, Farhan Patwa, Ravi Sandhu Institute for Cyber Security University of Texas

578 views • 19 slides
UTSA Community-Based Secure Information and Resource Sharing in Azure Cloud IaaS Cyber Incident

UTSA Community-Based Secure Information and Resource Sharing in Azure Cloud IaaS Cyber Incident

UTSA Community-Based Secure Information and Resource Sharing in Azure Cloud IaaS Cyber Incident Response Models for Information and Resource Sharing Yun Zhang, Farhan Patwa , Ravi Sandhu Institute for Cyber Security University of Texas at

711 views • 20 slides
UTSA Information Sharing and Coordination Initiatives collaboration and coordination to

UTSA Information Sharing and Coordination Initiatives collaboration and coordination to

Secure Information and Resource Sharing in Cloud Infrastructure as a Service Cyber Incident Response Models for Information and Resource Sharing Amy(Yun) Zhang, Ram Krishnan, Ravi Sandhu Institute for Cyber Security University of Texas at San

219 views • 17 slides
Towards Availability and Real-Time Architectures G uarante es for Protected Module Architectures

Towards Availability and Real-Time Architectures G uarante es for Protected Module Architectures

Towards Availability and Real-Time Guarantees for Protected Module Towards Availability and Real-Time Architectures G uarante es for Protected Module Architectures Jo Van Bulck , Job Noorman, Jan T obias Mhlberg and Frank Piessens Jo Van

551 views • 32 slides
Embedded Systems Engineering VO + LU Overview The module Embedded Systems Engineering is split

Embedded Systems Engineering VO + LU Overview The module Embedded Systems Engineering is split

Embedded Systems Engineering VO + LU Overview The module Embedded Systems Engineering is split in 2 parts: Lectures: ESE VO (182.721) ECTS: 3.0 Web: http://ti.tuwien.ac.at/rts/teaching/courses/esevo Staff: Prof. Radu Grosu,

859 views • 7 slides
Embedded Systems Programming Trends of Embedded Systems (Module 2) Yann-Hang Lee Arizona State

Embedded Systems Programming Trends of Embedded Systems (Module 2) Yann-Hang Lee Arizona State

Embedded Systems Programming Trends of Embedded Systems (Module 2) Yann-Hang Lee Arizona State University yhlee@asu.edu (480) 727-7507 Summer 2014 Real-time Systems Lab, Computer Science and Engineering, ASU Trends of RT Embedded Systems

332 views • 10 slides
A Lightweight Secure Cyber Foraging Infrastructure for Resource-Constrained Devices Sachin Goyal

A Lightweight Secure Cyber Foraging Infrastructure for Resource-Constrained Devices Sachin Goyal

A Lightweight Secure Cyber Foraging Infrastructure for Resource-Constrained Devices Sachin Goyal and John Carter School of Computing University of Utah 1 Todays Computing Environments Small, embedded, mobile devices Ubiquitous

245 views • 22 slides
Architecture Michiel Van Beirendonck Outline 1. Motivation 2. Sancus Overview o Secure I/O

Architecture Michiel Van Beirendonck Outline 1. Motivation 2. Sancus Overview o Secure I/O

Responsiveness Guarantee for the Sancus Protected Module Architecture Michiel Van Beirendonck Outline 1. Motivation 2. Sancus Overview o Secure I/O & application case o 3. Objectives Attacker model & properties o 4. Design

420 views • 14 slides
Module 1- HIPAA Release of Protected Health Information not requiring Consent, Authorization or

Module 1- HIPAA Release of Protected Health Information not requiring Consent, Authorization or

Module 1- HIPAA Release of Protected Health Information not requiring Consent, Authorization or Opportunity for Objection Objectives Define the process for releasing Protected Health Information (PHI). Define the Agencies that can obtain the

675 views • 49 slides
A Security Kernel for Protected Module Architectures Alexandru Madalin Ghenea Master of

A Security Kernel for Protected Module Architectures Alexandru Madalin Ghenea Master of

1 A Security Kernel for Protected Module Architectures Alexandru Madalin Ghenea Master of Engineering: Computer Science Promotor: Prof. Frank Piessens Advisors: Jan Tobias Mhlberg Jo Van Bulck 2 Introduction Growing trend towards

513 views • 27 slides
A High Assurance Smart Meter Using Protected Module Architectures Jan Tobias Mhlberg

A High Assurance Smart Meter Using Protected Module Architectures Jan Tobias Mhlberg

empty An Implementation of A High Assurance Smart Meter Using Protected Module Architectures Jan Tobias Mhlberg jantobias.muehlberg@cs.kuleuven.be iMinds-DistriNet, KU Leuven, Celestijnenlaan 200A, B-3001 Belgium WISTP @ Heraklion,

915 views • 44 slides
Module 2. Site Conservation Planning for Protected Areas in Lao PDR (Background, Presentation and

Module 2. Site Conservation Planning for Protected Areas in Lao PDR (Background, Presentation and

See discussions, stats, and author profiles for this publication at: https://www.researchgate.net/publication/257363146 Module 2. Site Conservation Planning for Protected Areas in Lao PDR (Background, Presentation and Exercises) Book January

476 views • 33 slides
Designing asynchronous circuits with timing conditions Vision statement for possible CAD

Designing asynchronous circuits with timing conditions Vision statement for possible CAD

Designing asynchronous circuits with timing conditions Vision statement for possible CAD development under Workcraft Original document: A. Yakovlev, Synthesis from timing diagrams: rough notes and examples, Tech Memo, March 7, 1998; written on

683 views • 19 slides
HW/SW Codesign w/ FPGAs The Nature of HW/SW I ECE 522 Hardware Software Codesign with FPGAs

HW/SW Codesign w/ FPGAs The Nature of HW/SW I ECE 522 Hardware Software Codesign with FPGAs

HW/SW Codesign w/ FPGAs The Nature of HW/SW I ECE 522 Hardware Software Codesign with FPGAs Instructor: Prof. Jim Plusquellic Text: A Practical Introduction to Hardware/Software Codesign, 2nd Edition", Patrick Schaumont, Springer,

649 views • 10 slides
A Cycle-Based Synthesis algorithm for Reversible Logic Zahra Sasanian*, Mehdi Saeedi, Mehdi

A Cycle-Based Synthesis algorithm for Reversible Logic Zahra Sasanian*, Mehdi Saeedi, Mehdi

A Cycle-Based Synthesis algorithm for Reversible Logic Zahra Sasanian*, Mehdi Saeedi, Mehdi Sedighi, Morteza Saheb Zamani {sasanian, msaeedi, msedighi, szamani}@aut.ac.ir Quantum Design Automation Lab, Computer Engineering Department Amirkabir

442 views • 23 slides
CS137: Electronic Design Automation Day 5: April 12, 2004 Covering and Retiming 1 CALTECH

CS137: Electronic Design Automation Day 5: April 12, 2004 Covering and Retiming 1 CALTECH

CS137: Electronic Design Automation Day 5: April 12, 2004 Covering and Retiming 1 CALTECH CS137 Spring2004 -- DeHon Previously Cover (map) LUTs for minimum delay solve optimally Retiming for minimum clock period solve

433 views • 20 slides
Low Power Design Prof. Dr. J. Henkel CES - Chair for Embedded Systems KIT, Germany III. Battery

Low Power Design Prof. Dr. J. Henkel CES - Chair for Embedded Systems KIT, Germany III. Battery

Low Power Design Prof. Dr. J. Henkel CES - Chair for Embedded Systems KIT, Germany III. Battery Modeling Prof. Jrg Henkel, Low Power Design, SS2014 ces.itec.kit.edu 2 Course overview: topics Components

981 views • 34 slides
Neural Network Overlay Using FPGA DSP Blocks Lenos Ioannou and Suhaib A. Fahmy School of

Neural Network Overlay Using FPGA DSP Blocks Lenos Ioannou and Suhaib A. Fahmy School of

Neural Network Overlay Using FPGA DSP Blocks Lenos Ioannou and Suhaib A. Fahmy School of Engineering, University of Warwick, UK Introduction Long back-end tool compilation hinders rapid deployment of Neural Networks on FPGAs at the edge

96 views • 7 slides
Design for Testability Maurcio F. Aniche M.F.Aniche@tudelft.nl Controllability and

Design for Testability Maurcio F. Aniche M.F.Aniche@tudelft.nl Controllability and

Design for Testability Maurcio F. Aniche M.F.Aniche@tudelft.nl Controllability and Observability Controllability determines the work it takes to set up and run test cases and the extent to which individual functions and features of the

268 views • 16 slides
TDDE45 - Lecture 7: Testability Martin Sjlund Department of Computer and Information Science

TDDE45 - Lecture 7: Testability Martin Sjlund Department of Computer and Information Science

TDDE45 - Lecture 7: Testability Martin Sjlund Department of Computer and Information Science Linkping University 2020-10-06 Part I Testing What is testing? This course is not a course primarily in Software Testing (TDDD04 HT1).

310 views • 19 slides

More recommend