Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
Hardware Security & Latest R&D
RISE Funders & Universities
RISE Stakeholder Board (ISAB)
Standards & RegulationPotential labelling scheme for consumer IoT products
Insecure ‘Smart’ Devices
Tech Republic’s list of the least secure connected devices - Feb 2018
Symantec IoT Report “InsecureRouters were the source of 75% of DDoS IoT attacks”- Apr 2019
Adapted from https://www.techrepublic.com/pictures/photos‐the‐11‐least‐secure‐connected‐devices/
Source: F‐Secure, April 2019
2014
IoT Threats 2002-2018• Mirai• Hajime• IoT Reaper• Hide N Seek• VPNFilter
• Mirai• Hajime• IoT Reaper• Hide N Seek• VPNFilter
The Internet of ‘Cloned’ Things
What about counterfeit devices and untrusted supply chains?• Globalisation of supply chains - use of overseas foundries, third party IP, third party test facilities
• Supply chains susceptible to a range of hardware-based security threats• Counterfeit devices could host malicious software, firmware or hardware
IEEE Spectrum, Oct 2013
Threat of Hardware Trojans
First successful real-world FPGA hardware Trojan insertion into a commercial product
Journal of Cryptographic Engineering, Sept 2017
The Big Hack (2018)
• Did it happen? No data• Is it technically plausible? Yes
Recent Vulnerabilities – SCA’s
November 2018: New Meltdown- and Spectre-type transient execution attacks uncovered that affect Intel, AMD and ARM devices Canella et al. “A Systematic Evaluation of Transient Execution Attacks and Defenses”, arXiv preprint [CVBS+ 18]
Meltdown, Jan 2018 Spectre, Jan 2018 Zombieload, May 2019
RISE Spring School 2018 – Daniel Gruss
https://www.ukrise.org/springschool/programme/
• How do we detect counterfeit devices?
• How do we detect manipulated devices?
• Is it possible to build attack-resilient hardware platforms?
• How do we deal with untrusted manufacturing processes & untrusted supply chains?
Major Research Challenges
Need for Hardware Security
• Demand for Hardware Security research & innovation increasing with growing security needs in embedded & networking devices & cloud services
• A key driver is the Internet of Things (IoT) – everything is becoming a computer
• Multi-layered approach to security needed - establishing a trusted computing baseline that anchors trust in tamper-proof hardware
• A strong hardware security foundation essential for realising secure systems
Vision for RISE
RISE Research Challenges
Understanding Technologies Underpinning
Hardware Security
• State-of-the-art HW security primitives: TRNGs, PUFs• Novel HW analysis toolsets & techniques• Attack-resilient HW platforms, HW IP building blocks
RISE Research Challenges
Maintaining Confidence in
Security Throughout
Product Lifecycle
• Confidence in Developing Secure HW Devices• Supply Chain Confidence • Modelling of HW Security
RISE Research Challenges
• Combining Hardware Roots Of Trust (e.g. TPM, Tees) With Advanced Cryptographic Techniques (e.g. Identity- Or Attribute-based Encryption) To Offer Data-centric Security (e.g. Fido Alliance)
© https://fidoalliance.org
Novel HW Security
Use Cases & Value
Propositions
Can we develop novel applications based on hardware roots of trust?
Development & Pull Through(Barriers to Adoption)
Ease of Development & ease of leveraging best security option
Education of Potential User/Developer base
Understanding Barriers to Adoption
RISE Research Challenges
The RISE Projects
DeepSecurity: Applying Deep Learning to Hardware Security• Global supply chains for electronic devices are now considered to be
susceptible to a range of hardware-based threats• Hardware Trojans• Intellectual Property piracy• Integrated circuit (IC) overproduction• Side Channel attacks
• Major security threats to military, medical, government, transportation etc. • The proposed project will apply a deep learning approach to investigate
two of these threats namely the use of deep-learning in the context of side-channel attacks (SCA) and hardware Trojans (HT).
• Utilisation of deep learning based verification processes in Electronic Design Automation tools to provide feedback to designers on security of designs.
SCARV: A Side-Channel Hardened RISC-V Platform• RISC-V is an open source Instruction Set Architecture (ISA) design
• a specification for the instructions any compatible processor implementation should be able to execute, and the resources those instructions can access - the interface between the processor implementation (HW) and programs that execute on it (SW)
• Open source has resulted in rapid development of a rich support infrastructure including vibrant developer and user communities
• The research goals capitalise on this openness• Since RISC-V can be implemented by anyone, it is possible to develop a core
hardened against specific types of attack; the focus will be on the threat of SCAs.• Since RISC-V can be adapted by anyone, it is possible to develop various
cryptography-specific extensions of the ISA that offer e.g. higher efficiency.• An open "lab free" (i.e., cloud-based) acquisition and analysis workflow enabling easy
and efficient evaluation of side-channel security
IOSEC: Protection and Memory Safety for Input/Output Security• Re-architect I/O systems with security as a primary design constraint. • Investigate the weaknesses of current I/O and propose safer alternatives
• A survey of state-of-the-art access-control protections in current HW and SW designs• Assess utilisation of Input/Output Memory Management Units (IOMMUs)
• Develop a corpus of vector-specific attack techniques which future defences must prevent or mitigate.
• New techniques to restructure CPU-to-I/O interconnects to provide a message-based abstraction for untrustworthy devices
• New distributed-memory protection, enabling greater control of device access to host memory while improving security-performance tradeoffs.
• Hardware-software co-design methodology and FPGA prototyping• Evaluation of performance, complexity, compatibility, and security metrics
User-Controlled HW Security Anchors: Evaluation & Designs• Many modern processors are equipped with hardware extensions that
enable some kind of Trusted Execution Environment (TEE)• Primary objective is to promote and facilitate the adoption of TEE as the
main trust anchor for security architectures. • Evaluation of the security features of different TEE implementations including
assessment of cryptographic protocols, side-channel vulnerabilities, and implementation weaknesses.
• Strong hardware-based security mechanisms to improve both the strength and usability of authentication.
• Build an architecture for designing protocols and user experiences that leverage these hardware security primitives to enhance the security, manageability, and usability of user authentication
• Demonstration on suitable platforms including secure hardware, smart devices and integration with authentication tokens.
Supplementary Projects
rFAS - Reconfigurable FPGA Accelerator Sandboxing• A security infrastructure that allows trustworthy integration and execution
of partially reconfigurable FPGA hardware accelerators in a multi-tenant environment.
• A secure and encapsulated FPGA run-time environment that prevents modules from leaking information from other parts of a system or compromising the integrity of a system.
• This will be achieved through • traditional techniques such as memory protection mechanisms• a new configuration management unit that ensures encapsulation of partial modules
into allocated resources as well as through • a bitstream analysis tool (similar to a virus scanner known from software systems)
that detects malicious sections in FPGA configuration binaries to prevent configuration bitstreams of entering a system.
TimeTrust: Robust Timing via Hardware Roots of Trust and Non-standard Hardware –with Application to EMV Contactless Payments
• Relay attacks are a vulnerability with the view to e.g. steal a car with passive keyless entries.
• TimeTrust project views the protection of ubiquitous systems against strong forms of relay attacks and other proximity/timing-related attacks, via the use and extension of hardware roots of trust (HWRoT), such as, Trusted Platform Modules (TPM).
• These usages/extensions of HWRoT view new combinations of timing capabilities with cryptographic primitives and trusted-computing mechanisms.
• TimeTrust has a strong focus on cryptographic proofs and formal analysis. The main use-case of TimeTrust is contactless electronic payments.
GUPT: A Hardware-Assisted Secure & Private Data Analytics Service
• We increasingly rely on cyber-physical systems and online services based on “data-driven intelligence" requiring four important design properties
• Reliability• Real-time Performance• Scalability• Security & Privacy
• These use adhoc practices currently which are problematic and un-manageable• Proposal is to build an end-to-end system supporting design – development –
deployment of a wide range of data-driven intelligent applications (ML, data privacy & ethical experts)
Safebet: Memory Capabilities to Safe, Aggressive Speculation in Processors
• We wish to explore the promising approach of capability-based protection on the micro-architectural speculation of complex out-of-order cores to mitigate new speculative side-channel attacks similar to Spectre.
• We will establish a specification framework to describe safe speculation in a microarchitecture, and a verification framework to explore the speculative abilities of processor cores.