29
Hardware Security & Latest R&D

Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

  • Upload
    others

  • View
    1

  • Download
    0

Embed Size (px)

Citation preview

Page 1: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

Hardware Security & Latest R&D

Page 2: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

RISE Funders & Universities

Page 3: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

RISE Stakeholder Board (ISAB)

Page 4: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

Standards & RegulationPotential labelling scheme for consumer IoT products 

Page 5: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

Insecure ‘Smart’ Devices

Tech Republic’s list of the least secure connected devices - Feb 2018

Symantec IoT Report “InsecureRouters were the source of 75% of DDoS IoT attacks”- Apr 2019

Adapted from https://www.techrepublic.com/pictures/photos‐the‐11‐least‐secure‐connected‐devices/

Page 6: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

Source: F‐Secure, April 2019

2014

IoT Threats 2002-2018• Mirai• Hajime• IoT Reaper• Hide N Seek• VPNFilter

• Mirai• Hajime• IoT Reaper• Hide N Seek• VPNFilter

Page 7: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

The Internet of ‘Cloned’ Things

What about counterfeit devices and untrusted supply chains?• Globalisation of supply chains - use of overseas foundries, third party IP, third party test facilities

• Supply chains susceptible to a range of hardware-based security threats• Counterfeit devices could host malicious software, firmware or hardware

IEEE Spectrum, Oct 2013

Page 8: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

Threat of Hardware Trojans

First successful real-world FPGA hardware Trojan insertion into a commercial product

Journal of Cryptographic Engineering, Sept 2017

Page 9: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

The Big Hack (2018)

• Did it happen? No data• Is it technically plausible? Yes

Page 10: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

Recent Vulnerabilities – SCA’s

November 2018: New Meltdown- and Spectre-type transient execution attacks uncovered that affect Intel, AMD and ARM devices Canella et al. “A Systematic Evaluation of Transient Execution Attacks and Defenses”, arXiv preprint [CVBS+ 18] 

Meltdown, Jan 2018 Spectre, Jan 2018 Zombieload, May 2019

Page 11: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

RISE Spring School 2018 – Daniel Gruss

https://www.ukrise.org/springschool/programme/

Page 12: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

• How do we detect counterfeit devices?

• How do we detect manipulated devices?

• Is it possible to build attack-resilient hardware platforms?

• How do we deal with untrusted manufacturing processes & untrusted supply chains?

Major Research Challenges

Page 13: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

Need for Hardware Security

• Demand for Hardware Security research & innovation increasing with growing security needs in embedded & networking devices & cloud services

• A key driver is the Internet of Things (IoT) – everything is becoming a computer

• Multi-layered approach to security needed - establishing a trusted computing baseline that anchors trust in tamper-proof hardware

• A strong hardware security foundation essential for realising secure systems

Page 14: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

Vision for RISE

Page 15: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

RISE Research Challenges

Understanding Technologies Underpinning

Hardware Security

• State-of-the-art HW security primitives: TRNGs, PUFs• Novel HW analysis toolsets & techniques• Attack-resilient HW platforms, HW IP building blocks

Page 16: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

RISE Research Challenges

Maintaining Confidence in

Security Throughout

Product Lifecycle

• Confidence in Developing Secure HW Devices• Supply Chain Confidence • Modelling of HW Security

Page 17: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

RISE Research Challenges

• Combining Hardware Roots Of Trust (e.g. TPM, Tees) With Advanced Cryptographic Techniques (e.g. Identity- Or Attribute-based Encryption) To Offer Data-centric Security (e.g. Fido Alliance)

© https://fidoalliance.org

Novel HW Security

Use Cases & Value

Propositions

Can we develop novel applications based on hardware roots of trust?

Page 18: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

Development & Pull Through(Barriers to Adoption)

Ease of Development & ease of leveraging best security option

Education of Potential User/Developer base

Understanding Barriers to Adoption

RISE Research Challenges

Page 19: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

The RISE Projects

Page 20: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

DeepSecurity: Applying Deep Learning to Hardware Security• Global supply chains for electronic devices are now considered to be

susceptible to a range of hardware-based threats• Hardware Trojans• Intellectual Property piracy• Integrated circuit (IC) overproduction• Side Channel attacks

• Major security threats to military, medical, government, transportation etc. • The proposed project will apply a deep learning approach to investigate

two of these threats namely the use of deep-learning in the context of side-channel attacks (SCA) and hardware Trojans (HT).

• Utilisation of deep learning based verification processes in Electronic Design Automation tools to provide feedback to designers on security of designs.

Page 21: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

SCARV: A Side-Channel Hardened RISC-V Platform• RISC-V is an open source Instruction Set Architecture (ISA) design

• a specification for the instructions any compatible processor implementation should be able to execute, and the resources those instructions can access - the interface between the processor implementation (HW) and programs that execute on it (SW)

• Open source has resulted in rapid development of a rich support infrastructure including vibrant developer and user communities

• The research goals capitalise on this openness• Since RISC-V can be implemented by anyone, it is possible to develop a core

hardened against specific types of attack; the focus will be on the threat of SCAs.• Since RISC-V can be adapted by anyone, it is possible to develop various

cryptography-specific extensions of the ISA that offer e.g. higher efficiency.• An open "lab free" (i.e., cloud-based) acquisition and analysis workflow enabling easy

and efficient evaluation of side-channel security

Page 22: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

IOSEC: Protection and Memory Safety for Input/Output Security• Re-architect I/O systems with security as a primary design constraint. • Investigate the weaknesses of current I/O and propose safer alternatives

• A survey of state-of-the-art access-control protections in current HW and SW designs• Assess utilisation of Input/Output Memory Management Units (IOMMUs)

• Develop a corpus of vector-specific attack techniques which future defences must prevent or mitigate.

• New techniques to restructure CPU-to-I/O interconnects to provide a message-based abstraction for untrustworthy devices

• New distributed-memory protection, enabling greater control of device access to host memory while improving security-performance tradeoffs.

• Hardware-software co-design methodology and FPGA prototyping• Evaluation of performance, complexity, compatibility, and security metrics

Page 23: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

User-Controlled HW Security Anchors: Evaluation & Designs• Many modern processors are equipped with hardware extensions that

enable some kind of Trusted Execution Environment (TEE)• Primary objective is to promote and facilitate the adoption of TEE as the

main trust anchor for security architectures. • Evaluation of the security features of different TEE implementations including

assessment of cryptographic protocols, side-channel vulnerabilities, and implementation weaknesses.

• Strong hardware-based security mechanisms to improve both the strength and usability of authentication.

• Build an architecture for designing protocols and user experiences that leverage these hardware security primitives to enhance the security, manageability, and usability of user authentication

• Demonstration on suitable platforms including secure hardware, smart devices and integration with authentication tokens.

Page 24: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

Supplementary Projects

Page 25: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

rFAS - Reconfigurable FPGA Accelerator Sandboxing• A security infrastructure that allows trustworthy integration and execution

of partially reconfigurable FPGA hardware accelerators in a multi-tenant environment.

• A secure and encapsulated FPGA run-time environment that prevents modules from leaking information from other parts of a system or compromising the integrity of a system.

• This will be achieved through • traditional techniques such as memory protection mechanisms• a new configuration management unit that ensures encapsulation of partial modules

into allocated resources as well as through • a bitstream analysis tool (similar to a virus scanner known from software systems)

that detects malicious sections in FPGA configuration binaries to prevent configuration bitstreams of entering a system.

Page 26: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

TimeTrust: Robust Timing via Hardware Roots of Trust and Non-standard Hardware –with Application to EMV Contactless Payments

• Relay attacks are a vulnerability with the view to e.g. steal a car with passive keyless entries.

• TimeTrust project views the protection of ubiquitous systems against strong forms of relay attacks and other proximity/timing-related attacks, via the use and extension of hardware roots of trust (HWRoT), such as, Trusted Platform Modules (TPM).

• These usages/extensions of HWRoT view new combinations of timing capabilities with cryptographic primitives and trusted-computing mechanisms.

• TimeTrust has a strong focus on cryptographic proofs and formal analysis. The main use-case of TimeTrust is contactless electronic payments.

Page 27: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

GUPT: A Hardware-Assisted Secure & Private Data Analytics Service

• We increasingly rely on cyber-physical systems and online services based on “data-driven intelligence" requiring four important design properties

• Reliability• Real-time Performance• Scalability• Security & Privacy

• These use adhoc practices currently which are problematic and un-manageable• Proposal is to build an end-to-end system supporting design – development –

deployment of a wide range of data-driven intelligent applications (ML, data privacy & ethical experts)

Page 28: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

Safebet: Memory Capabilities to Safe, Aggressive Speculation in Processors

• We wish to explore the promising approach of capability-based protection on the micro-architectural speculation of complex out-of-order cores to mitigate new speculative side-channel attacks similar to Spectre.

• We will establish a specification framework to describe safe speculation in a microarchitecture, and a verification framework to explore the speculative abilities of processor cores.

Page 29: Hardware Security & Latest R&D · to Hardware Security • Global supply chains for electronic devices are now considered to be susceptible to a range of hardware-based threats •

www.ukrise.org | [email protected] | @UK_RISE

Thank you