12 research outputs found
lLTZVisor: a lightweight TrustZone-assisted hypervisor for low-end ARM devices
Dissertação de mestrado em Engenharia Eletrónica Industrial e ComputadoresVirtualization is a well-established technology in the server and desktop space
and has recently been spreading across different embedded industries. Facing
multiple challenges derived by the advent of the Internet of Things (IoT) era,
these industries are driven by an upgrowing interest in consolidating and isolating
multiple environments with mixed-criticality features, to address the complex IoT
application landscape. Even though this is true for majority mid- to high-end
embedded applications, low-end systems still present little to no solutions proposed
so far.
TrustZone technology, designed by ARM to improve security on its processors,
was adopted really well in the embedded market. As such, the research community
became active in exploring other TrustZone’s capacities for isolation, like
an alternative form of system virtualization. The lightweight TrustZone-assisted
hypervisor (LTZVisor), that mainly targets the consolidation of mixed-criticality
systems on the same hardware platform, is one design example that takes advantage
of TrustZone technology for ARM application processors. With the recent
introduction of this technology to the new generation of ARM microcontrollers, an
opportunity to expand this breakthrough form of virtualization to low-end devices
arose.
This work proposes the development of the lLTZVisor hypervisor, a refactored
LTZVisor version that aims to provide strong isolation on resource-constrained
devices, while achieving a low-memory footprint, determinism and high efficiency.
The key for this is to implement a minimal, reliable, secure and predictable virtualization
layer, supported by the TrustZone technology present on the newest
generation of ARM microcontrollers (Cortex-M23/33).Virtualização é uma tecnologia já bem estabelecida no âmbito de servidores e
computadores pessoais que recentemente tem vindo a espalhar-se através de várias
indústrias de sistemas embebidos. Face aos desafios provenientes do surgimento
da era Internet of Things (IoT), estas indústrias são guiadas pelo crescimento
do interesse em consolidar e isolar múltiplos sistemas com diferentes níveis de
criticidade, para atender ao atual e complexo cenário aplicativo IoT. Apesar de
isto se aplicar à maioria de aplicações embebidas de média e alta gama, sistemas
de baixa gama apresentam-se ainda com poucas soluções propostas.
A tecnologia TrustZone, desenvolvida pela ARM de forma a melhorar a segurança
nos seus processadores, foi adoptada muito bem pelo mercado dos sistemas embebidos.
Como tal, a comunidade científica começou a explorar outras aplicações
da tecnologia TrustZone para isolamento, como uma forma alternativa de virtualização
de sistemas. O "lightweight TrustZone-assisted hypervisor (LTZVisor)",
que tem sobretudo como fim a consolidação de sistemas de criticidade mista na
mesma plataforma de hardware, é um exemplo que tira vantagem da tecnologia
TrustZone para os processadores ARM de alta gama. Com a recente introdução
desta tecnologia para a nova geração de microcontroladores ARM, surgiu uma
oportunidade para expandir esta forma inovadora de virtualização para dispositivos
de baixa gama.
Este trabalho propõe o desenvolvimento do hipervisor lLTZVisor, uma versão
reestruturada do LTZVisor que visa em proporcionar um forte isolamento em dispositivos
com recursos restritos, simultâneamente atingindo um baixo footprint de
memória, determinismo e alta eficiência. A chave para isto está na implementação
de uma camada de virtualização mínima, fiável, segura e previsível, potencializada
pela tecnologia TrustZone presente na mais recente geração de microcontroladores
ARM (Cortex-M23/33)
Secure and safe virtualization-based framework for embedded systems development
Tese de Doutoramento - Programa Doutoral em Engenharia Electrónica e de Computadores (PDEEC)The Internet of Things (IoT) is here. Billions of smart, connected devices are proliferating
at rapid pace in our key infrastructures, generating, processing and exchanging
vast amounts of security-critical and privacy-sensitive data. This strong connectivity
of IoT environments demands for a holistic, end-to-end security approach, addressing
security and privacy risks across different abstraction levels: device, communications,
cloud, and lifecycle managment.
Security at the device level is being misconstrued as the addition of features in a
late stage of the system development. Several software-based approaches such as
microkernels, and virtualization have been used, but it is proven, per se, they fail in
providing the desired security level. As a step towards the correct operation of these
devices, it is imperative to extend them with new security-oriented technologies
which guarantee security from the outset.
This thesis aims to conceive and design a novel security and safety architecture
for virtualized systems by 1) evaluating which technologies are key enablers for
scalable and secure virtualization, 2) designing and implementing a fully-featured
virtualization environment providing hardware isolation 3) investigating which "hard
entities" can extend virtualization to guarantee the security requirements dictated by
confidentiality, integrity, and availability, and 4) simplifying system configurability
and integration through a design ecosystem supported by a domain-specific language.
The developed artefacts demonstrate: 1) why ARM TrustZone is nowadays a reference
technology for security, 2) how TrustZone can be adequately exploited for
virtualization in different use-cases, 3) why the secure boot process, trusted execution
environment and other hardware trust anchors are essential to establish and
guarantee a complete root and chain of trust, and 4) how a domain-specific language
enables easy design, integration and customization of a secure virtualized
system assisted by the above mentioned building blocks.Vivemos na era da Internet das Coisas (IoT). Biliões de dispositivos inteligentes
começam a proliferar nas nossas infraestruturas chave, levando ao processamento
de avolumadas quantidades de dados privados e sensíveis. Esta forte conectividade
inerente ao conceito IoT necessita de uma abordagem holística, em que os riscos
de privacidade e segurança são abordados nas diferentes camadas de abstração:
dispositivo, comunicações, nuvem e ciclo de vida.
A segurança ao nível dos dispositivos tem sido erradamente assegurada pela inclusão
de funcionalidades numa fase tardia do desenvolvimento. Têm sido utilizadas diversas
abordagens de software, incluindo a virtualização, mas está provado que estas
não conseguem garantir o nível de segurança desejado. De forma a garantir a correta
operação dos dispositivos, é fundamental complementar os mesmos com novas tecnologias
que promovem a segurança desde os primeiros estágios de desenvolvimento.
Esta tese propõe, assim, o desenvolvimento de uma solução arquitetural inovadora
para sistemas virtualizados seguros, contemplando 1) a avaliação de tecnologias
chave que promovam tal realização, 2) a implementação de uma solução de virtualização
garantindo isolamento por hardware, 3) a identificação de componentes
que integrados permitirão complementar a virtualização para garantir os requisitos
de segurança, e 4) a simplificação do processo de configuração e integração da solução
através de um ecossistema suportado por uma linguagem de domínio específico.
Os artefactos desenvolvidos demonstram: 1) o porquê da tecnologia ARM TrustZone
ser uma tecnologia de referência para a segurança, 2) a efetividade desta tecnologia
quando utilizada em diferentes domínios, 3) o porquê do processo seguro de inicialização,
juntamente com um ambiente de execução seguro e outros componentes de
hardware, serem essenciais para estabelecer uma cadeia de confiança, e 4) a viabilidade
em utilizar uma linguagem de um domínio específico para configurar e integrar
um ambiente virtualizado suportado pelos artefactos supramencionados
Defense in Depth of Resource-Constrained Devices
The emergent next generation of computing, the so-called Internet of Things (IoT), presents significant challenges to security, privacy, and trust. The devices commonly used in IoT scenarios are often resource-constrained with reduced computational strength, limited power consumption, and stringent availability requirements. Additionally, at least in the consumer arena, time-to-market is often prioritized at the expense of quality assurance and security. An initial lack of standards has compounded the problems arising from this rapid development. However, the explosive growth in the number and types of IoT devices has now created a multitude of competing standards and technology silos resulting in a highly fragmented threat model. Tens of billions of these devices have been deployed in consumers\u27 homes and industrial settings. From smart toasters and personal health monitors to industrial controls in energy delivery networks, these devices wield significant influence on our daily lives. They are privy to highly sensitive, often personal data and responsible for real-world, security-critical, physical processes. As such, these internet-connected things are highly valuable and vulnerable targets for exploitation. Current security measures, such as reactionary policies and ad hoc patching, are not adequate at this scale. This thesis presents a multi-layered, defense in depth, approach to preventing and mitigating a myriad of vulnerabilities associated with the above challenges. To secure the pre-boot environment, we demonstrate a hardware-based secure boot process for devices lacking secure memory. We introduce a novel implementation of remote attestation backed by blockchain technologies to address hardware and software integrity concerns for the long-running, unsupervised, and rarely patched systems found in industrial IoT settings. Moving into the software layer, we present a unique method of intraprocess memory isolation as a barrier to several prevalent classes of software vulnerabilities. Finally, we exhibit work on network analysis and intrusion detection for the low-power, low-latency, and low-bandwidth wireless networks common to IoT applications. By targeting these areas of the hardware-software stack, we seek to establish a trustworthy system that extends from power-on through application runtime
Protecting applications using trusted execution environments
While cloud computing has been broadly adopted, companies that deal with sensitive data are still reluctant to do so due to privacy concerns or legal restrictions. Vulnerabilities in complex cloud infrastructures, resource sharing among tenants, and malicious insiders pose a real threat to the confidentiality and integrity of sensitive customer data. In recent years trusted execution environments (TEEs), hardware-enforced isolated regions that can protect code and data from the rest of the system, have become available as part of commodity CPUs. However, designing applications for the execution within TEEs requires careful consideration of the elevated threats that come with running in a fully untrusted environment. Interaction with the environment should be minimised, but some cooperation with the untrusted host is required, e.g. for disk and network I/O, via a host interface. Implementing this interface while maintaining the security of sensitive application code and data is a fundamental challenge.
This thesis addresses this challenge and discusses how TEEs can be leveraged to secure existing applications efficiently and effectively in untrusted environments. We explore this in the context of three systems that deal with the protection of TEE applications and their host interfaces:
SGX-LKL is a library operating system that can run full unmodified applications within TEEs with a minimal general-purpose host interface. By providing broad system support inside the TEE, the reliance on the untrusted host can be reduced to a minimal set of low-level operations that cannot be performed inside the enclave. SGX-LKL provides transparent protection of the host interface and for both disk and network I/O.
Glamdring is a framework for the semi-automated partitioning of TEE applications into an untrusted and a trusted compartment. Based on source-level annotations, it uses either dynamic or static code analysis to identify sensitive parts of an application. Taking into account the objectives of a small TCB size and low host interface complexity, it defines an application-specific host interface and generates partitioned application code.
EnclaveDB is a secure database using Intel SGX based on a partitioned in-memory database engine. The core of EnclaveDB is its logging and recovery protocol for transaction durability. For this, it relies on the database log managed and persisted by the untrusted database server. EnclaveDB protects against advanced host interface attacks and ensures the confidentiality, integrity, and freshness of sensitive data.Open Acces
Design Space Exploration and Resource Management of Multi/Many-Core Systems
The increasing demand of processing a higher number of applications and related data on computing platforms has resulted in reliance on multi-/many-core chips as they facilitate parallel processing. However, there is a desire for these platforms to be energy-efficient and reliable, and they need to perform secure computations for the interest of the whole community. This book provides perspectives on the aforementioned aspects from leading researchers in terms of state-of-the-art contributions and upcoming trends
HAL-ASOS - Linux com aceleração em hardware para sistemas operativos dedicados à aplicação
Programa doutoral em Engenharia Eletrónica e de Computadores (PDEEC) (especialidade de Informática Industrial e Sistemas Embebidos)O ecossistema de sistemas embebidos de hoje tornou-se enorme, cobrindo vários e diferentes sistemas,
exigindo desempenho e mobilidade completa enquanto atingem autonomias de bateria cada vez maiores.
Mas a crescente frequência de relógio que resultou em dispositivos cada vez mais rápidos começou a
estagnar antes dos transístores pararem de encolher. Plataformas Field Programmable Gate Array (FPGA)
são uma solução alternativa para a implementação de sistemas completos e reconfiguráveis. Fornecem
desempenho e eficiência computacional para satisfazer requisitos da aplicação e do sistema embebido.
Vários Sistemas Operativos (SO) assistidos por FPGA foram propostos, mas ao estreitar seu foco na síntese
do datapath do acelerador de hardware, a grande maioria ignora a integração semântica destes no
SO. Ambientes de síntese de alto nível (HLS) elevaram a abstração além da linguagem de transferência de
registo (RTL), seguindo uma abordagem específica de domínio enquanto misturam software e abstrações
de hardware ad hoc, que dificultam as otimizações. Além disso, os modelos de programação para software
e hardware reconfigurável carecem de semelhanças, o que com o tempo dificultará a Exploração
do Ambiente de Design (DSE) e diminuirá o potencial de reutilização de código. Para responder a estas
necessidades, propomos HAL-ASOS, uma ferramenta para implementar sistemas embebidos baseados
em Linux que fornece (1) elasticidade no design em conformidade com a natureza evolutiva deste SO, (2)
integração semântica profunda de tarefas de hardware nos modelos de programação do Linux, (3) facilidade
na gestão de complexidade através de metodologia e ferramentas para apoiar o design, verificação
e implementação, (4) orientada por princípios de design híbridos e eficiência no sistema. Para avaliar as
funcionalidades da ferramenta, foi implementado um aplicativo criptográfico que demonstra alcance de
desempenho enquanto se emprega a metodologia de design. Novos níveis de desempenho são atingidos
numa aplicação de Visão por Computador que explora recursos de programação assíncrona-síncrona. Os
resultados demonstram uma abordagem flexível na reconfiguração entre hardware e software, e desempenho
que aumenta consistentemente com acréscimo de recursos ou frequência de relógio.Today’s embedded systems ecosystem became huge while covering several and different computer-based
systems, demanding for performance and complete mobility while experiencing longer battery lives. But
the rampant frequency that resulted in faster devices began hitting a wall even before transistors stopped
shrinking. Field Programmable Gate Array (FPGA) platforms are an alternative solution towards implementing
complete reconfigurable systems. They provide computational power, efficiency, in a lightweight
solution to serve the application requirements and increase performance in the overall system. Several
FPGA-assisted Operating Systems (OS) have been proposed, but by narrowing their focus on datapath
synthesis of the hardware accelerator, they completely ignore the deep semantic integration of these accelerators
into the OS. State-of-the-art High-Level Synthesis (HLS) environments have raised the level of
abstraction beyond Register Transfer Language (RTL) by following a domain-specific approach while mixing
ad hoc software and hardware abstractions, making harder for performance optimizations. Furthermore,
the programming models for software and reconfigurable hardware lack commonalities, which in time will
hinder the Design Space Exploration (DSE) and lower the potential for code reuse. To overcome these
issues, we propose HAL-ASOS, a framework to implement Linux-based Embedded systems which provides
(1) elasticity by design to comply with the evolutive nature of Linux, (2) deep semantic integration of the
hardware tasks in the Linux programming models, (3) easy complexity management using methodology
and tools to fully support design, verification and deployment, (4) hybrid and efficiency-oriented design
principles. To evaluate the framework functionalities, a cryptographic application was implemented and
demonstrates performance achievements while using the promoted application-driven design methodology.
To demonstrate new levels of performance that can be achieved, a Computer Vision application
explores several mixed asynchronous-synchronous programming features. Experiments demonstrate a
flexible design approach in terms of hardware and software reconfiguration, and significant performance
that increases consistently with the rising in processing resources or clock frequencies.Financial support received from Portuguese Foundation for Science and Technology (FCT) with the PhD grant SFRH/BD/82732/2011
CACIC 2015 : XXI Congreso Argentino de Ciencias de la Computación. Libro de actas
Actas del XXI Congreso Argentino de Ciencias de la Computación (CACIC 2015), realizado en Sede UNNOBA Junín, del 5 al 9 de octubre de 2015.Red de Universidades con Carreras en Informática (RedUNCI
Anales del XIII Congreso Argentino de Ciencias de la Computación (CACIC)
Contenido:
Arquitecturas de computadoras
Sistemas embebidos
Arquitecturas orientadas a servicios (SOA)
Redes de comunicaciones
Redes heterogéneas
Redes de Avanzada
Redes inalámbricas
Redes móviles
Redes activas
Administración y monitoreo de redes y servicios
Calidad de Servicio (QoS, SLAs)
Seguridad informática y autenticación, privacidad
Infraestructura para firma digital y certificados digitales
Análisis y detección de vulnerabilidades
Sistemas operativos
Sistemas P2P
Middleware
Infraestructura para grid
Servicios de integración (Web Services o .Net)Red de Universidades con Carreras en Informática (RedUNCI