76 research outputs found
Security, Performance and Energy Trade-offs of Hardware-assisted Memory Protection Mechanisms
The deployment of large-scale distributed systems, e.g., publish-subscribe
platforms, that operate over sensitive data using the infrastructure of public
cloud providers, is nowadays heavily hindered by the surging lack of trust
toward the cloud operators. Although purely software-based solutions exist to
protect the confidentiality of data and the processing itself, such as
homomorphic encryption schemes, their performance is far from being practical
under real-world workloads.
The performance trade-offs of two novel hardware-assisted memory protection
mechanisms, namely AMD SEV and Intel SGX - currently available on the market to
tackle this problem, are described in this practical experience.
Specifically, we implement and evaluate a publish/subscribe use-case and
evaluate the impact of the memory protection mechanisms and the resulting
performance. This paper reports on the experience gained while building this
system, in particular when having to cope with the technical limitations
imposed by SEV and SGX.
Several trade-offs that provide valuable insights in terms of latency,
throughput, processing time and energy requirements are exhibited by means of
micro- and macro-benchmarks.Comment: European Commission Project: LEGaTO - Low Energy Toolset for
Heterogeneous Computing (EC-H2020-780681
Qualitative Analysis for Validating IEC 62443-4-2 Requirements in DevSecOps
Validation of conformance to cybersecurity standards for industrial
automation and control systems is an expensive and time consuming process which
can delay the time to market. It is therefore crucial to introduce conformance
validation stages into the continuous integration/continuous delivery pipeline
of products. However, designing such conformance validation in an automated
fashion is a highly non-trivial task that requires expert knowledge and depends
upon the available security tools, ease of integration into the DevOps
pipeline, as well as support for IT and OT interfaces and protocols.
This paper addresses the aforementioned problem focusing on the automated
validation of ISA/IEC 62443-4-2 standard component requirements. We present an
extensive qualitative analysis of the standard requirements and the current
tooling landscape to perform validation. Our analysis demonstrates the coverage
established by the currently available tools and sheds light on current gaps to
achieve full automation and coverage. Furthermore, we showcase for every
component requirement where in the CI/CD pipeline stage it is recommended to
test it and the tools to do so
Scrooge Attack: Undervolting ARM Processors for Profit
Latest ARM processors are approaching the computational power of x86
architectures while consuming much less energy. Consequently, supply follows
demand with Amazon EC2, Equinix Metal and Microsoft Azure offering ARM-based
instances, while Oracle Cloud Infrastructure is about to add such support. We
expect this trend to continue, with an increasing number of cloud providers
offering ARM-based cloud instances.
ARM processors are more energy-efficient leading to substantial electricity
savings for cloud providers. However, a malicious cloud provider could
intentionally reduce the CPU voltage to further lower its costs. Running
applications malfunction when the undervolting goes below critical thresholds.
By avoiding critical voltage regions, a cloud provider can run undervolted
instances in a stealthy manner.
This practical experience report describes a novel attack scenario: an attack
launched by the cloud provider against its users to aggressively reduce the
processor voltage for saving energy to the last penny. We call it the Scrooge
Attack and show how it could be executed using ARM-based computing instances.
We mimic ARM-based cloud instances by deploying our own ARM-based devices using
different generations of Raspberry Pi. Using realistic and synthetic workloads,
we demonstrate to which degree of aggressiveness the attack is relevant. The
attack is unnoticeable by our detection method up to an offset of -50mV. We
show that the attack may even remain completely stealthy for certain workloads.
Finally, we propose a set of client-based detection methods that can identify
undervolted instances. We support experimental reproducibility and provide
instructions to reproduce our results.Comment: European Commission Project: LEGaTO - Low Energy Toolset for
Heterogeneous Computing (EC-H2020-780681
Attestation Mechanisms for Trusted Execution Environments Demystified
Attestation is a fundamental building block to establish trust over software
systems. When used in conjunction with trusted execution environments, it
guarantees the genuineness of the code executed against powerful attackers and
threats, paving the way for adoption in several sensitive application domains.
This paper reviews remote attestation principles and explains how the modern
and industrially well-established trusted execution environments Intel SGX, Arm
TrustZone and AMD SEV, as well as emerging RISC-V solutions, leverage these
mechanisms.Comment: This publication incorporates results from the VEDLIoT project, which
received funding from the European Union's Horizon 2020 research and
innovation programme under grant agreement No 957197. arXiv admin note:
substantial text overlap with arXiv:2204.0679
Prospecting lighting applications with ligand field tools and density functional theory: a first-principles account of the 4fâ·â4fâ¶5dÂč Luminescence of CsMgBrâ:EuÂČâș
The most efficient way to provide domestic lighting nowadays is by light-emitting diodes (LEDs) technology combined with phosphors shifting the blue and UV emission toward a desirable sunlight spectrum. A route in the quest for warm-white light goes toward the discovery and tuning of the lanthanide-based phosphors, a difficult task, in experimental and technical respects. A proper theoretical approach, which is also complicated at the conceptual level and in computing efforts, is however a profitable complement, offering valuable structureâproperty rationale as a guideline in the search of the best materials. The EuÂČâș-based systems are the prototypes for ideal phosphors, exhibiting a wide range of visible light emission. Using the ligand field concepts in conjunction with density functional theory (DFT), conducted in nonroutine manner, we develop a nonempirical procedure to investigate the 4fâ·â4fâ¶5dÂč luminescence of EuÂČâș in the environment of arbitrary ligands, applied here on the CsMgBrâ:EuÂČâș-doped material. Providing a salient methodology for the extraction of the relevant ligand field and related parameters from DFT calculations and encompassing the bottleneck of handling large matrices in a model Hamiltonian based on the whole set of 33âŻ462 states, we obtained an excellent match with the experimental spectrum, from first-principles, without any fit or adjustment. This proves that the ligand field density functional theory methodology can be used in the assessment of new materials and rational property design
- âŠ