Isolation without taxation: near-zero-cost transitions for WebAssembly and SFI

Software sandboxing or software-based fault isolation (SFI) is a lightweight approach to building secure systems out of untrusted components. Mozilla, for example, uses SFI to harden the Firefox browser by sandboxing third-party libraries, and companies like Fastly and Cloudflare use SFI to safely co-locate untrusted tenants on their edge clouds. While there have been significant efforts to optimize and verify SFI enforcement, context switching in SFI systems remains largely unexplored: almost all SFI systems use heavyweight transitions that are not only error-prone but incur significant performance overhead from saving, clearing, and restoring registers when context switching. We identify a set of zero-cost conditions that characterize when sandboxed code has sufficient structured to guarantee security via lightweight zero-cost transitions (simple function calls). We modify the Lucet Wasm compiler and its runtime to use zero-cost transitions, eliminating the undue performance tax on systems that rely on Lucet for sandboxing (e.g., we speed up image and font rendering in Firefox by up to 29.7% and 10% respectively). To remove the Lucet compiler and its correct implementation of the Wasm specification from the trusted computing base, we (1) develop a static binary verifier , VeriZero, which (in seconds) checks that binaries produced by Lucet satisfy our zero-cost conditions, and (2) prove the soundness of VeriZero by developing a logical relation that captures when a compiled Wasm function is semantically well-behaved with respect to our zero-cost conditions. Finally, we show that our model is useful beyond Wasm by describing a new, purpose-built SFI system, SegmentZero32, that uses x86 segmentation and LLVM with mostly off-the-shelf passes to enforce our zero-cost conditions; our prototype performs on-par with the state-of-the-art Native Client SFI system.

Lightweight hardware fingerprinting solution using inherent memory in off-the-shelf commodity devices

An emerging technology known as Physical unclonable function (PUF) can provide a hardware root-of-trust in building the trusted computing system. PUF exploits the intrinsic process variations during the integrated circuit (IC) fabrication to generate a unique response. This unique response differs from one PUF to the other similar type of PUFs. Static random-access memory PUF (SRAM-PUF) is one of the memory-based PUFs in which the response is generated during the memory power-up process. Non-volatile memory (NVM) architecture like SRAM is available in off-the-shelf microcontroller devices. Exploiting the inherent SRAM as PUF could wide-spread the adoption of PUF. Therefore, in this study, we evaluate the suitability of inherent SRAM available in ATMega2560 microcontroller on Arduino platform as PUF that can provide a unique fingerprint. First, we analyze the start-up values (SUVs) of memory cells and select only the cells that show random values after the power-up process. Subsequently, we statistically analyze the characteristic of fifteen SRAM-PUFs which include uniqueness, reliability, and uniformity. Based on our findings, the SUVs of fifteen on-chip SRAMs achieve 42.64% uniqueness, 97.28% reliability, and 69.16% uniformity. Therefore, we concluded that the available SRAM in off-the-shelf commodity hardware has good quality to be used as PUF.

Research on Privacy Data Protection Based on Trusted Computing and Blockchain

Aiming at the problems of low protection accuracy and long time consumption in traditional privacy data protection methods, a privacy data protection method based on trusted computing and blockchain is proposed. Set up the Internet node secure transmission protocol through the trusted node uplink transmission protocol and the downlink transmission protocol, and according to the transmission protocol, combined with the blockchain technology, the ECC elliptic curve encryption algorithm is used to encrypt the amount of data existing in the blockchain, and the AES symmetric encryption algorithm is used to encrypt the private data that exists in the nonblockchain, thereby completing the protection of network private data. The simulation experiment results show that the privacy data protection accuracy of the proposed method is higher and the work efficiency is faster.

Research on Information Security Protection of Active Distribution Network Based on Trusted Computing

In the continuous innovation and development of smart power grid in China, active distribution network as an important part, the corresponding information security protection work has received the attention of the whole society. On the basis of understanding the current operation of smart grid system, this paper analyzes and discusses the practical application cases by clarifying the safety protection and safe and credible protection schemes of active distribution network.

Composite Enclaves: Towards Disaggregated Trusted Execution

The ever-rising computation demand is forcing the move from the CPU to heterogeneous specialized hardware, which is readily available across modern datacenters through disaggregated infrastructure. On the other hand, trusted execution environments (TEEs), one of the most promising recent developments in hardware security, can only protect code confined in the CPU, limiting TEEs’ potential and applicability to a handful of applications. We observe that the TEEs’ hardware trusted computing base (TCB) is fixed at design time, which in practice leads to using untrusted software to employ peripherals in TEEs. Based on this observation, we propose composite enclaves with a configurable hardware and software TCB, allowing enclaves access to multiple computing and IO resources. Finally, we present two case studies of composite enclaves: i) an FPGA platform based on RISC-V Keystone connected to emulated peripherals and sensors, and ii) a large-scale accelerator. These case studies showcase a flexible but small TCB (2.5 KLoC for IO peripherals and drivers), with a low-performance overhead (only around 220 additional cycles for a context switch), thus demonstrating the feasibility of our approach and showing that it can work with a wide range of specialized hardware.

Forward Design Method of Avionics System Based on Communication

With the rapid development of computer technology, electronic technology, and control technology, communication-based avionics systems can provide greater potential for the improvement of aircraft combat capabilities. Moreover, during the flight, passengers have an increasing demand for space communications. How to provide passengers with a communication-based aerospace electronic system that is indistinguishable from the ground during the flight is a problem that needs to be solved urgently. The research on the forward design method of this system has been highly valued by experts at home and abroad. This article is a communication-based forward design method for avionics systems. Based on the development of aerospace data communication technology, this article discusses the advantages of the application of the CCSDS (Consultative Committee for Space Data Systems) protocol in the design of aerospace electronic communication systems. This research designs the technical scheme of the entire aerospace communication electronic system and refers to the relevant CCSDS protocol to complete the design of the distributor’s fast transmission telemetry package and the distributor’s slow transmission telemetry package. This article introduces the two existing architectures of the integrated avionics system, compares and analyzes them, and then elaborates the integrated avionics system architecture based on trusted computing and the trust chain transfer mechanism. The experimental results show that the method designed in this paper uses the NBSP basic protocol in an aeronautical communication environment with a nesting depth of 2 s. When the data transmission delay is 2 s, the NBSP scheme is 0.9 and the NERON scheme is 0.4. This shows that the design method of this study is able to meet the requirements of the system and technical indicators.

Application of Trusted Computing Technology in Active Defense of Smart Substation

Nowadays, most security systems mainly use firewall, intrusion detection, virus killing and other technologies to defend against external attacks. This passive defense mode has low efficiency and high false positive rate, and active defense technology can solve these problems to the greatest extent. At present, the intelligent substation is in the development stage with weak security. After a large number of terminals are connected, although the operation efficiency of the whole station is improved, it also brings more risks. This paper takes the access security of terminal equipment in intelligent substation as the research object. By mining the security vulnerabilities of substation, an active defense method based on trusted computing is proposed, the applicability and efficiency of trusted computing technology in the field of substation active defense are proved and the effectiveness of the method is verified to realize the trust guarantee of the whole process of terminal access to intelligent substation.

Risk Assessment Driven Use of Advanced SIEM Technology for Cyber Protection of Critical e-Health Processes

The approach presented in this paper provides effective protection of critical business processes by applying advanced SIEM technology in a rigorous fashion, based on the results of accurate risk assessment. The proposed SIEM tool advances the State of The Art of the technology along two axes, specifically: privacy and integrity. The advancements are achieved via combined use of two of the most promising technologies for trusted computing, namely: Trusted Execution Environment (TTE) and Homomorphic Encryption (HE). The approach is validated with respect to a real use case of a Smart Hospital (i.e., one where IT is massively used), with challenging security requirements. The use case is contributed by one of the major public hospitals in Italy. Experiments demonstrate that, by relying on continuous monitoring of security relevant events and advanced correlation techniques, the SIEM solution proposed in this work effectively protects the critical workflows of the hospital business processes from cyber-attacks with high impact (specifically: serious harm to or even death of the patient).