From EDA to TEEs, Security Tools for Understanding and Mitigating Side-Channel and Fault Injection Attacks
TimeMonday, December 6th1:30pm - 5:00pm PST
Event Type
Virtual Programs
Presented In-Person
DescriptionIn this tutorial, we aim to bring together a collection of high quality security tools and infrastructure (from open-source academic tools, to industry-level ones) to demonstrate attacks and side-channel vulnerabilities. Also, we demonstrate a memory model that enhances performance of processors while keeping them secure.

In the Internet of Things (IoT) era where electronic devices are prevalent, attackers readily have physical access to electronic devices. These electronic devices are subject to fault injection and side channel attacks, which can compromise the entire security of a system. For example, laser fault injection can perturb these devices by directly injecting faults into them to retrieve secrets or create catastrophic consequences and side-channel attacks can observe electrical properties of the target device to reveal confidential information. Electronic design automation tools that help facilitate security evaluation at design time are critically needed to protect against the attacks.

Trusted-execution environments (TEE), like Intel SGX, isolate user-space applications into secure enclaves without trusting the OS. Thus, TEEs reduce the trusted computing base, but add one to two orders of magnitude slowdown. The performance cost stems from a strict memory model, which we call the spatial isolation model, where enclaves cannot share memory regions with each other. A memory model that can improve the performance while still maintaining the level of security is essential.

The tutorial demonstrates three electronic design automation (EDA) tools against fault attacks and side channel attacks, and one novel fast and secure memory model. The first EDA tool is a framework that can both generate laser fault injection attacks and integrate hardware-based redundancy to a design. The second EDA tool provides various security evaluation accuracy levels at different design steps against side-channel attacks. The third EDA tool helps verify the resilience of an embedded system handling confidential information against side-channel attacks. The memory model called Elasticlave provides one to two orders of magnitude performance improvements over the previous model.