An overview of Riscure Assurance for Premium Content: a specialized security evaluation program by Riscure, tailored to the needs of the content protection industry.
Secure Boot Under Attack: Simulation to Enhance Fault Attacks & DefensesRiscure
Secure Boot is widely deployed in modern embedded systems and an essential part of the security model. Even when no (easy to exploit) logical vulnerabilities remain, attackers are surprisingly often still able to compromise it using Fault Injection or a so called glitch attack. Many of these vulnerabilities are difficult to spot in the source code and can only be found by manually inspecting the disassembled binary code instruction by instruction.
While the idea to use simulation to identify these vulnerabilities is not new, this talk presents a fault simulator created using existing open-source components and without requiring a detailed model of the underlying hardware. The challenges to simulate real-world targets will be discussed as well as how to overcome most of them.
Efficient Reverse Engineering of Automotive FirmwareRiscure
The firmware executed by components found in a car provide a starting point for adversaries to obtain confidential information and discover potential vulnerabilities. However, the process of reverse engineering a specific component is typically considered a complex and time-consuming task. In this paper we discuss several techniques which we used to significantly increase the efficiency of reverse engineering the firmware of an instrument cluster.
Bypassing Secure Boot using Fault InjectionRiscure
The Fault Injection attack surface of Secure Boot implementations is determined by the specifics of their design and implementation. Using a generic Secure Boot design we detail multiple vulnerabilities (~10) using examples in source code, disassembly and hardware. We will determine what the impact is of the target's design on its Fault Injection attack surface: from high-level architecture to low-level implementation details. Research originally presented in November 2016 at BlackHat Europe.
This document discusses Java Card security. It begins with an overview of Java Card and its benefits, including being interoperable, secure, supporting multiple applications, and being dynamically updatable. It then covers Java Card applet lifecycles, concepts like verification, loading, firewalls and atomicity, compares Java Card to Java, analyzes risks like denial of service and privacy invasion, demonstrates attacks like using Trojan code and firewall type confusion, and concludes that while threats exist, security measures can counteract them and Java Card security is attainable.
Fault Injection on Automotive Diagnosis ProtocolsRiscure
In this work we present fault injection as a technique to bypass the security of automotive diagnosis (UDS) protocol implementations that do not contain any logical vulnerabilities. Therefore, they are protected against traditional logical attacks. Our tests proved that it is possible for an attacker to inject faults and bypass the UDS authentication, obtaining access to the internal Flash and SRAM memories of the targets. By analyzing the dumped firmware, the keys and algorithm that protect the UDS have also been extracted, giving full access to the diagnosis services without requiring the use of fault injection techniques.
Originally presented by Riscure's Niek Timmers at the 2018 ESCAR USA conference.
Secure boot is under constant attack on embedded devices used across industries. Secure boot is essential for secure embedded devices as it prevents malicious actors from obtaining persistent runtime control. In this presentation, we present our vision on secure boot design and what it takes to make it secure.
This presentation provides an overview of attack methods used against chips and highlights the importance of better security in a modern IoT infrastructure. Originally presented by Riscure's Marc Witteman at GLSVLSI symposium in May 2016.
Secure Boot Under Attack: Simulation to Enhance Fault Attacks & DefensesRiscure
Secure Boot is widely deployed in modern embedded systems and an essential part of the security model. Even when no (easy to exploit) logical vulnerabilities remain, attackers are surprisingly often still able to compromise it using Fault Injection or a so called glitch attack. Many of these vulnerabilities are difficult to spot in the source code and can only be found by manually inspecting the disassembled binary code instruction by instruction.
While the idea to use simulation to identify these vulnerabilities is not new, this talk presents a fault simulator created using existing open-source components and without requiring a detailed model of the underlying hardware. The challenges to simulate real-world targets will be discussed as well as how to overcome most of them.
Efficient Reverse Engineering of Automotive FirmwareRiscure
The firmware executed by components found in a car provide a starting point for adversaries to obtain confidential information and discover potential vulnerabilities. However, the process of reverse engineering a specific component is typically considered a complex and time-consuming task. In this paper we discuss several techniques which we used to significantly increase the efficiency of reverse engineering the firmware of an instrument cluster.
Bypassing Secure Boot using Fault InjectionRiscure
The Fault Injection attack surface of Secure Boot implementations is determined by the specifics of their design and implementation. Using a generic Secure Boot design we detail multiple vulnerabilities (~10) using examples in source code, disassembly and hardware. We will determine what the impact is of the target's design on its Fault Injection attack surface: from high-level architecture to low-level implementation details. Research originally presented in November 2016 at BlackHat Europe.
This document discusses Java Card security. It begins with an overview of Java Card and its benefits, including being interoperable, secure, supporting multiple applications, and being dynamically updatable. It then covers Java Card applet lifecycles, concepts like verification, loading, firewalls and atomicity, compares Java Card to Java, analyzes risks like denial of service and privacy invasion, demonstrates attacks like using Trojan code and firewall type confusion, and concludes that while threats exist, security measures can counteract them and Java Card security is attainable.
Fault Injection on Automotive Diagnosis ProtocolsRiscure
In this work we present fault injection as a technique to bypass the security of automotive diagnosis (UDS) protocol implementations that do not contain any logical vulnerabilities. Therefore, they are protected against traditional logical attacks. Our tests proved that it is possible for an attacker to inject faults and bypass the UDS authentication, obtaining access to the internal Flash and SRAM memories of the targets. By analyzing the dumped firmware, the keys and algorithm that protect the UDS have also been extracted, giving full access to the diagnosis services without requiring the use of fault injection techniques.
Originally presented by Riscure's Niek Timmers at the 2018 ESCAR USA conference.
Secure boot is under constant attack on embedded devices used across industries. Secure boot is essential for secure embedded devices as it prevents malicious actors from obtaining persistent runtime control. In this presentation, we present our vision on secure boot design and what it takes to make it secure.
This presentation provides an overview of attack methods used against chips and highlights the importance of better security in a modern IoT infrastructure. Originally presented by Riscure's Marc Witteman at GLSVLSI symposium in May 2016.
An overview of threats and mitigations for mobile payment industry by Riscure's Marc Witteman. This presentation highlights the benefits of security evaluations for mobile payment applications.
Controlling PC on ARM using Fault InjectionRiscure
The slides from the presentation by Riscure's Niek Timmers, Albert Spruyt and Marc Whitteman. The paper describes an ARM specific fault injection attack strategy for exploiting embedded systems where externally controlled data is loaded in the program counter (PC) register of the processor.
Gunter Ollmann, Microsoft
As reverse engineering tools and hacking techniques have improved over the years, software engineers have been forced to bury their secrets deeper down the stack – securing keys and intellectual property first in software, then drivers, on to custom firmware and microcode, and eventually as etchings on the very silicon itself.
For the hackers involved, the skills and tooling needed to extract and monetize these secrets come with ever increasing hurdles and cost. Yet, seemingly as a corollary to Moore’s Law, each year the cost of the tooling drops by half, while access (and desire) doubles. Today, with access to multi-million dollar semiconductor labs that can be rented for as little as $200 per hour, skilled adversaries can physically extract the most prized secrets from the integrated circuits (IC) directly.
Understanding your adversary lies at the crux of every defensive strategy. This session reviews the current generation of tools and techniques used by professional hacking entities to extract the magic numbers, proprietary algorithms, and WORN (Write Once, Read Never) secrets from the chips themselves.
As a generation of bug hunters begin to use such tools to extract the microcode and etched algorithms from the IC’s, we’re about to face new classes of bug and vulnerabilities – lying in (possibly) ancient code – that probably can’t be “patched”. How will we secure secrets going forward?
Niek Timmers, Riscure B.V.
Cristofaro Mune, Independent Embedded Security Consultant
Fault injection attacks have been historically perceived as high-end attacks not available to most hackers. They used to require expensive tooling and a mysterious mix of skills which resulted them being out of reach for even the most skilled attackers. These days are over as low-cost fault injection tooling is changing the capabilities of the hacking masses at a rapid pace.
Historically, fault injection attacks are used to break cryptographic implementation (e.g. Differential Fault Analysis) or bypassing security checks like performed by a pin verification function. However, nothing prevents them to be used on richer systems like embedded devices or IoT devices. Fault injection attacks can be used to change the intended behavior of hardware and software, due, among the others, to corrupted memory reads and instructions execution.
In this talk we show that fault injection attacks and, more specifically, voltage fault injection, allow escalating privileges from an unprivileged context, in absence of logically exploitable software vulnerabilities. This is demonstrated using practical examples where the control flow of the Linux kernel is influenced in order to gain root privileges. All practical examples are performed on a fully patched Linux operating system, executed by a fast and feature rich System-on-Chip. A live demonstration of Fault Injection is part of the talk.
Corey Thuen of Digital Bond Labs describes in technical detail how Havex/Dragonfly enumerated OPC servers.
Havex is the second ICS malware ever seen in the wild.
Rob Turner, Qualcomm Technologies
Almost three decades since the Morris worm and we're still plagued by memory corruption vulnerabilities in C and C++ software. Exploit mitigations aim to make the exploitation of these vulnerabilities impossible or prohibitively expensive. However, modern exploits demonstrate that currently deployed countermeasures are insufficient.
In ARMv8.3, ARM introduces a new hardware security feature, pointer authentication. With ARM and ARM partners, including Microsoft, we helped to design this feature. Designing a processor extension is challenging. Among other requirements, changes should be transparent to developers (except compiler developers), support both system and application code, interoperate with legacy software, and provide binary backward compatibility. This talk discusses the processor extension and explores the design trade-offs, such as the decision to prefer authentication over encryption and the consequences of small tags.
Also, this talk provides a security analysis, and examines how these new instructions can robustly and efficiently implement countermeasures.
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...Priyanka Aash
In 2017, a sophisticated threat actor deployed the TRITON attack framework engineered to manipulate industrial safety systems at a critical infrastructure facility. This talk offers new insights into TRITON attack framework which became an unprecedented milestone in the history of cyber-warfare as it is the first publicly observed malware that specifically targets protection functions meant to safeguard human lives. While the attack was discovered before its ultimate goal was achieved, that is, disruption of the physical process, TRITON is a wakeup call regarding the need to urgently improve ICS cybersecurity.
Practical Security Assessments of IoT Devices and Systems Ollie Whitehouse
This talk briefly discusses strategies and methodologies than can be employed when assessing IoT devices. We look at how to develop credible threat scenarios for different IoT device and systems, perform static and dynamic attack surface mapping, perform static firmware analysis, perform static hardware analysis, undertake a dynamic device security analysis, sources of supporting information, supporting capability requirements and establishment, Execution of dynamic device analysis and approaches around network protocol analysis.
This document discusses attacking embedded systems and analyzing firmware. It begins by explaining why embedded system vulnerabilities are important, as these devices often have weak security and are on critical network paths. It then covers techniques for detecting devices, including active scanning with Nmap and Nessus. Firmware analysis methods like strings, hexdump and grep are presented for initial examination. The document introduces tools for extracting filesystems from firmware and analyzing file contents. It emphasizes that emulation with Qemu allows debugging binaries from extracted firmware.
Man in the middle attacks on IEC 60870-5-104pgmaynard
This document discusses man-in-the-middle attacks on the IEC 60870-5-104 protocol. It describes how an attacker could intercept communications between an operator workstation and programmable logic controller to modify values like the cause of transmission field or an "ON/OFF" status to hide issues like an earth fault from operators. The document advocates for better security practices in new industrial control systems, such as monitoring networks and logs and enabling mitigation techniques to prevent these types of attacks.
Proving the Security of Low-Level Software Components & TEEsAshley Zupkus
Learn how it is possible to prove low-level software component and TEE security, as well as the Goodix driver example demoed in the webinar.
Check out the webinar replay here: https://www.youtube.com/watch?v=nG3DlejBd3k
Visit our website trust-in-soft.com for more information!
LAS16-300K2: Overview of IoT Zephyr
Speakers: Geoff Thorpe
Date: September 28, 2016
★ Session Description ★
Title: Overview of IoT Zephyr
Bio:
Geoff Thorpe heads up security within the Microcontroller group of NXP, where the intersection of device security and network security gives him a headache commonly known as “IoT”. His early experience with security topics was very software-centric, as a long-standing member of the OpenSSL team and a contributor to related open source projects. After many years veering off into semiconductors and hardware architecture, his software-bias has been domesticated to some extent but not eradicated.
★ Resources ★
Etherpad: pad.linaro.org/p/las16-300k2
Presentations & Videos: http://connect.linaro.org/resource/las16/las16-300k2/
★ Event Details ★
Linaro Connect Las Vegas 2016 – #LAS16
September 26-30, 2016
http://www.linaro.org
http://connect.linaro.org
This document discusses supply chain security considerations. It provides an overview of issues that can affect technology integration and approaches to mitigate risks. Examples are given of past supply chain attacks on autonomous vehicles, IoT devices, and software. The supply chain is defined as the network of vendors and components used to deliver a product or service. Threats include compromised hardware, software, tools and facilities. Detecting issues can be difficult due to the distributed nature of supply chains. Defenses include things like signing, monitoring, and designing with the assumption that some components may be compromised. The document emphasizes that supply chain attacks are increasingly common and that organizations should have response plans in place.
The hardware security instructional class acquaints you with an assortment of cryptographic processor and preparing overhead, side-channel assaults, physically unclonable capacities, hardware-based genuine random number generator, watermaking of IPS, FPGA security, uninvolved and dynamic metering and hardware based secure program execution.
Trainees Also Will Learn about:
Counterfeit detection, criminal activities, detection standards and physical analysis in hardware security. This course gives you the sufficient knowledge to identify the hardware threats, methods of hardware metering, unclonable identifiers and ending piracy of integrated circuits (ICs).
The fault injection attacks in hardware security, classification of attacks, invasive attacks, countermeasures, exploits, and data remanence.
How a physical hardware attacks harm the hardware security by learning tamper resistance, classification of physical attacks, automated decapsulation, deprocessing methods, side channel attacks, or microprobing.
Who Would Benefit From This Training?
If you are an IT professional who specialize in system, you will benefit the presentations, examples, case studies, discussions, and individual activities upon the completion of hardware security training and will prepare yourself for your career. Finally, the hardware security training will introduce the hardware Trojans which decrease the hardware system reliability and leads you to the basics of crypto processor design techniques.
Training Objectives:
Learn the state of the art security methods and devices
Integrate the security as a design metric
Explain the common hardware trojans
Design secured hardware FPGA
Understand the attacks in embedded system
Explain the design procedures of crypto processor
Protect the design intellectual property against privacy
Understand the physical attacks in hardware security
Understand hardware attacks and providing countermeasures
Training outline:
Introduction to Hardware Security
Hardware Cryptography
Basics of VLSI
Counterfeit Detection
Hardware Metering
Fault Injection Attacks in Hardware
Physical Hardware Attacks
Side Channel Attacks
Secure Hardware Design for FPGAs
Embedded System Security
Security of Radio Frequency Identification (RFID)
Hardware Trojans
Crypto Processor Design
Hands-on and In-Class Activities
Sample Workshops Labs for Hardware Security Training
Visit Tonex website for more information.
Hardware Security Training By #TONEX
https://www.tonex.com/training-courses/hardware-security-training-by-tonex/
This document contains the presentation slides from Chris Sistrunk on how to get into ICS security. Some key points:
- The number of security professionals is around 189,000 but those focused on ICS security is under 1,000, only 0.5% of security professionals.
- For those with an OT background, the presenter suggests learning about security fundamentals. For those with an IT background, the presenter suggests learning about operational technology like PLCs and protocols.
- The presenter provides many resources for learning about ICS security including training, conferences, books, and standards. He also suggests ways to build an at-home ICS network lab and get involved in information sharing
Securing a Raspberry Pi and other DIY IoT devicesIan Kluft
These are the slides from the presentation by Ian Kluft at the ISC² Silicon Valley Chapter meeting on February 11, 2020 in Santa Clara, California on "Securing a Raspberry Pi and other DIY IoT devices". It introduces the Raspberry Pi computer and security issues relevant to projects on similar Internet of Things (IoT) devices. Also, for hobby projects there's advice how to prioritize security issues to avoid being overwhelmed. It covers analysis of the project's attack surface and online security resources. The presentation was made for a group who have or are working on cybersecurity certifications. But the slides should also be understandable by a wider technical audience.
Domain 4: Communication and Network Security - Review
Application Layer TCP/IP Protocols and Concepts, Layer 1 Network Cabling, LAN Technologies and Protocols, LAN Physical NetworkTopologies, WAN Technologies and Protocols, Network Devices and Protocols and Network Attacks
Primer: The top ten automotive cybersecurity vulnerabilities of 2015Rogue Wave Software
If you’re trying to build connected automotive software that’s both bulletproof and secure, you’ve got a big task ahead of you; knowing where to focus your time and energy can be half the challenge.
Nearly 90% of all detected security holes can be traced back to just ten types of vulnerabilities. Take a quick walk through the top ten in this primer presentation.
Check out the last slide for links to detailed information about these vulnerabilities and fixes, including a webinar and white paper by automotive industry experts.
There's a lot of Perl code out there and more being written all the time. Ian Kluft presented current advice on secure coding in Perl, including language-specific guidelines from the Perl documentation, CMU Software Engineering Institute Perl Coding Standard, Common Weakness Enumeration(CWE) and general advice from OWASP Top 10.
This document provides an overview of digital product security. It discusses common cyberattacks against businesses, security issues in product development processes, and tips for developing software with security by design. It emphasizes starting with secure requirements, using static analysis, dynamic testing, and manual reviews. Following secure SDLC practices and continuous integration of security tools can help improve security, reduce costs, and better satisfy security audits.
Network intrusion. Information theft. Outside reprogramming of systems. These examples are just a few of the several reasons why software security is becoming increasingly more important to all industries. No system is immune, so it’s more important than ever to understand why secure code matters and how to create safer applications.
With this presentation you'll learn how to:
-Protect your systems from risk
-Comply with security standards
-Ensure the entire codebase is bulletproof
An overview of threats and mitigations for mobile payment industry by Riscure's Marc Witteman. This presentation highlights the benefits of security evaluations for mobile payment applications.
Controlling PC on ARM using Fault InjectionRiscure
The slides from the presentation by Riscure's Niek Timmers, Albert Spruyt and Marc Whitteman. The paper describes an ARM specific fault injection attack strategy for exploiting embedded systems where externally controlled data is loaded in the program counter (PC) register of the processor.
Gunter Ollmann, Microsoft
As reverse engineering tools and hacking techniques have improved over the years, software engineers have been forced to bury their secrets deeper down the stack – securing keys and intellectual property first in software, then drivers, on to custom firmware and microcode, and eventually as etchings on the very silicon itself.
For the hackers involved, the skills and tooling needed to extract and monetize these secrets come with ever increasing hurdles and cost. Yet, seemingly as a corollary to Moore’s Law, each year the cost of the tooling drops by half, while access (and desire) doubles. Today, with access to multi-million dollar semiconductor labs that can be rented for as little as $200 per hour, skilled adversaries can physically extract the most prized secrets from the integrated circuits (IC) directly.
Understanding your adversary lies at the crux of every defensive strategy. This session reviews the current generation of tools and techniques used by professional hacking entities to extract the magic numbers, proprietary algorithms, and WORN (Write Once, Read Never) secrets from the chips themselves.
As a generation of bug hunters begin to use such tools to extract the microcode and etched algorithms from the IC’s, we’re about to face new classes of bug and vulnerabilities – lying in (possibly) ancient code – that probably can’t be “patched”. How will we secure secrets going forward?
Niek Timmers, Riscure B.V.
Cristofaro Mune, Independent Embedded Security Consultant
Fault injection attacks have been historically perceived as high-end attacks not available to most hackers. They used to require expensive tooling and a mysterious mix of skills which resulted them being out of reach for even the most skilled attackers. These days are over as low-cost fault injection tooling is changing the capabilities of the hacking masses at a rapid pace.
Historically, fault injection attacks are used to break cryptographic implementation (e.g. Differential Fault Analysis) or bypassing security checks like performed by a pin verification function. However, nothing prevents them to be used on richer systems like embedded devices or IoT devices. Fault injection attacks can be used to change the intended behavior of hardware and software, due, among the others, to corrupted memory reads and instructions execution.
In this talk we show that fault injection attacks and, more specifically, voltage fault injection, allow escalating privileges from an unprivileged context, in absence of logically exploitable software vulnerabilities. This is demonstrated using practical examples where the control flow of the Linux kernel is influenced in order to gain root privileges. All practical examples are performed on a fully patched Linux operating system, executed by a fast and feature rich System-on-Chip. A live demonstration of Fault Injection is part of the talk.
Corey Thuen of Digital Bond Labs describes in technical detail how Havex/Dragonfly enumerated OPC servers.
Havex is the second ICS malware ever seen in the wild.
Rob Turner, Qualcomm Technologies
Almost three decades since the Morris worm and we're still plagued by memory corruption vulnerabilities in C and C++ software. Exploit mitigations aim to make the exploitation of these vulnerabilities impossible or prohibitively expensive. However, modern exploits demonstrate that currently deployed countermeasures are insufficient.
In ARMv8.3, ARM introduces a new hardware security feature, pointer authentication. With ARM and ARM partners, including Microsoft, we helped to design this feature. Designing a processor extension is challenging. Among other requirements, changes should be transparent to developers (except compiler developers), support both system and application code, interoperate with legacy software, and provide binary backward compatibility. This talk discusses the processor extension and explores the design trade-offs, such as the decision to prefer authentication over encryption and the consequences of small tags.
Also, this talk provides a security analysis, and examines how these new instructions can robustly and efficiently implement countermeasures.
TRITON: How it Disrupted Safety Systems and Changed the Threat Landscape of I...Priyanka Aash
In 2017, a sophisticated threat actor deployed the TRITON attack framework engineered to manipulate industrial safety systems at a critical infrastructure facility. This talk offers new insights into TRITON attack framework which became an unprecedented milestone in the history of cyber-warfare as it is the first publicly observed malware that specifically targets protection functions meant to safeguard human lives. While the attack was discovered before its ultimate goal was achieved, that is, disruption of the physical process, TRITON is a wakeup call regarding the need to urgently improve ICS cybersecurity.
Practical Security Assessments of IoT Devices and Systems Ollie Whitehouse
This talk briefly discusses strategies and methodologies than can be employed when assessing IoT devices. We look at how to develop credible threat scenarios for different IoT device and systems, perform static and dynamic attack surface mapping, perform static firmware analysis, perform static hardware analysis, undertake a dynamic device security analysis, sources of supporting information, supporting capability requirements and establishment, Execution of dynamic device analysis and approaches around network protocol analysis.
This document discusses attacking embedded systems and analyzing firmware. It begins by explaining why embedded system vulnerabilities are important, as these devices often have weak security and are on critical network paths. It then covers techniques for detecting devices, including active scanning with Nmap and Nessus. Firmware analysis methods like strings, hexdump and grep are presented for initial examination. The document introduces tools for extracting filesystems from firmware and analyzing file contents. It emphasizes that emulation with Qemu allows debugging binaries from extracted firmware.
Man in the middle attacks on IEC 60870-5-104pgmaynard
This document discusses man-in-the-middle attacks on the IEC 60870-5-104 protocol. It describes how an attacker could intercept communications between an operator workstation and programmable logic controller to modify values like the cause of transmission field or an "ON/OFF" status to hide issues like an earth fault from operators. The document advocates for better security practices in new industrial control systems, such as monitoring networks and logs and enabling mitigation techniques to prevent these types of attacks.
Proving the Security of Low-Level Software Components & TEEsAshley Zupkus
Learn how it is possible to prove low-level software component and TEE security, as well as the Goodix driver example demoed in the webinar.
Check out the webinar replay here: https://www.youtube.com/watch?v=nG3DlejBd3k
Visit our website trust-in-soft.com for more information!
LAS16-300K2: Overview of IoT Zephyr
Speakers: Geoff Thorpe
Date: September 28, 2016
★ Session Description ★
Title: Overview of IoT Zephyr
Bio:
Geoff Thorpe heads up security within the Microcontroller group of NXP, where the intersection of device security and network security gives him a headache commonly known as “IoT”. His early experience with security topics was very software-centric, as a long-standing member of the OpenSSL team and a contributor to related open source projects. After many years veering off into semiconductors and hardware architecture, his software-bias has been domesticated to some extent but not eradicated.
★ Resources ★
Etherpad: pad.linaro.org/p/las16-300k2
Presentations & Videos: http://connect.linaro.org/resource/las16/las16-300k2/
★ Event Details ★
Linaro Connect Las Vegas 2016 – #LAS16
September 26-30, 2016
http://www.linaro.org
http://connect.linaro.org
This document discusses supply chain security considerations. It provides an overview of issues that can affect technology integration and approaches to mitigate risks. Examples are given of past supply chain attacks on autonomous vehicles, IoT devices, and software. The supply chain is defined as the network of vendors and components used to deliver a product or service. Threats include compromised hardware, software, tools and facilities. Detecting issues can be difficult due to the distributed nature of supply chains. Defenses include things like signing, monitoring, and designing with the assumption that some components may be compromised. The document emphasizes that supply chain attacks are increasingly common and that organizations should have response plans in place.
The hardware security instructional class acquaints you with an assortment of cryptographic processor and preparing overhead, side-channel assaults, physically unclonable capacities, hardware-based genuine random number generator, watermaking of IPS, FPGA security, uninvolved and dynamic metering and hardware based secure program execution.
Trainees Also Will Learn about:
Counterfeit detection, criminal activities, detection standards and physical analysis in hardware security. This course gives you the sufficient knowledge to identify the hardware threats, methods of hardware metering, unclonable identifiers and ending piracy of integrated circuits (ICs).
The fault injection attacks in hardware security, classification of attacks, invasive attacks, countermeasures, exploits, and data remanence.
How a physical hardware attacks harm the hardware security by learning tamper resistance, classification of physical attacks, automated decapsulation, deprocessing methods, side channel attacks, or microprobing.
Who Would Benefit From This Training?
If you are an IT professional who specialize in system, you will benefit the presentations, examples, case studies, discussions, and individual activities upon the completion of hardware security training and will prepare yourself for your career. Finally, the hardware security training will introduce the hardware Trojans which decrease the hardware system reliability and leads you to the basics of crypto processor design techniques.
Training Objectives:
Learn the state of the art security methods and devices
Integrate the security as a design metric
Explain the common hardware trojans
Design secured hardware FPGA
Understand the attacks in embedded system
Explain the design procedures of crypto processor
Protect the design intellectual property against privacy
Understand the physical attacks in hardware security
Understand hardware attacks and providing countermeasures
Training outline:
Introduction to Hardware Security
Hardware Cryptography
Basics of VLSI
Counterfeit Detection
Hardware Metering
Fault Injection Attacks in Hardware
Physical Hardware Attacks
Side Channel Attacks
Secure Hardware Design for FPGAs
Embedded System Security
Security of Radio Frequency Identification (RFID)
Hardware Trojans
Crypto Processor Design
Hands-on and In-Class Activities
Sample Workshops Labs for Hardware Security Training
Visit Tonex website for more information.
Hardware Security Training By #TONEX
https://www.tonex.com/training-courses/hardware-security-training-by-tonex/
This document contains the presentation slides from Chris Sistrunk on how to get into ICS security. Some key points:
- The number of security professionals is around 189,000 but those focused on ICS security is under 1,000, only 0.5% of security professionals.
- For those with an OT background, the presenter suggests learning about security fundamentals. For those with an IT background, the presenter suggests learning about operational technology like PLCs and protocols.
- The presenter provides many resources for learning about ICS security including training, conferences, books, and standards. He also suggests ways to build an at-home ICS network lab and get involved in information sharing
Securing a Raspberry Pi and other DIY IoT devicesIan Kluft
These are the slides from the presentation by Ian Kluft at the ISC² Silicon Valley Chapter meeting on February 11, 2020 in Santa Clara, California on "Securing a Raspberry Pi and other DIY IoT devices". It introduces the Raspberry Pi computer and security issues relevant to projects on similar Internet of Things (IoT) devices. Also, for hobby projects there's advice how to prioritize security issues to avoid being overwhelmed. It covers analysis of the project's attack surface and online security resources. The presentation was made for a group who have or are working on cybersecurity certifications. But the slides should also be understandable by a wider technical audience.
Domain 4: Communication and Network Security - Review
Application Layer TCP/IP Protocols and Concepts, Layer 1 Network Cabling, LAN Technologies and Protocols, LAN Physical NetworkTopologies, WAN Technologies and Protocols, Network Devices and Protocols and Network Attacks
Primer: The top ten automotive cybersecurity vulnerabilities of 2015Rogue Wave Software
If you’re trying to build connected automotive software that’s both bulletproof and secure, you’ve got a big task ahead of you; knowing where to focus your time and energy can be half the challenge.
Nearly 90% of all detected security holes can be traced back to just ten types of vulnerabilities. Take a quick walk through the top ten in this primer presentation.
Check out the last slide for links to detailed information about these vulnerabilities and fixes, including a webinar and white paper by automotive industry experts.
There's a lot of Perl code out there and more being written all the time. Ian Kluft presented current advice on secure coding in Perl, including language-specific guidelines from the Perl documentation, CMU Software Engineering Institute Perl Coding Standard, Common Weakness Enumeration(CWE) and general advice from OWASP Top 10.
This document provides an overview of digital product security. It discusses common cyberattacks against businesses, security issues in product development processes, and tips for developing software with security by design. It emphasizes starting with secure requirements, using static analysis, dynamic testing, and manual reviews. Following secure SDLC practices and continuous integration of security tools can help improve security, reduce costs, and better satisfy security audits.
Network intrusion. Information theft. Outside reprogramming of systems. These examples are just a few of the several reasons why software security is becoming increasingly more important to all industries. No system is immune, so it’s more important than ever to understand why secure code matters and how to create safer applications.
With this presentation you'll learn how to:
-Protect your systems from risk
-Comply with security standards
-Ensure the entire codebase is bulletproof
This document discusses ongoing security for embedded Linux devices. It describes Timesys' security notification service which monitors Common Vulnerabilities and Exposures (CVEs) and notifies customers of relevant issues. The service filters CVE data, disambiguates package names, and flags false positives. Notifications are sent via a RESTful API or through a LinuxLink user account. The meta-timesys layer integrates these security features into builds using OpenEmbedded RPB BSP. Ongoing security helps minimize known vulnerabilities over the product lifecycle.
chap-1 : Vulnerabilities in Information SystemsKashfUlHuda1
Introduction to Cyber Security. Chapter #1. Vulnerabilities in Information Systems. What is a vulnerability?
Cyberspace: From terra incognita to terra nullius.
Cyberspace performance expectations. Measuring vulnerabilities. CVSS XCCDF OVAL
Avoiding vulnerabilities through secure coding
Security Services and Approach by Nazar TymoshykSoftServe
The document discusses SoftServe's security services and approach to application security testing. It provides an overview of typical security reports, how the security process often looks in reality versus how it should ideally be, and how SoftServe aims to minimize repetitive security issues through practices like automated security tests, secure coding trainings, and vulnerability scans integrated into continuous integration/delivery pipelines. The document also discusses benefits of SoftServe's internal security testing versus outsourcing to third parties, like catching problems earlier and improving a development team's security expertise.
While vulnerability assessment tools can identify unpatched or misconfigured code bases, these tools overlook a large portion of an organization's attack surface: known vulnerabilities in applications that are built in-house.
Perforce on Tour 2015 - Grab Testing By the Horns and MovePerforce
The document discusses integrating security testing into agile development processes. It proposes building security metrics at each stage and providing results to developers to help prioritize and quickly fix issues. Testing should be flexible to each team's needs and provide actionable results and tracing to help developers learn and fix root causes of errors. Maintaining independence of audits and regular updates are also suggested.
In the ever-evolving, fast-paced Agile development world, application security has not scaled well. Incorporating application security and testing into the current development process is difficult, leading to incomplete tooling or unorthodox stoppages due to the required manual security assessments. Development teams are working with a backlog of stories—stories that are typically focused on features and functionality instead of security. Traditionally, security was viewed as a prevention of progress, but there are ways to incorporate security activities without hindering development. There are many types of security activities you can bake into your current development lifecycles—tooling, assessments, stories, scrums, iterative reviews, repo and bug tracking integrations—every organization has a unique solution and there are positives and negatives to each of them. In this slide deck, we go through the various solutions to help build security into the development process.
This document discusses security status reporting and outlines best practices for developing an effective security monitoring program. It recommends selecting critical business systems as the target environment and defining key performance indicators across areas like user access management, patching, and perimeter security. The document also provides guidance on setting baselines using standards, quantifying security status with CVSS scoring, understanding audience priorities, and building dashboards and reports that follow rules like only displaying relevant, meaningful data at an appropriate refresh rate for the intended audience. The overall aim is to facilitate effective decision making and reporting on security posture.
QualiTest’s security testing services verify that the system's information data is protected and that the intended functionality is maintained - http://bit.ly/1EKt0k1
This document discusses SoftServe's approach to application security testing. It outlines typical security processes, reports, and issues found. It then proposes an integrated security process using both static code analysis and dynamic testing. This would involve deploying applications through a CI pipeline to security tools to identify vulnerabilities early in development cycles. The benefits are presented as reduced remediation costs, improved knowledge, and full technology coverage through internal testing versus third parties.
This document discusses building trust and compliance in cloud environments. It covers hardware and software building blocks like Intel TXT and Linux/KVM that can establish a root of trust from the hardware level. It then discusses how open source projects like OpenCIT can provide visibility into platform trust and enforce compliance. Example reference architectures are provided using solutions from Intel, Red Hat, HyTrust and others. The presentation concludes with a demo of security scanning and OpenCIT capabilities.
Enumerating software security design flaws throughout the SSDLCJohn M. Willis
A tool and methodology to enumerate security functional requirements arising in the solution space is described. A proof of concept tool for use by security architects and security engineers is described. The tool facilitates use of community-developed security requirements packages, security functional requirements, threat model taxonomy including mitigations. A risk-based decision making process is facilitated. Tool outputs used for change checklist, new test requirements, system security plan, risk decision documentation, deferred controls, and inherited controls.
Enumerating software security design flaws throughout the ssdlc cosac - 201...John M. Willis
A tool and methodology to enumerate security functional requirements arising in the solution space is described. A proof of concept tool for use by security architects and security engineers is described. The tool facilitates use of community-developed security requirements packages, security functional requirements, threat model taxonomy including mitigations. A risk-based decision making process is facilitated. Tool outputs used for change checklist, new test requirements, system security plan, risk decision documentation, deferred controls, and inherited controls.
Secure software is software developed to protect systems and resources from malicious attacks while allowing normal operations. It ensures systems and resources remain safe even when under attack, and detects and removes attacks. Adhering to security standards facilitates early detection of defects, reducing costs of remediation. Key aspects of secure software include securing databases from SQL injections, encoding data before execution to prevent injections, validating all input data, and implementing access controls to define user access to resources.
We are all aware of the current risks when developing a connected product, especially with vehicles since much is at stake both from an information and safety perspective. In this workshop, we will learn how to build Security requirements, architect, design, test and produce Safety and Security critical components using a methodology that works in harmony both with Engineering and Security
Quality assurance aims to identify and correct errors early in the development process through reviews and testing at each phase. The System Software Lifecycle (SSLC) model aims to ensure quality when developing software. It has five stages: requirements specification, design specification, testing and implementation, and maintenance and support. Testing is an important but difficult part of development that helps eliminate errors by determining what causes failures. Validation and certification ensure the software meets standards through simulated and live testing. Maintenance provides adjustments to comply with specifications and improve quality through problem reporting and resolution.
Giving your AppSec program the edge - using OpenSAMM for benchmarking and sof...Denim Group
HP Protect 2015 Presentation with Denim Group's John Dickson and HP's Bruce Jenkins - Software security historically has been a bolt-on afterthought, frequently a "nice to do" and not a "must do" activity in many organizations. Despite the obvious need to build security in from the outset, organizations continue to struggle to gain momentum and focus resources in support of a structured and measurable software security assurance program. How can organizations determine the best-fit activities and appropriate resource allocation levels to adequately address software risk? How can security leaders know what other organizations are doing to produce more secure software? This session provides an overview of the Open Software Assurance Maturity Model (OpenSAMM) framework and illustrates how organizations can use it to give their security program the edge necessary to stay competitive in today's DevOps world and need-for-speed go-to-market strategies. The session includes case studies on how organizations are using comparative data and OpenSAMM benchmarking to realize measurable software security improvement.
Originally shared here - https://sessioncatalog.hpglobalevents.com/go/agendabuilder.sessions/?l=19&sid=4026_2744&locale=en_US
Stop Chasing the Version: Compliance with CIPv5 through CIPv99 Tripwire
For many energy companies, readying for compliance with the latest version of NERC Critical Infrastructure Protection (CIP) standards, whether they be v5, v6, v7 or beyond is not the first priority – delivering reliable energy to the BES is. So, how does a company deal not only with the impending changes of CIP v5, but do so in a manner that best positions them for compliance with future versions and secures their cyber environment?
Join our live webcast on Thursday February 5 to hear from ICF, Tripwire, and AssurX industry experts who are helping organizations already grappling with the new and upcoming CIP requirements, implementing a risk based approach, the steps they are taking to get ahead of the curve, and addressing the uncertainty.
Key Takeaways - Regarding Readiness for NERC CIPv5 (and beyond):
•Best approaches for achieving compliance in a changing environment. (i.e. v5, v6, v7).
•How to save time, resources, and achieve automation with practical guidance on compliance efforts for current and future CIP requirements.
•Practical highlights and key controls from those already working on the most pressing issues.
Similar to Riscure Assurance for Premium Content at a glance (20)
Secure boot is under constant attack and therefore bypassed on embedded devices used across industries. Whether bypassed using software vulnerabilities or using hardware attacks like fault injection as we and others have previously shown. Secure boot is paramount for secure embedded devices as it prevents malicious actors from obtaining persistent runtime control. In this talk, we present our vision on secure boot design for embedded devices by means of clear, concrete, practical and easy-to-follow recommendations. We leverage our decade-long experience analyzing and bypassing secure boot implementations of embedded devices used by different industries. We understand, in order to be realistic, we need to consider secure boot's functional requirements, engineering costs, and other non-security related requirements. Where possible, we use practical examples that are easy to follow and implement. To keep it fun, we will have a fault injection demonstration live on stage where we bypass secure boot on a fast and feature-rich chip. The audience will be able to follow up on the discussed topics with two white papers which will be released after our talk.
Lowering the bar: deep learning for side-channel analysisRiscure
Deep learning can help automate the signal analysis process in power side channel analysis. We show how typical signal processing problems such as noise reduction and re-alignment are automatically solved by the deep learning network. We show we can break a lightly protected AES, an AES implementation with masking countermeasures and a protected ECC implementation. These experiments indicate that where previously side channel analysis had a large dependency on the skills of the human, first steps are being developed that bring down the attacker skill required for such attacks using Deep Learning automation.
Riscure is a global company specializing in hardware security evaluations through side channel analysis, fault injection, and other testing methods. They have over 90 experts across offices in the Netherlands, United States, and China. Riscure helps clients in various industries like payments, IoT, and smart cards improve the security of their products and obtain necessary certifications.
Marc Witteman discusses practical differential fault analysis (DFA) on the AES encryption algorithm. He summarizes that prior DFA work using single faults is impractical due to unknown fault parameters. Witteman's approach uses multiple faults injected over a short period, selecting those matching a fault model. Key space is reduced through voting and exclusion of candidates using 24-50 faults. The remaining key bits can then be brute forced rapidly. This "single-minute DFA" replaces less practical "single-fault DFA" methods and enables fast extraction of AES keys.
The document discusses how to secure electronic passports. It outlines passport threats like forgery and look-alike fraud. It then summarizes available protection mechanisms under ICAO standards, including storing certificates and biometrics on chips. It analyzes security challenges for inspection terminals and accessing personal data. It concludes that while electronic passports improve forgery protection, look-alike fraud remains an issue without reliable biometrics, and contactless chips introduce privacy concerns.
How multi-fault injection breaks the security of smart cardsRiscure
At RSA Conference 2010 Riscure's Marc Witteman presented an essential overview of fault injection attacks theory and showed a number of practical attacks at hardware using FI.
Defeating RSA Multiply-Always and Message Blinding CountermeasuresRiscure
This document discusses a new side channel attack called cross correlation that can defeat RSA implementations. It works by analyzing power traces from an RSA device executing signatures to reveal the private exponent. The attack preprocessing compresses and reveals modular operations in traces. It then uses cross correlation analysis to observe operand sharing between operations, allowing retrieval of the full private key. Countermeasures like exponent blinding and randomizing the operation order can prevent this attack.
TrustArc Webinar - 2024 Global Privacy SurveyTrustArc
How does your privacy program stack up against your peers? What challenges are privacy teams tackling and prioritizing in 2024?
In the fifth annual Global Privacy Benchmarks Survey, we asked over 1,800 global privacy professionals and business executives to share their perspectives on the current state of privacy inside and outside of their organizations. This year’s report focused on emerging areas of importance for privacy and compliance professionals, including considerations and implications of Artificial Intelligence (AI) technologies, building brand trust, and different approaches for achieving higher privacy competence scores.
See how organizational priorities and strategic approaches to data security and privacy are evolving around the globe.
This webinar will review:
- The top 10 privacy insights from the fifth annual Global Privacy Benchmarks Survey
- The top challenges for privacy leaders, practitioners, and organizations in 2024
- Key themes to consider in developing and maintaining your privacy program
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
“An Outlook of the Ongoing and Future Relationship between Blockchain Technologies and Process-aware Information Systems.” Invited talk at the joint workshop on Blockchain for Information Systems (BC4IS) and Blockchain for Trusted Data Sharing (B4TDS), co-located with with the 36th International Conference on Advanced Information Systems Engineering (CAiSE), 3 June 2024, Limassol, Cyprus.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentations
Building RAG with self-deployed Milvus vector database and Snowpark Container...Zilliz
This talk will give hands-on advice on building RAG applications with an open-source Milvus database deployed as a docker container. We will also introduce the integration of Milvus with Snowpark Container Services.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
2. 2
Trusted Execution Environment (TEE) security
• TEE protects the assets hidden in HW or SW
– Hardware enforced mechanisms are set up and controlled by TEE based on root of trust
• TEE isolates assets from REE access
– keys, video, video path
• While the secure media path could be entirely in HW, the configuration as well as
control of the HW is performed by TEE SW
3. 3
Trusted Application (TA) security
• Security of the system is built on top of TEE SW and HW separation mechanisms
• Confidentiality of the data as well as integrity of the applications and data are
critical of the security of the assets
• There should not be unauthorized modifications of the code that performs core
functions and expose the assets
4. 4
TEE Security Challenges
• Does it protect my assets?
• Is the HW base secure?
• Is the SW secure?
• What kind of attacker can attack me?
• How much effort do they need?
• What can they do with my device?
5. 5
Global Platform Problems / Drawbacks
• Has PP for TEE
• Includes security functional testing
• Only a single assurance level
• Pass/fail evaluation – no quality indication
• Administrative costs
• No component evaluations, only system
• Not endorsed by the content protection
market
• Fixed amount of effort , mitigations not
accounted for
6. 6
Common Criteria Problems / Drawbacks
• Provides various assurance levels
• Takes into account different attacker
levels
• CC provides either extensive
evaluation and testing or insufficient
• Administrative costs
• Only integrated System assurance
• Pass-fail verdict
• Reviews implementation
representation
• Doesn’t take mitigations into account
7. 7
Methodology has to:
• Capture relevant attacks
• Provide different security levels
• Provide different assurance levels
• Be time efficient
• Provide component evaluations
8. 8
Levels and Attackers – what does it mean
5-7 Medium to Advanced hacker
1-4 Script-kiddy or amateur hacker
8 Organized criminals
9-10 Government security agency
9. 9
The “MovieLabs Specifications for Enhanced Content
Protection – Version 1.1” is one of the main security
standards in the content provider market.
For chipsets it requires testing of the Secure Computation
Environment and Secure Media Pipeline, as well as SCA
resistance of the encryption and decryption algorithms.
These requirements are also included in the scope of the
Riscure Assurance for Content Protection program. The
table below shows which Component Assurance Levels are
necessary for chipsets to comply with the MovieLabs
Specifications.
MovieLabs Specifications
for Enhanced Content
Protection
MovieLabs Specifications Riscure Assurance for Content Protection
Secure Computation
Environment
CAL 6+ for TEE HW, CAL 5+ for TEE SW
Hardware Root of Trust CAL 6+ for TEE HW
Secure Media Pipeline (SMP) CAL 5+ for SMP SW, CAL 6+ for TEE HW
Encryption (SCA requirement) CAL 6+ for Conditional Access (CA)
10. 10
Methodology steps
Step 4: Integration testing (optional)
Verifies configuration for level 6 and up
Step 3: SW code review of TCB
SW vulnerabilities per 1KLoC Coverage depends on CAL
Step 2: TEE HW testing of selected tests
JIL rating indicates the level Effort depends on the level
Step 1: Design review
HW and SW design Effort depends on the level
11. 11
Step 1: Design review
• Find the relevant up to date attacks in the design
• What HW mechanisms are in place to protect assets and TEE?
(compliance rules)
• What boot process is in place? Is the root of trust
implemented? Keys protection, time protection?
• Attacks based on standardized documentation such as JHAS
and knowledge of relevant up-to-date attacks
12. 12
Step 2: HW testing
• For the selected tests for HW mechanisms during the Design review
phase:
• Penetration testing is performed
• For tests that indicate the attack is possible JIL rating is
assigned
• Based on the JIL rating, the robustness of the design is
determined
13. 13
Step 3: SW code review
• SW code review aims at
• Determining overall quality of the code using statistics
• Detecting the most critical SW vulnerabilities
• Detecting if there are exploit mitigations
• Identifying vulnerabilities in the chain of trust
14. 14
Benefits
• Effective testing with respect to time to
market
• Budget-efficient high-assurance
evaluation
• Up-to date threat assessment
• Composite evaluations
15. 15
NEW: Riscure Assurance
for Premium Content
screening
• Estimates what level would your chip/
HW/SW component get
• Key benefits
• Determines the expected level
• Light, easy and quick
• Guides you how to improve your
solution
• Contact us to learn more
16. 16
Challenge your security
Riscure B.V.
Frontier Building, Delftechpark 49
2628 XJ Delft
The Netherlands
Phone: +31 15 251 40 90
www.riscure.com
Riscure North America
550 Kearny St., Suite 330
San Francisco, CA 94108 USA
Phone: +1 650 646 99 79
inforequest@riscure.com
Riscure China
Room 2030-31, No. 989, Changle Road, Shanghai 200031
China
Phone: +86 21 5117 5435
inforcn@riscure.com