Conferences and supporting programme
What Can You Do When You Don’t Trust Your Processor?
In the last year few dramatics attacks were exposed on processors that undermine assumptions that were common behind the security of the processor and leverage it as the root of the trust of a system. Looking on end point or embedded devices in many cases software security solution are challenging whether cause it disrupt the main functionally (demand processing power, require integration or the security feature conflict with the functional requirements) , or if it doesn’t provide adequate security cause SW can be undermine by lower level SW that break the security. The question that raise is where should put our trust and what is the tradeoff? An innovative approach is protecting the memory itself , even from the processor and SW that running on it. By create root of trust in secure memory that blocks write operations to the protected memory, facilitates a secure channel all the way from cloud to memory, making it impossible for attackers to alter the firmware with any malicious code. With this approach, it is agnostic to the processor and any software that is running on the device and avoids any latency in boot time or run time. Of course, today’s devices require updates. By protecting the memory, we create a secure channel between the device’s memory all the way to the cloud that neither the network nor the software and processor within the device can breach, thereby extending the trust beyond cloud-to-processor to cloud-to-memory.
--- Date: 26.02.2019 Time: 14:30 - 15:00 Location: Conference Counter NCC Ost