Verified Value Chains, Innovation and Competition

2023 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2023-07-31 DOI:10.1109/CSR57506.2023.10224911

A. Weber, S. Guilley, René Rathfelder, Marc Stöttinger, Christoph Lüth, Maja Malenko, Torsten Grawunder, S. Reith, A. Puccetti, Jean-Pierre Seifert, N. Herfurth, Hagen Sankowski, G. Heiser

{"title":"Verified Value Chains, Innovation and Competition","authors":"A. Weber, S. Guilley, René Rathfelder, Marc Stöttinger, Christoph Lüth, Maja Malenko, Torsten Grawunder, S. Reith, A. Puccetti, Jean-Pierre Seifert, N. Herfurth, Hagen Sankowski, G. Heiser","doi":"10.1109/CSR57506.2023.10224911","DOIUrl":null,"url":null,"abstract":"The paper addresses three issues: The first one is vulnerabilities in IT systems, the second is significant market power in hardware production, and the third is sovereignty of nations and manufacturers regarding their IT input. The paper reviews some recent developments towards open verifiable components, such as for open processors, hardware security modules, operating systems, and semiconductor production systems. These developments provide opportunities for new products. Even manufacturers in non-leading countries might be empowered to produce hard-to-attack products. Currently pending IT security regulation will not achieve such a level of security by itself. Open and better verified, ultimately provably secure components will foster more sovereignty. Technical limits and costs of the approaches are discussed. It is concluded that fighting vulnerabilities and providing space for new products and jobs justify further privately and publicly supported research.","PeriodicalId":354918,"journal":{"name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSR57506.2023.10224911","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

The paper addresses three issues: The first one is vulnerabilities in IT systems, the second is significant market power in hardware production, and the third is sovereignty of nations and manufacturers regarding their IT input. The paper reviews some recent developments towards open verifiable components, such as for open processors, hardware security modules, operating systems, and semiconductor production systems. These developments provide opportunities for new products. Even manufacturers in non-leading countries might be empowered to produce hard-to-attack products. Currently pending IT security regulation will not achieve such a level of security by itself. Open and better verified, ultimately provably secure components will foster more sovereignty. Technical limits and costs of the approaches are discussed. It is concluded that fighting vulnerabilities and providing space for new products and jobs justify further privately and publicly supported research.

查看原文本刊更多论文

验证价值链、创新和竞争

本文解决了三个问题:第一个是IT系统的脆弱性，第二个是硬件生产中的重要市场力量，第三个是国家和制造商对其IT投入的主权。本文回顾了开放可验证组件的一些最新发展，例如开放处理器、硬件安全模块、操作系统和半导体生产系统。这些发展为新产品提供了机会。即使是非领先国家的制造商也可能被授权生产难以攻击的产品。目前悬而未决的IT安全法规本身无法达到这样的安全水平。开放的、经过更好验证的、最终可证明安全的组件将促进更多的主权。讨论了这些方法的技术限制和成本。结论是，对抗脆弱性和为新产品和就业提供空间证明了进一步的私人和公共支持研究是合理的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2023 IEEE International Conference on Cyber Security and Resilience (CSR)

自引率

0.00%

发文量