{"title":"SHCoT:安全(和验证)混合信任链,以防止轻量级设备中的恶意软件","authors":"Abderrahmane Sensaoui, O. Aktouf, D. Hély","doi":"10.1109/ISSREW.2019.00107","DOIUrl":null,"url":null,"abstract":"Looking at the speed by which the software and the hardware evolve separately, there is no surprise that the interactions of the two may result in issues and appearance of back-doors to bypass the existing security. Lately, the hardware/software co-design gained lots of interest in both academia and industry, and proposed multiple hybrid solutions to enhance software/hardware interactions, security, and safety while guaranteeing good performance. In this paper, we focus on isolation and attestation to enforce the chain of trust in lightweight devices and detect malicious data and software locally and remotely. We present SHCoT, a hardware/software co-design to renew trust in devices. SHCoT is our first attempt to develop a formally verified hybrid solution to enhance existing solutions in the literature. While the work is still in progress, the first results show a partial verification of the security properties of SHCoT and small hardware/software cost.","PeriodicalId":166239,"journal":{"name":"2019 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"211 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"SHCoT: Secure (and Verified) Hybrid Chain of Trust to Protect from Malicious Software in LightWeight Devices\",\"authors\":\"Abderrahmane Sensaoui, O. Aktouf, D. Hély\",\"doi\":\"10.1109/ISSREW.2019.00107\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Looking at the speed by which the software and the hardware evolve separately, there is no surprise that the interactions of the two may result in issues and appearance of back-doors to bypass the existing security. Lately, the hardware/software co-design gained lots of interest in both academia and industry, and proposed multiple hybrid solutions to enhance software/hardware interactions, security, and safety while guaranteeing good performance. In this paper, we focus on isolation and attestation to enforce the chain of trust in lightweight devices and detect malicious data and software locally and remotely. We present SHCoT, a hardware/software co-design to renew trust in devices. SHCoT is our first attempt to develop a formally verified hybrid solution to enhance existing solutions in the literature. While the work is still in progress, the first results show a partial verification of the security properties of SHCoT and small hardware/software cost.\",\"PeriodicalId\":166239,\"journal\":{\"name\":\"2019 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)\",\"volume\":\"211 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ISSREW.2019.00107\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ISSREW.2019.00107","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
SHCoT: Secure (and Verified) Hybrid Chain of Trust to Protect from Malicious Software in LightWeight Devices
Looking at the speed by which the software and the hardware evolve separately, there is no surprise that the interactions of the two may result in issues and appearance of back-doors to bypass the existing security. Lately, the hardware/software co-design gained lots of interest in both academia and industry, and proposed multiple hybrid solutions to enhance software/hardware interactions, security, and safety while guaranteeing good performance. In this paper, we focus on isolation and attestation to enforce the chain of trust in lightweight devices and detect malicious data and software locally and remotely. We present SHCoT, a hardware/software co-design to renew trust in devices. SHCoT is our first attempt to develop a formally verified hybrid solution to enhance existing solutions in the literature. While the work is still in progress, the first results show a partial verification of the security properties of SHCoT and small hardware/software cost.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
