February 25-28, 2019

DoubleTree Hotel, San Jose, CA

MP Associates, Inc.
MONDAY February 25, 3:30pm - 5:00pm | Oak
System-Level Security Verification Starts with the Hardware Root of Trust
Jason Oberg - Tortuga Logic
Jonathan Valamehr - Tortuga Logic
With the seemingly continuous discovery of security vulnerabilities at the hardware/software boundary, a new awareness has been built around hardware as the basis for system security. An emerging trend to reduce the likelihood of vulnerabilities is the utilization of a Hardware Root of Trust (HRoT) as the foundation for a secure system. HRoTs are responsible for many of the security features on a chip including secure boot, secure debug, key provisioning and management, and memory isolation. While employing an HRoT has now become a necessity, HRoTs have a vast amount of components and verifying that a secure system has been built around them is a daunting task. 

Unfortunately, the current manual techniques for HRoT security analysis tend to miss many unobvious system-level security vulnerabilities. A major reason for the unsuccessful identification of security vulnerabilities is the lack of sophisticated tools that specifically target security verification. Without these, engineers are left to manually review state diagrams, manually review design files, and postulate on design and architecture specifications. This ends up being extremely time-consuming, is not automated and thus susceptible to human error, and consequently leaves systems susceptible to costly vulnerabilities that often can compromise a vendor’s customer data.

In order to properly verify the security of a system built around a HRoT, several challenges need to be addressed. In this workshop, we discuss the state of hardware security in general, then discuss how HRoTs are employed in systems today ranging from the datacenter to the IoT edge. We will also discuss common attacks on HRoT implementations, and the damage that can occur without adequate security verification. We then discuss common hardware security verification techniques, as well as their benefits and drawbacks. Next, we will present the best-in-class techniques and methodologies for verifying the security of a HRoT, and how these techniques can be employed across the entire design and verification lifecycle. Lastly, we will present an example security analysis on a real world HRoT using the discussed techniques. The security analysis will showcase the entire process from threat model specification to tangible results.

Thank you to our Sponsor: