Hardware - A Double-Edged Sword for Security

Explore the dual nature of hardware in cybersecurity through this 20-minute conference talk from USENIX Enigma 2021. Delve into how hardware serves as both a trust anchor and a potential vulnerability in systems ranging from IoT devices to datacenter infrastructure. Gain insights into system-level threats addressed by hardware architectures, and examine real-world examples where performance-enhancing features inadvertently create security risks. Understand the challenges faced by chip vendors and system designers in detecting and preventing hardware vulnerabilities, and learn about promising methodologies and solutions in this field. Discover the complexities of hardware security, including the need for alignment across multiple stakeholders, the importance of secure configurations, and the impact of features like dynamic voltage scaling and speculative execution on system security.

Tortuga Logic
Hardware Essential to Consider in the context of Security
Hardware as a Trust Anchor
Security Analysis Must Consider Entire System • Vulnerabilities hide in design complexity and interactions between different system components
Example: Flawed Root of Trust Design
Hardware is Highly Configurable
Example: Default Hardware Configuration is Insecure
Example: Secure Debug Configuration Inconvenient
Security Requires Alignment Across Many Stakeholders
Example: Dynamic Voltage and Frequency Scaling
Example: Speculative and Out-of-Order Execution
Industry-Wide Hardware Security Initiatives . Challenge: Security requires alignment between stakeholders in the hardware ecosystem which span multiple companies and countries
Hardware Security Development Lifecycle (HSDL)
Hardware Information Flow Analysis (IFA) • Challenge: Security specification and verification requires time and resources . Using tools where information flow is a first-class concept streamlines both the specification and verification of confidentiality and integrity requirements
Requirements for Secure Hardware
Hardware is a Double-Edged Sword We All Wield Together • IP Providers and SoC Vendors