Faculty Host: Professor Ramesh Karri
One of the long-standing classical problems in systems security is "How to build trustworthy systems from untrustworthy components?" In this talk, I will describe a solution for a variant of this problem: "How to build trustworthy *microprocessors* from untrustworthy components?" Since all software and hardware is under the control of microprocessors, establishing trust in microprocessors is a critical requirement for establishing a trusted computing base. Microprocessor designs, however, are more vulnerable to insider attacks than ever before due to increasing complexity, design team sizes, and use of third party components. In fact, some recent high-profile attacks in the military (see The Hunt for the Kill Switch, Spectrum '08) have been attributed to untrustworthy microprocessors, and hardware trust issues have been a concern for sometime now in several domains including public safety and biomedical equipment.
Insider attacks on hardware is an emerging research area, and my talk will describe a taxonomy of possible attacks on hardware. This taxonomy is complete and covers the entire space of digital hardware attacks. Based on the taxonomy, I will show a range of possible solutions to prevent attacks on microprocessors and I will describe in detail one solution that employs a distributed, dynamic verification engine. One important aspect of our solution is that the dynamic verification mechanisms we use -- called Trustnet and Datawatch -- are highly resilient to attack because the engine is distributed across several on-chip components.
Our evaluation based on the OpenSPARC T1 RTL shows the proposed mechanisms can cover core and on-chip memory system at negligible area cost with no performance impact. Combining Trustnet and Datawatch with prior work on fault detection has the potential to provide complete coverage against a large class of microprocessor attacks. I will conclude the talk with some open research questions in this area.
Simha Sethumadhavan is an Assistant Professor of Computer Sciences at Columbia University. He received his PhD from UT-Austin in 2008. Simha's current research focus in on mitigating two of the big threats to continued computer improvements: security and energy-efficiency.