Trusted Mobile Keyboard Controller Architecture
|
|
- Aldous Short
- 5 years ago
- Views:
Transcription
1 Trusted Mobile Keyboard Controller Architecture Sundeep Bajikar Security Architect Mobile Platforms Group Intel Corporation September 17,
2 Safer Computing Track Fall IDF Tuesday Wednesday Thursday LT Overview SCMS-16 TCG & TPM v1.2 SCMS-17 LT Architecture SCMS-18 Tech Showcase Every Day Birds of a Feather Lunches Tuesday & Wednesday Privacy Method for Assuring Trust SCMS-19 Opt-In Strategy SCMS-156 Trusted Mobile KB Controller MOB-147 / SCMS-24 Software for LT SCMS-20 Fundamentals for NGSCB SCMS-21 Migrating Apps to NGSCB SCMS-22 2 TPM Recovery SCMS-25 TCG Credentials SCMS-157 TPM Mfg & Testing SCMS-180 = Overview = Medium Technical = Highly Technical
3 TMKBC in Mobile LT Platform Architecture New instructions: - Isolate Open and Protected partitions - Control S/W access to protected memory Protected path between graphics and Protected Partition Trusted Graphics USB CPU MCH ICH RAM Protected Memory Pages (1 of n) Memory protection: Blocks DMA device access to protected memory pages Fixed token: Stores/protects credentials Crypto engine HW RNG Monotonic counters Protected path between external keyboard & mouse and Protected Partition LPC TMKBC TPM Trusted Mobile KBC: Trusted channel to integrated mobile keyboard & pointing devices LT LT architecture details details provided in in the the Safer Safer Computing Track Track 3
4 Agenda! Mobile trusted input requirements! Trusted Mobile Keyboard Controller (TMKBC) architecture! TMKBC implementation examples! Design Considerations 4
5 Mobile Trusted Input Requirements! Protect end-user input from malicious S/W Snooping, modification, false insertion! Provide non-repudiation for transactions! Protect input from standard devices Notebook integrated key matrix Notebook pointing devices External USB keyboard and pointing devices! Protection from physical hardware attack is outside the scope LT LT requires trusted input from user 5
6 TMKBC Key Functions CPU! Protects input from: Notebook s integrated key matrix Integrated Pointing Devices (IPD)! Architecture specifies Behavioral requirements Trusted Channel TMKBC architecture specification available from Intel Intel Display External Keyboard Chipset IPD Protected Partition TMKBC Trusted Channel Key Matrix Scan Memory LPC Special Cycles TPM 6 Legend : New Standard
7 TMKBC Behavioral Architecture! Trusted Channel multiplexed on LPC! Protected and Standard functions are separated! Entry & exit of New Mode controlled by bit in New Register space TMKBC adds trusted input handling 7 60/64h 62/66h Other Functions External PS/2 Ports Legend : LPC PS/2 IPD IPD New Trusted Channel Switch LPC Special Cycles New Registers USB HID formatting Key Matrix Scan Key Matrix Standard Fn
8 TMKBC Trusted Channel! New registers are mapped to LT protected region! New LPC special cycles similar to standard I/O Read and I/O Write Only protected system software running in protected partition on main CPU can initiate these cycles! TMKBC New Registers accessible only via new LPC special cycles! Enable bit for New Mode mapped to New Register 8
9 TMKBC Trusted Channel: Register Overview! Status registers! Data registers! Capabilities registers! Control registers! ID registers 9
10 TMKBC Trusted Channel: Logical Devices LPC! TMKBC supports up to 15 logical devices! Expected devices: Keyboard, Mouse Touch pad, Hot Keys GPIO based events e.g. Lid Switch! USB-like Report Descriptor used to describe each logical device 60/64h Other Functions PS/2 Ports 62/66h GPIO (Lid) Trusted Channel Switch Hot Keys New Registers USB HID formatting PS/2 IPD Key Matrix Scan IPD Key Matrix 10 Legend : New Standard
11 TMKBC Trusted Channel Data and Event Reporting! Data and status registers mapped to New Register space! Each logical device reports data using standard 8-byte USB HID packets Status register indicates logical device! Data to/from TMKBC goes via FIFO FIFO must accommodate full USB HID packet Reduces overhead on CPU! Events reported using existing edgetriggered interrupts 11
12 TMKBC Trusted Channel Entering New Mode! Protected Software reads Report Descriptors and Capabilities Registers! Protected Software performs several verification checks! Protected Software enables New Mode Causes TMKBC to enter New Mode of operation! Legacy ports are still available for legacy functions E.g. GPIO, power management, etc. 12
13 TMKBC Implementations! TMKBC specification does not require any specific internal architecture! At least three viable implementations Single microcontroller Single microcontroller with Trusted Mode Dual microcontroller! Several TMKBC vendors have products under development TMKBC implementation is is flexible 13
14 Single Microcontroller! Add Trusted Channel and New Registers! Challenges: Entire code base needs certification Any code update needs re-certification 60/64h Microcontroller Core External PS/2 Ports 62/66h PS/2 IPD Trusted Channel New Registers RAM ROM Key Matrix Scan High cost cost of of certification 14
15 Single Microcontroller with Trust Mode! Microcontroller has trusted operating mode Regions of ROM and RAM only accessed by trusted code! Split firmware Trusted code only does key matrix scan and IPD handling 60/64h Microcontroller Core External PS/2 Ports 62/66h PS/2 IPD Trusted Channel New Registers RAM ROM Key Matrix Scan Only trusted firmware certified 15
16 Dual Microcontroller 60/64h 62/66h Trusted Channel New Registers Microcontroller Core RAM ROM Microcontroller Core RAM ROM External PS/2 Ports GPIO PM PS/2 IPD Key Matrix Scan Communication link Only one one Microcontroller involved with with Trusted Input 16
17 TMKBC Design Considerations Boundary Cases! TMKBC resets and reverts to standard mode on a platform reset or power failure TMKBC must not preserve any secrets, such as prior keystrokes or IPD data! Protected environment taken down before sleep state entry TMKBC switched back to standard mode by Protected Software 17
18 TMKBC Design Considerations - Hot Keys! TMKBC can internally report Hot Keys from New side to Standard side! OS-Visible Hot Keys can be reported through Trusted Channel! Requirements Hot Keys are reported ONLY if Fn key is pressed Fn key cannot be remapped using translation table 18 CPU SMI 60/64h 62/66h Other Functions Proprietary Hot Key TMKBC Protected Software OS Hot Key Trusted Channel Protected Functions Fn
19 TMKBC Design Considerations Error Handling! TMKBC reports keystroke or IPD errors as part of the standard USB HID packets This is already defined in the USB specification! Self-Test and other errors reported through Extended Status Register! For system lockup, TMKBC remains in New Mode until it receives a system hardware reset 19
20 TMKBC Design Considerations Other! External keyboards and mice are supported via USB Internal PS/2 devices are supported! Protected code on TMKBC can be field updated Use Signed and/or encrypted update mechanism Firmware update mechanisms are beyond the scope of the TMKBC spec Implement TMKBC architecture based on on design considerations identified 20
21 Status! TMKBC Specification V0.8 available under NDA and license TMKBC V0.8 Specification reviews completed Contact your local Intel representative to get access to the specification! TMKBC V0.9 Specification planned for end of Q4 2003! TMKBC V1.0 Specification planned for end of Q2 2004! TMKBC products in development 21
22 Summary! LT requires trusted input from user! TMKBC architecture specification available from Intel! TMKBC specification allows for various implementations & vendor optimizations! Implement TMKBC architecture based on design considerations identified 22
23 Next Steps! OEMs: Prepare plan for LT platform design Work with KBC vendors to set design goals and understand architecture issues! KBC Vendors: Design TMKBC based on the guidelines & specifications available from Intel! ISVs: Evaluate product offerings in the LT timeframe to understand how they can benefit from LT features! OSVs: Provide support for TMKBC based on the hardware specification provided by Intel 23
24 Thank you for attending. Please fill out the Session Evaluation Form. 24
25 Acronyms! LT = LaGrande Technology! KBC = Keyboard Controller! TMKBC = Trusted Mobile KBC! IPD = Internal Pointing Device! LPC = Low Pin Count bus! USB = Universal Serial Bus! HID = Human Input Device! TPM = Trusted Platform Module! OS = Operating System! I/O = Input / Output! FIFO = First In First Out buffer 25
Intel s s Security Vision for Xen
Intel s s Security Vision for Xen Carlos Rozas Intel Corporation Xen Summit April 7-8, 7 2005 INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. EXCEPT AS PROVIDED IN INTEL'S TERMS
More informationDesigning Interoperability into IA-64 Systems: DIG64 Guidelines
Designing Interoperability into IA-64 Systems: DIG64 Guidelines Michael Demshki - Intel, DIG64 Chair Melvin Benedict - Compaq, Hardware Architect Dong Wei - Hewlett-Packard, Platform Architect Tomm Aldridge
More informationLecture Secure, Trusted and Trustworthy Computing Trusted Platform Module
1 Lecture Secure, Trusted and Trustworthy Computing Trusted Platform Module Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt Germany Winter Term 2016/17 Roadmap: TPM
More informationLecture Secure, Trusted and Trustworthy Computing Trusted Platform Module
1 Lecture Secure, Trusted and Trustworthy Computing Trusted Platform Module Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt Germany Winter Term 2017/18 Roadmap: TPM
More informationSeagate Secure TCG Enterprise SSC Pulsar.2 Self-Encrypting Drive FIPS 140 Module Security Policy
Seagate Secure TCG Enterprise SSC Pulsar.2 Self-Encrypting Drive FIPS 140 Module Security Policy Security Level 2 Rev. 0.9 November 12, 2012 Seagate Technology, LLC Page 1 Table of Contents 1 Introduction...
More informationVirtual Machine Virtual Machine Types System Virtual Machine: virtualize a machine Container: virtualize an OS Program Virtual Machine: virtualize a process Language Virtual Machine: virtualize a language
More informationLecture Embedded System Security Trusted Platform Module
1 Lecture Embedded System Security Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt (CASED) Germany Summer Term 2015 Roadmap: TPM Introduction to TPM TPM architecture
More informationTerra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides taken from Jason Franklin s 712 lecture, Fall 2006)
Terra: A Virtual Machine-Based Platform for Trusted Computing by Garfinkel et al. (Some slides taken from Jason Franklin s 712 lecture, Fall 2006) Trusted Computing Hardware What can you do if you have
More informationAtmel Trusted Platform Module June, 2014
Atmel Trusted Platform Module June, 2014 1 2014 Atmel Corporation What is a TPM? The TPM is a hardware-based secret key generation and storage device providing a secure vault for any embedded system Four
More informationPast, Present, and Future Justin Johnson Senior Principal Firmware Engineer
Dell Firmware Security Past, Present, and Future Justin Johnson Senior Principal Firmware Engineer justin.johnson1@dell.com Dell Security 2 What does BIOS do? Configure and Test System Memory Configure
More informationIntel and Symantec: Improving performance, security, manageability and data protection
Intel and Symantec: Improving performance, security, manageability and data protection Terry Cutler Enterprise Solution Architect Omid Meshkin Strategic Business Development 1 Session Objectives By the
More informationCertifying Program Execution with Secure Processors. Benjie Chen Robert Morris Laboratory for Computer Science Massachusetts Institute of Technology
Certifying Program Execution with Secure Processors Benjie Chen Robert Morris Laboratory for Computer Science Massachusetts Institute of Technology Motivation All PCs may soon include trusted computing
More informationRISCV with Sanctum Enclaves. Victor Costan, Ilia Lebedev, Srini Devadas
RISCV with Sanctum Enclaves Victor Costan, Ilia Lebedev, Srini Devadas Today, privilege implies trust (1/3) If computing remotely, what is the TCB? Priviledge CPU HW Hypervisor trusted computing base OS
More informationDesigning Security & Trust into Connected Devices
Designing Security & Trust into Connected Devices Eric Wang Senior Technical Marketing Manager Shenzhen / ARM Tech Forum / The Ritz-Carlton June 14, 2016 Agenda Introduction Security Foundations on Cortex-A
More informationDolphin Board. FIPS Level 3 Validation. Security Policy. Version a - Dolphin_SecPolicy_000193_v1_3.doc Page 1 of 19 Version 1.
Dolphin Board FIPS 140-2 Level 3 Validation Security Policy Version 1.3 14a - Dolphin_SecPolicy_000193_v1_3.doc Page 1 of 19 Version 1.3 Table of Contents 1 INTRODUCTION...3 1.1 PURPOSE...3 1.2 REFERENCES...3
More informationDesigning Security & Trust into Connected Devices
Designing Security & Trust into Connected Devices Eric Wang Sr. Technical Marketing Manager Tech Symposia China 2015 November 2015 Agenda Introduction Security Foundations on ARM Cortex -M Security Foundations
More informationCLASS AGENDA. 9:00 9:15 a.m. 9:15 10:00 a.m. 10:00 12:00 p.m. 12:00 1:00 p.m. 1:00 3:00 p.m. 3:00 5:00 p.m.
CLASS AGENDA INTEL SGX OVERVIEW... DEVELOPER TOOLKIT... DEVELOPING FOR INTEL SGX... BREAK FOR LUNCH... PROVISIONING SECRETS... DATA SEALING...... 9:00 9:15 a.m. 9:15 10:00 a.m. 10:00 12:00 p.m. 12:00 1:00
More informationIntel Virtualization Technology Roadmap and VT-d Support in Xen
Intel Virtualization Technology Roadmap and VT-d Support in Xen Jun Nakajima Intel Open Source Technology Center Legal Disclaimer INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS.
More informationFirmware Implementation Techniques to Achieve Windows 8 Fast Boot
presented by Firmware Implementation Techniques to Achieve Windows 8 Fast Boot UEFI Summer Summit July 16-20, 2012 Presented by Jeff Bobzin Insyde Software Updated 2011-06-01 UEFI Summer Summit July 2012
More informationTrustzone Security IP for IoT
Trustzone Security IP for IoT Udi Maor CryptoCell-7xx product manager Systems & Software Group ARM Tech Forum Singapore July 12 th 2017 Why is getting security right for IoT so important? When our everyday
More informationIntroduction to USB/LPC23xx
Introduction to USB/LPC23xx Amitkumar (Amit) Bhojraj Business Line Standard IC s Product Line Microcontrollers October 2007 Introduction to USB Agenda LPC23xx Block diagram MCB2300 demo 2 Introduction
More informationFundamentals of HW-based Security
Fundamentals of HW-based Security Udi Maor CryptoCell-7xx Product Manager Systems and SW Group ARM Tech Forum 2016 - Korea Jun. 28, 2016 What is system security design? Every system design will require
More informationTPM v.s. Embedded Board. James Y
TPM v.s. Embedded Board James Y What Is A Trusted Platform Module? (TPM 1.2) TPM 1.2 on the Enano-8523 that: How Safe is your INFORMATION? Protects secrets from attackers Performs cryptographic functions
More informationSpecifications for the Gateway 400SD4 Notebook
Specifications for the Gateway 400SD4 Notebook Specifications are subject to change without notice or obligation. Processor and Core Logic Processor options One Intel Celeron CPU -OR- One Intel Pentium
More informationNGSCB The Next-Generation Secure Computing Base. Ellen Cram Lead Program Manager Windows Security Microsoft Corporation
NGSCB The Next-Generation Secure Computing Base Ellen Cram Lead Program Manager Windows Security Microsoft Corporation ellencr@microsoft.com Agenda NGSCB Features Writing NGSCB Agents NGSCB development
More informationBeyond TrustZone PSA Reed Hinkel Senior Manager Embedded Security Market Development
Beyond TrustZone PSA Reed Hinkel Senior Manager Embedded Security Market Development Part1 - PSA Tech Seminars 2017 Agenda Platform Security Architecture Architecture overview Trusted Firmware-M IoT Threat
More informationIntroduction CHAPTER 1
CHAPTER 1 Introduction The ACTI-777 all-in-one single board computer is designed to fit a high performance Pentium-III FC-PGA based CPU and compatible for high-end computer system application with PCI/ISA
More informationEmbedded System Security Mobile Hardware Platform Security
1 Embedded System Security Mobile Hardware Platform Security Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt Germany Summer Term 2017 Acknowledgement This slide set
More informationI/O virtualization. Jiang, Yunhong Yang, Xiaowei Software and Service Group 2009 虚拟化技术全国高校师资研讨班
I/O virtualization Jiang, Yunhong Yang, Xiaowei 1 Legal Disclaimer INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE,
More informationEmbedded System Security Mobile Hardware Platform Security
1 Embedded System Security Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt Germany Summer Term 2016 Acknowledgement This slide set is based on slides provided by
More informationBIOS Parameters by Server Model
BIOS Parameters by Server Model This appendix contains the following sections: C22 and C24 Servers, page 1 C200 and C210 Servers, page 16 C220 and C240 Servers, page 29 C250 Servers, page 44 C260 Servers,
More informationTRUSTED SUPPLY CHAIN & REMOTE PROVISIONING WITH THE TRUSTED PLATFORM MODULE
SESSION ID: TECH-F03 TRUSTED SUPPLY CHAIN & REMOTE PROVISIONING WITH THE TRUSTED PLATFORM MODULE Tom Dodson Supply Chain Security Architect Intel Corporation/Business Client Products Monty Wiseman Security
More informationHow I Learned to Stop Worrying and Love the Internet of Things
SESSION ID: SSC-W07 How I Learned to Stop Worrying and Love the Internet of Things Steven Sprague CEO Rivetz Corp @skswave The Big Shift Known Networks Ports Firewalls Packets SSL Known Devices Identity
More informationEXTERNALLY VERIFIABLE CODE EXECUTION
By ARVIND SESHADRI, MARK LUK, ADRIAN PERRIG, LEENDERT VAN DOORN, and PRADEEP KHOSLA EXTERNALLY VERIFIABLE CODE EXECUTION Using hardware- and software-based techniques to realize a primitive Cfor externally
More informationPreBoot Provisioning Solutions with UEFI
presented by PreBoot Provisioning Solutions with UEFI UEFI Spring Plugfest May 18-22, 2015 Presented by Zachary Bobroff (AMI) Updated 2011-06-01 UEFI Plugfest May 2015 www.uefi.org 1 Agenda Introduction
More informationBeyond TrustZone Security Enclaves Reed Hinkel Senior Manager Embedded Security Market Develop
Beyond TrustZone Security Enclaves Reed Hinkel Senior Manager Embedded Security Market Develop Part2 Security Enclaves Tech Seminars 2017 Agenda New security technology for IoT Security Enclaves CryptoIsland
More informationComparison on BIOS between UEFI and Legacy
Comparison on BIOS between UEFI and Legacy Abstract The BIOS (Basic Input/Output System) connects the hardware with the system software. The system BIOS is between the system hardware and the system software,
More informationConnecting Securely to the Cloud
Connecting Securely to the Cloud Security Primer Presented by Enrico Gregoratto Andrew Marsh Agenda 2 Presentation Speaker Trusting The Connection Transport Layer Security Connecting to the Cloud Enrico
More informationHP Sure Start Gen3. Table of contents. Available on HP Elite products equipped with 7th generation Intel Core TM processors September 2017
Technical white paper Gen3 7th generation Intel Core TM processors September 2017 Table of contents 1 Gen3... 2 1.1 Background... 2 1.2 Gen3 overview... 2 1.3 Runtime Intrusion Detection (RTID)... 2 1.3.1
More informationHow to protect Automotive systems with ARM Security Architecture
How to protect Automotive systems with ARM Security Architecture Thanks to this app You can manoeuvre The new Forpel Using your smartphone! Too bad it s Not my car Successful products will be attacked
More informationSGX Security Background. Masab Ahmad Department of Electrical and Computer Engineering University of Connecticut
SGX Security Background Masab Ahmad masab.ahmad@uconn.edu Department of Electrical and Computer Engineering University of Connecticut 1 Security Background Outline Cryptographic Primitives Cryptographic
More informationThe ROBO-8710VLA package should cover the following basic items
The ROBO-8710VLA all-in-one full size single board computer is designed to fit high performance and scalable Intel Pentium 4/Celeron processors and compatible for high-end industrial computer system with
More informationBIOS Update Release Notes
BIOS Update Release Notes PRODUCTS: D946GZIS, D946GZTS (Standard BIOS) BIOS Version 0087 November 11, 2007 TS94610J.86A.0087.2007.1111.0015 VBIOS info: Build Number: 1518 PC 14.27 07/06/2007 17:11:20 PXE
More informationAT90SO72 Summary Datasheet
AT90SO Summary Datasheet Features General High-performance, Low-power -/-bit Enhanced RISC Architecture Microcontroller - Powerful Instructions (Most Executed in a Single Clock Cycle) Low Power Idle and
More informationTrusted Platform Modules Automotive applications and differentiation from HSM
Trusted Platform Modules Automotive applications and differentiation from HSM Cyber Security Symposium 2017, Stuttgart Martin Brunner, Infineon Technologies Axiom: Whatever is connected can (and will)
More informationPower Management as I knew it. Jim Kardach
Power Management as I knew it Jim Kardach 1 Agenda Philosophy of power management PM Timeline Era of OS Specific PM (OSSPM) Era of OS independent PM (OSIPM) Era of OS Assisted PM (APM) Era of OS & hardware
More informationIntel Active Management Technology Platform Details. Jon Downey Applications Engineering Manager
Intel Active Management Technology Platform Details Jon Downey Applications Engineering Manager Objectives This course is intended to meet the following objectives: 1. Provide an overview of the manageability
More informationBIOS Update Release Notes
BIOS Update Release Notes PRODUCTS: NUC5i3MYBE, NUC5i3MYHE (Standard BIOS) BIOS Version 0052 - MYBDWi30.86A.0052.2018.1106.1151 Date: November 6, 2018 Fixed issue where system hangs during POST when Western
More informationDepartment of Computer Science Institute for System Architecture, Operating Systems Group TRUSTED COMPUTING CARSTEN WEINHOLD
Department of Computer Science Institute for System Architecture, Operating Systems Group TRUSTED COMPUTING CARSTEN WEINHOLD THIS LECTURE... Today: Technology Lecture discusses basics in context of TPMs
More informationProvisioning secure Identity for Microcontroller based IoT Devices
Provisioning secure Identity for Microcontroller based IoT Devices Mark Schaeffer, Sr. Product Marketing Manager, Security Solutions Synergy IoT Platform Business Division, Renesas Electronics, Inc. May
More informationSeagate Secure TCG Enterprise SSC Self-Encrypting Drives FIPS 140 Module Security Policy
Seagate Secure TCG Enterprise SSC Self-Encrypting Drives FIPS 140 Module Security Policy Security Level 2 Rev. 0.7 July 02, 2012 Seagate Technology, LLC Page 1 Table of Contents 1 Introduction... 3 1.1
More informationNovel Hardware-based Attacks. Jason Zheng Aditya Joshi
Novel Hardware-based Attacks Jason Zheng Aditya Joshi Introduction Direct hardware hacking is as old as the trade of hacking Common Characteristics: Physical access (at least within transmission range
More informationb. Typical values, independent of external clock frequency and supply voltage. a. TCG website:
Trusted Platform Module (TPM) Data brief Features Single-chip Trusted Platform Module (TPM) Embedded TPM 1.2 firmware 33-MHz Low Pin Count (LPC) interface V1.1 Compliant with TCG PC client specific TPM
More informationIntel Corporation. About This Release MV85010A.86A.0069.P PXE 2.1 [Intel Boot Agent Version ] for ICH2 LAN Controller
Intel Corporation DATE: April 21, 2003 SUBJECT: MV850.10A.86A Production BIOS P25-0069 About This Release MV85010A.86A.0069.P25.0304170949 PXE 2.1 [Intel Boot Agent Version 4.1.09] for ICH2 LAN Controller
More informationResilient IoT Security: The end of flat security models
Resilient IoT Security: The end of flat security models Xiao Sun Senior Application Engineer ARM Tech Symposia China 2015 November 2015 Evolution from M2M to IoT M2M Silos of Things Standards Security
More informationDate: 13 June Location: Sophia Antipolis. Integrating the SIM. Dr. Adrian Escott. Qualcomm Technologies, Inc.
Date: 13 June 2018 @qualcomm Location: Sophia Antipolis Integrating the SIM Dr. Adrian Escott Qualcomm Technologies, Inc. Agenda 1 2 3 4 5 6 Path to isim isim Size benefit Hardware Architecture Certification
More informationArchitectural Support for A More Secure Operating System
Architectural Support for A More Secure Operating System Edward L. Bosworth, Ph.D. TSYS Department of Computer Science Columbus State University Columbus, GA A Few Comments The term Secure Operating System
More informationDesigning Security & Trust into Connected Devices
Designing Security & Trust into Connected Devices Rob Coombs Security Marketing Director TechCon 11/10/15 Agenda Introduction Security Foundations on Cortex-M Security Foundations on Cortex-A Use cases
More informationAn Introduction to Platform Security
presented by An Introduction to Platform Security Spring 2018 UEFI Seminar and Plugfest March 26-30, 2018 Presented by Brent Holtsclaw and John Loucaides (Intel) Legal Notice No computer system can be
More informationSystems View -- Current. Trustworthy Computing. TC Advantages. Systems View -- Target. Bootstrapping a typical PC. Boot Guarantees
Trustworthy Computing s View -- Current Trent Jaeger February 18, 2004 Process 1 Web server Process 2 Mail server Process 3 Java VM Operating Hardware (CPU, MMU, I/O devices) s View -- Target TC Advantages
More informationUniversal CPE. OCP Telco Engineering Workshop AT&T Labs. John Gibbons Tom Anschutz. Workshop sponsored by:
Universal CPE OCP Telco Engineering Workshop 05.15.2017 AT&T Labs John Gibbons Tom Anschutz Workshop sponsored by: Network Function Virtualization for Customer Premise Locations Traditional Network Appliance
More informationIntroduction to ARM LPC2148 Microcontroller
Introduction to ARM LPC2148 Microcontroller Dr.R.Sundaramurthy Department of EIE Pondicherry Engineering College Features of LPC2148 in a Nut Shell CPU = ARM 7 Core Word Length = 32 Bit ROM = 512 KB RAM
More informationIntel, OpenStack, & Trust in the Open Cloud. Intel Introduction
Intel, OpenStack, & Trust in the Open Cloud Intel Introduction 1 Intel enables OpenStack Cloud Deployments 2 Intel Contributions to OpenStack Telemetry (Ceilometer) Object Store (Swift) Erasure Code Metrics
More informationTrusted Execution Environments (TEE) and the Open Trust Protocol (OTrP) Hannes Tschofenig and Mingliang Pei 16 th July IETF 99 th, Prague
Trusted Execution Environments (TEE) and the Open Trust Protocol (OTrP) Hannes Tschofenig and Mingliang Pei 16 th July 2017 -- IETF 99 th, Prague 2 What do we mean by security? Communication Security Aims
More informationPutting It (almost) all Together: ios Security. Konstantin Beznosov
Putting It (almost) all Together: ios Security Konstantin Beznosov BSD based OS Chain of trust during boot Secure Enclave Effaceable Storage (Secure deletion) Touch Id (Usable authentication) Per file
More informationA Developer's Guide to Security on Cortex-M based MCUs
A Developer's Guide to Security on Cortex-M based MCUs 2018 Arm Limited Nazir S Arm Tech Symposia India Agenda Why do we need security? Types of attacks and security assessments Introduction to TrustZone
More informationLecture Embedded System Security Introduction to Trusted Computing
1 Lecture Embedded System Security Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt (CASED) Summer Term 2012 Roadmap: Trusted Computing Motivation Notion of trust
More informationSeagate Momentus Thin Self-Encrypting Drives TCG Opal FIPS 140 Module Security Policy
Seagate Momentus Thin Self-Encrypting Drives TCG Opal FIPS 140 Module Security Policy Security Level 2 Rev. 0.9 Aug 30, 2010 Seagate Technology, LLC Page 1 Table of Contents 1 Introduction... 3 1.1 1.2
More informationADVANCED OPERATING SYSTEMS USB in a microkernel based operating system
ADVANCED OPERATING SYSTEMS 2015 USB in a microkernel based operating system -1- Agenda Microkernels (history and architecture) USB (hardware and protocol specifics) Challenges providing USB in microkernel
More informationLabSim Mapping Matrix
LabSim Mapping Matrix A+ Guide to Hardware Managing, Maintaining, and Troubleshooting Fourth Edition (220-601) Mapping: LabSim to Chapters LabSim Chapter Reference / 1.0 Computing Overview 1.1 Using the
More informationBIOS ENGINEERING. DATE: December 2, 2004 PRODUCT: D875PBZ Standard BIOS. P (P33, build 0123) About This Release:
BIOS ENGINEERING DATE: December 2, 2004 PRODUCT: D875PBZ Standard BIOS P33-0123 (P33, build 0123) December 1, 2004 BZ87510A.86A.0123.P33.0412011950 UNDI 4.1.16 Tanacross UNDI 1.2.26 Fixed intermittent
More informationHardware OS & OS- Application interface
CS 4410 Operating Systems Hardware OS & OS- Application interface Summer 2013 Cornell University 1 Today How my device becomes useful for the user? HW-OS interface Device controller Device driver Interrupts
More informationTrusted Computing As a Solution!
Trusted Computing As a Solution! Brian Berger EVP Marketing & Sales & TCG Director Wave Systems Corp. www.wave.com Trusted Computing Group www.trustedcomputinggroup.org Agenda State of Hardware Security
More informationI/O Systems. Jo, Heeseung
I/O Systems Jo, Heeseung Today's Topics Device characteristics Block device vs. Character device Direct I/O vs. Memory-mapped I/O Polling vs. Interrupts Programmed I/O vs. DMA Blocking vs. Non-blocking
More informationLabSim Mapping Matrix
LabSim Mapping Matrix A+ Guide to Hardware Managing, Maintaining, and Troubleshooting Fourth Edition (220-601) Mapping: Chapters to LabSims Chapter Page Number LabSim Chapter 1 Pages 2-3 Pages 3-6 Pages
More informationGSE/Belux Enterprise Systems Security Meeting
MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. 1 In the news Microsoft Exposes Scope of Botnet Threat By Tony Bradley, October 15, 2010 Microsoft's
More informationKey Threats Melissa (1999), Love Letter (2000) Mainly leveraging social engineering. Key Threats Internet was just growing Mail was on the verge
Key Threats Internet was just growing Mail was on the verge Key Threats Melissa (1999), Love Letter (2000) Mainly leveraging social engineering Key Threats Code Red and Nimda (2001), Blaster (2003), Slammer
More informationSpecification for PCs ANNEXURE-C. Technical specification:- Sl. No. Items Specifications Offered Y/N Deviation if any
Technical specification:- ANNEXURE-C 1 Dot Matrix Printers 2) 24 pin 136 col, 300cps@10 cpi draft mode parallel and USB port.minimum print head life of 200 million character and input buffer 64kb 2 High
More informationMarket Trends and Challenges in Vehicle Security
Market Trends and Challenges in Vehicle Security FTF-AUT-F0080 Richard Soja Automotive MCU Systems Engineer A P R. 2 0 1 4 TM External Use Microcontrollers and Digital Networking Processors A Global Leader
More informationGA-G1975X Post Code Definition
GA-G1975X Post Code Definition AWARD Post Code Definition CFh Test CMOS R/W functionality. C0h Early chipset initialization: -Disable shadow RAM -Disable L2 cache (socket 7 or below) -Program basic chipset
More informationTRUSTED COMPUTING TRUSTED COMPUTING. Overview. Why trusted computing?
Overview TRUSTED COMPUTING Why trusted computing? Intuitive model of trusted computing Hardware versus software Root-of-trust concept Secure boot Trusted Platforms using hardware features Description of
More informationTCG TPM2 Software Stack & Embedded Linux. Philip Tricca
TCG TPM2 Software Stack & Embedded Linux Philip Tricca philip.b.tricca@intel.com Agenda Background Security basics Terms TPM basics What it is / what it does Why this matters / specific features TPM Software
More informationCIS 4360 Secure Computer Systems Secured System Boot
CIS 4360 Secure Computer Systems Secured System Boot Professor Qiang Zeng Spring 2017 Previous Class Attacks against System Boot Bootkit Evil Maid Attack Bios-kit Attacks against RAM DMA Attack Cold Boot
More informationEmbedded BIOS. Features and Board Support Packages congatec AG 1
Embedded BIOS Features and Board Support Packages 2006 congatec AG 1 Our Mission To provide a first class, leading edge, innovative and extremely stable firmware solution for congatec embedded computer
More informationIntegral Memory PLC. Crypto Dual (Underlying Steel Chassis) and Crypto Dual Plus (Underlying Steel Chassis) FIPS Security Policy
Integral Memory PLC. Chassis) and Crypto Dual Plus (Underlying FIPS 140-2 Security Policy Table of Contents 1. INTRODUCTION... 1 1.1 Purpose....1 1.2 References... 1 1.3 Document History... 1 2. PRODUCT
More information#RSAC #RSAC Thing Thing Thing Thing Thing Thing Edge Edge Gateway Gateway Cut costs Create value Find information in data then act Maintain Things Enrol Authorized Users & Things Authentication
More informationBIOS Update Release Notes
BIOS Update Release Notes PRODUCTS: D946GZIS, D946GZTS (Standard BIOS) BIOS Version 0067 January 31, 2007 TS94610J.86A.0067.2007.0130.1308 VBIOS info: Build Number: 1377 PC 14.18 08/11/2006 17:22:22 Fixed
More informationRESOURCE MANAGEMENT MICHAEL ROITZSCH
Department of Computer Science Institute for System Architecture, Operating Systems Group RESOURCE MANAGEMENT MICHAEL ROITZSCH AGENDA done: time, drivers today: misc. resources architectures for resource
More informationIntel Software Guard Extensions
Intel Software Guard Extensions Dr. Matthias Hahn, Intel Deutschland GmbH July 12 th 2017 cryptovision Mindshare, Gelsenkirchen Intel SGX Making Headlines Premium Content requiring Intel SGX on PC Intel
More informationScott Johnson Dominic Rizzo Parthasarathy Ranganathan Jon McCune Richard Ho. Titan: enabling a transparent silicon root of trust for Cloud
Scott Johnson Dominic Rizzo Parthasarathy Ranganathan Jon McCune Richard Ho Titan: enabling a transparent silicon root of trust for Cloud 1 Talk outline 01 02 03 04 05 Motivation and problem statement
More informationTroubleshooting & Repair
Chapter Troubleshooting & Repair 6.1 Introduction This chapter provides the most common problem encountered with the M785 notebook computer and some troubleshooting means. Some of the common problems are:
More informationBIOS. Chapter The McGraw-Hill Companies, Inc. All rights reserved. Mike Meyers CompTIA A+ Guide to Managing and Troubleshooting PCs
BIOS Chapter 8 Overview In this chapter, you will learn how to Explain the function of BIOS Distinguish among various CMOS setup utility options Describe option ROM and device drivers Troubleshoot the
More informationFrequently Asked Question
Appendix A Frequently Asked Question Q: How can I identify the mainboard BIOS version? A: The AOpen mainboard BIOS version appears on the upper-left corner of the POST (Power-On Self Test) screen. Normally,
More informationProduct Technical Brief S3C2412 Rev 2.2, Apr. 2006
Product Technical Brief S3C2412 Rev 2.2, Apr. 2006 Overview SAMSUNG's S3C2412 is a Derivative product of S3C2410A. S3C2412 is designed to provide hand-held devices and general applications with cost-effective,
More informationHP Manageability Integration Kit HP Client Management Solutions
HP Manageability Integration Kit HP Client Management Solutions November 2017 925167-002 Table of contents 1 Overview... 9 2 System requirements... 10 2.1 Supported Microsoft System Center Configuration
More informationTrusted Computing. William A. Arbaugh Department of Computer Science University of Maryland cs.umd.edu
Trusted Computing William A. Arbaugh Department of Computer Science University of Maryland waa @ cs.umd.edu http://www.cs.umd.edu/~waa Getting Started Would you like to know what software is running on
More informationOverview. Wait, which firmware? Threats Update methods request_firmware() hooking Regression testing Future work
http://outflux.net/slides/2014/lss/firmware.pdf Linux Security Summit, Chicago 2014 Kees Cook (pronounced Case ) Overview Wait, which firmware? Threats Update methods request_firmware()
More informationAT90SO36 Summary Datasheet
AT90SO Summary Datasheet Features General High-performance, Low-power -/-bit Enhanced RISC Architecture Microcontroller - Powerful Instructions (Most Executed in a Single Clock Cycle) Low Power Idle and
More informationNew Approaches to Connected Device Security
New Approaches to Connected Device Security Erik Jacobson Architecture Marketing Director Arm Arm Techcon 2017 - If you connect it to the Internet, someone will try to hack it. - If what you put on the
More informationHiddn SafeDisk. Installation Manual. Version April //
Hiddn SafeDisk Installation Manual Version 2.1.5 24. April 2018 1. Introduction This document will explain what is delivered, how units are initialized (loaded with certificates) and some alternatives
More information