Computer System Protection through Hardware-Software Collaboration
發布時間:2017-05-11 09:18:13




Our society is dependent on increasingly complex, networked computer systems that are the target of unrelenting sieges against their resources, infrastructure, and operability. While the reasons for such attacks may be tied to complex sociological issues, which can be either political or economic, the cause of our inadequate defense solutions lies in the single-layered approach and the lack of hardware support when addressing computer systems security. More specifically, security approaches employed at the OS and the virtual machine (VM) layers, do not cooperate with the hardware, nor do they communicate information to dynamically adapt to future incursions. Similarly, hardware security approaches rarely leverage system level context, and work independently from what is being accomplished at the software layer.

This presentation will first outline the shortages of current security approaches. A case study will then be presented on Google Nest Learning Thermostat revealing security vulnerabilities on modern smart devices due to the lack of system level protection. To overcome this problem, a new security assurance framework will be introduced, named Security in Silicon. Under the new approach, hardware infrastructure will be enhanced to support both hardware level trust evaluation and software level security validation. As one example of Security in Silicon methodology, a new software-hardware collaborative, cross-boundary architecture will be introduced for on-line trustworthiness assessment in computer systems.


Yier Jin is currently an assistant professor in the EECS Department at the University of Central Florida. He received his PhD degree in Electrical Engineering in 2012 from Yale University after he got the B.S. and M.S. degrees in Electrical Engineering from Zhejiang University, China, in 2005 and 2007, respectively. His research focuses on the areas of trusted embedded systems, trusted hardware intellectual property (IP) cores and hardware-software co-protection on computer systems. He proposed various approaches in the area of hardware security, including the first hardware Trojan detection methodology relying on local side-channel information, the first post-deployment hardware trust assessment framework, and the first proof-carrying hardware IP protection scheme. He is also interested in the security analysis on Internet of Things (IoT) and wearable devices with particular emphasis on information integrity and privacy protection in the IoT era.