A workshop held in conjunction with the 18th ACM Conference on Computer and Communications Security (ACM CCS 2011).
Built on the continuous success of ACM STC 2006-2010, this workshop focuses on fundamental technologies of trusted and high assurance computing and its applications in large-scale systems with varying degrees of trust. The workshop is intended to serve as a forum for researchers as well as practitioners to disseminate and discuss recent advances and emerging issues.
- Submission due: July 18, 2011 (extended deadline)
- Notification: Aug. 15, 2011
- Final version: Aug. 22, 2011 8:00am EDT (hard deadline)
- Workshop date: Oct. 17, 2011 (MONDAY)
Keynote title: Trusting The Open Latent IC Backdoors
Since the Integrated Circuits (ICs) form the core computing and communication kernels for the personal computing, industries, governments and defense in the modern era, ensuring IC trust -- in the presence of untrusted third-party foundries and unidentified supply chains -- has become a major challenge. The prohibitive cost of manufacturing state-of-the-art ICs in nano-meter scales has made the use of contract foundries and third party Intellectual Property (IP) the dominant microelectronics business practice. The hidden backdoors into the chips are a double-edge sword. On one hand, the clandestine backdoors embedded by the reliable designers or trusted supply chain providers enable tracking or having post-fabrication control of the ICs on the production line and while in-use. On the other hand, the latent backdoors (a.k.a., Trojans) implanted by the untrusted third-party manufacturer or unknown supply chain entities enable the potential external adversaries to control, monitor, or to spy the chip software/data contents and communications.
In this talk, we question the contemporary IC backdoor research model directed by interested organizations, primarily defense and government. The talk then suggests better understanding of the hidden backdoor disclosure models to improve the quality and impact of the IC Trust research.
|Farinaz Koushanfar is an Assistant Professor in the Department of Electrical & Computer Engineering at Rice University, where she is the Director of Texas Instruments (TI) DSP Leadership University Program. Before joining Rice in 2006, she received her Ph.D. in Electrical Engineering and Computer Science and her M.A. in Statistics both from UC Berkeley. Her research focus is in the area of embedded systems. She creates techniques for synthesis and design of embedded systems with an emphasis on customizable, adaptive, lightweight, and secure devices. Her ongoing projects are focused on hardware protection and trust, security of hardware-based and cyber-physical systems, efficient embedded systems design, and emerging technologies and applications. For her contributions, she has received a number of awards and honors including the Presidential Early Career Award for Scientists and Engineers (PECASE) from President Obama, ACM SIGDA Outstanding New Faculty Award, Office of Naval Research (ONR) Young Investigator Program (YIP) Award, Army Research Office (ARO) Young Investigator Program (YIP) Award, National Science Foundation (NSF) CAREER Award, Young Faculty Award from the Defense Advanced Research Projects Agency (DARPA), MIT Technology Review TR-35, Intel Open Collaborative Research (OCR) Fellowship, and a Best Paper Award at Mobicom.|
Keynote title: Chrome OS Verified Boot: Scalable Boot Security for a Consumer Operating System
Verified Boot provides cryptographic assurances that the firmware, operating system kernel, and file system have not been tampered with when a system starts up. This talk will take a technical deep dive into the design and implementation of Chrome OS Verified Boot. We will explore some of the novel features of the implementation - fast boot times in spite of verification, a developer/jail-break mode which provides users with the flexibility to run a different operating system, and rollback protection that prevents verification of old but properly signed vulnerable code. Finally, the talk will discuss some of the unique challenges in implementing and managing verified boot for a consumer operating system.
|Gaurav Shah is a software security engineer at Google and part of the Chrome OS security team. At Google, he works on various design, implementation and operational aspects of Chrome OS security including verified boot, key management and enterprise security. Mr. Shah received a BS in Computer Science from Indian Institute of Technology Roorkee and a PhD in Computer Science from University of Pennsylvania. His doctoral dissertation described and analyzed covert network timing channels that can be created without compromising host or network software. His previous research has spanned various aspects of information hiding, intrusion detection, and e-voting security.|
STC 2010 STC 2009 STC 2008 STC 2007 STC 2006