Prof. Jakub Szefer, Computer Architecture and Security Laboratory, Dept. of Electrical Engineering, Yale University.

The tutorial will be given on January 22nd, 2019 (Tuesday) from 10:00 to 13:00.

The tutorial will be in Room 8, at the Valencia Conference Centre, in Valencia, Spain (as part of HiPEAC conference).

Please provide feedback for the tutorial using a survey that can be found at https://goo.gl/forms/WDn9grXEqXvuT0Ho1

The objective of this tutorial is to present the principles of secure processor architecture design to the audience. At the heart of each computing system there are one or more processors that execute programs and manipulate the data, some of which may be sensitive, such as medical records or trade secrets. As silicon real estate has become more and more abundant, over the years, processor architects have added new dedicated hardware security features to accelerate cryptographic protections, but more importantly, to provide protections for the code and data. The tutorial will overview the so-called “secure processor architectures”, present design patterns that can be gleaned from the existing research works, and will derive the principles that inform design of the secure processor architectures. Adding security features in hardware has certain challenges, and the tutorial will aim to highlight these – and the common solutions. Defining of what has to be secured and how is often a subjective choice based on qualitative arguments, unlike quantitative choices that computer architects are often used to making, so the tutorial will cover common threat models and how they have been addressed. Moreover, once made, the hardware cannot be easily changed necessitating careful design of the security features in the first place – the tutorial will aim to educate the audience about the features that the secure processor architectures should contain.

Information will also be included about features found in Intel SGX, ARM TrustZone and new AMD memory encryption technologies. The tutorial, however, is not meant as a tutorial about specific industry processors, rather, it is a research-focused summary of the basic principles of secure processor architecture design developed by computer architects, including the tutorial presenter, over many years and which now are finally finding their way into commercial products.

The tutorial is based on a book recently published by the presenter. This tutorial will complement the book with new material, while the book gives a more in-depth discussion of the topics covered in the tutorial. It is available for purchase, or many univesities provide free PDF version of the book through their electronic subscriptons.

Jakub Szefer, "Principles of Secure Processor Architecture Design", Morgan & Claypool Publishers, October 2018.

The program of the tutorial is as follows:

10:00 – 10:20 Secure Processor Architectures
10:20 – 10:40 Trusted Execution Environments
10:40 – 11:00 Hardware Roots of Trust
11:00 – 11:10 Break
11:10 – 11:30 Memory Protection
11:30 – 11:40 Multiprocessor and Many-core Protections
11:40 – 11:50 Break
11:50 – 12:30 Side-Channels Threats and Protections including Speculative Execution Threats
12:30 – 13:00 Principles of Secure Processor Architecture Design

Tutorial slides are available here.

This tutorial is an updated version of a tutorial previously presented at HOST 2018.