About The Workshop
This workshop will focus on the open challenges in software systems research related to new hardware security technologies. We will explore new ideas and strategies for how to create abstractions, methodologies, platforms and building blocks that will enable a new generation of trustworthy and secure software systems based on hardware security technologies. Thereby devising new secure applications and system software from scratch as well as extending and securing existing legacy applications will be addressed.
1-4 October, 2023
Prof. Pascal Felber
Dr Marcelo Pasin
Dr Valerio Schiavoni
Université de Neuchâtel, CH
Prof. Peter Pietzuch
Imperial College London, UK
Prof. Christof Fetzer
TU Dresden, DE
Prof. Rüdiger Kapitza
FAU Erlangen-Nürnberg, DE
Dr Raoul Strackx
Fortanix Eindhoven, NL
Focus of the Workshop
Our society relies on software in mobile phones, cloud computing systems, personal computers and critical distributed infrastructure. While the dependency on software has exploded, our ability to make software trustworthy, secure, and dependable has not kept pace. Security vulnerabilities, ransomware, malware, software faults, privacy compromises are regular occurrences.
Over the last decades, important security features such as different privilege levels have been widely deployed. Programming languages have been developed that avoid common low-level security issues. Yet despite these security measures, the world still loses billions of euros per year due to cyber-attacks. As the pandemic has struck, employees were forced to work from home, and an even bigger part of our daily lives takes place in cyberspace. Unfortunately, criminals have adapted as well. Interpol has issued a warning that “cybercriminals are developing and boosting their attacks at an alarming pace, exploiting the fear and uncertainty caused by the unstable social and economic situation created by COVID-19”. Many of these problems originate from placing trust in untrustworthy code bases. Even when applications are developed carefully, they still rely on an operating system (OS) kernel with millions of lines of code that is implemented in a memory unsafe language. A single vulnerability in the OS kernel puts the security of all application code running on top at risk. Given the sheer sizes of modern software stacks, it is unlikely that these code bases can ever be trusted completely.
To rise to this challenge, hardware is evolving, and modern processors include new hardware security features. For example, secure boot support ensures that software is guaranteed a trustworthy environment; trusted execution environments (TEEs) allow the hardware to protect computation from malicious actors; and hardware capability support prevents unauthorized memory accesses by software. These new hardware features pose unprecedented challenges for the software stack, from low-level firmware to hypervisors and OS kernels, middleware, and all the way to applications.
For example, instead of trying to defend the entire system, hardware support for TEEs focuses on protecting sensitive data during computation. TEEs enable the creation of enclaves that contain trustworthy code and data. The OS kernel creates and schedules enclaves, but itself is not trusted. The processor hardware verifies and maintains the integrity of enclaves and ensures that execution can only transition to them via proper entry points. The isolation properties of TEEs allow programmers to reason about the security of their applications without loss of generality. Security vulnerabilities due to programming mistakes will still exist, but attacks can be mitigated using the isolation guarantees of TEEs. These strong security properties make hardware security mechanisms a key measure for trustworthy software.
Various hardware security mechanisms have been proposed in academia and industry, ranging from hardware implementations such as Flicker, Sancus and TyTAN, hardware support for memory capabilities, such as CHERI, to platforms that adopt trustworthy hypervisors such as TrustVisor and Fides. All mainstream hardware manufactures, including Intel, AMD, ARM and IBM, have either already launched hardware security mechanisms or have plans in the pipeline. This workshop will focus on the open challenges in software systems research related to new hardware security technologies. We will explore new ideas and strategies for how to create abstractions, methodologies, platforms and building blocks that will enable a new generation of trustworthy and secure software systems based on hardware security technologies. Thereby devising new secure applications and system software from scratch as well as extending and securing existing legacy applications will be addressed. Our goal is to develop a roadmap that will inspire the systems security research community and industry to build new secure software systems.
- Aritra Dhar (Huawei Research Zurich, Switzerland)
- Benny Fuhry (Intel Labs, Germany)
- Christof Fetzer (TU Dresden, Germany)
- Dominique Devriese (KU Leuven, Belgium)
- Edouard Bugnion (EPF Lausanne, Switzerland)
- Giovanni Mazzeo (Credora, USA & U Naples "Parthenope", Italy)
- Herbert Bos (VU Amsterdam, Netherlands)
- Hugo Vincent (Arm Research Cambridge, UK)
- Mona Vij (Intel Labs, USA)
- Nuno Santos (IST/INESC-ID Lisbon, Portugal)
- Onur Mutlu (ETH Zurich, Switzerland)
- Osman Unsal (Barcelona Supercomputing Center, Spain)
- Patrick Eugster (USI Lugano, Switzerland)
- Peter Pietzuch (Imperial College London, UK)
- Quoc Do Le (Huawei Research Munich, Germany)
- Raoul Strackx (Fortanix Eindhoven, Netherlands)
- Rüdiger Kapitza (FAU Erlangen-Nuremberg, Germany)
- Stuart Biles (AMD Research Cambridge, UK)
- Thanikesavan Sivanthi (ABB Research Baden-Dättwil, Switzerland)
- Wojciech Ozga (IBM Research Zurich, Switzerland)
Subject to change
Arrival of the participants
Introduction by organisers and presentation of participants
Attacks & mitigations
Herbert Bos (VU Amsterdam, Netherlands)
Leaky abstractions and separation of concerns
Onur Mutlu (ETH Zurich, Switzerland)
Securing the memory system: The story of RowHammer
Dominique Devriese (KU Leuven, Belgium)
Formalizing, verifying and applying ISA security guarantees as universal contracts
Wojciech Ozga (IBM Research Zurich, Switzerland)
Formally proven TEE implementation on RISC-V
Peter Pietzuch (Imperial College London, UK)
Trustworthy cloud stacks with hardware memory capabilities using CHERI
Osman Unsal (Barcelona Supercomputing Center, Spain)
Interplay between security and fault tolerance
Quoc Do Le (Huawei Research Munich, Germany)
Towards running legacy applications inside Huawei Qingtian enclaves
Stuart Biles (AMD Research Cambridge, UK)
Perspectives and focus on security from AMD Research and Advanced Development
Hardware technologies (cont'd) — hybrid session
Mona Vij (Intel Labs, USA)
Pervasive confidential computing — online presentation
Benny Fuhry (Intel Labs, Germany)
TDX deep dive
Hugo Vincent (Arm Research Cambridge, UK)
Arm CCA (and why you can trust it)
Mentoring moments for young researchers
Edouard Bugnion & Charly Castes (EPF Lausanne, Switzerland)
Creating trust by abolishing privileges
Patrick Eugster (USI Lugano, Switzerland)
Security policies for mediating between security mechanisms and guarantees
Raoul Strackx (Fortanix Eindhoven, Netherlands)
Fortanix EDP: Developing enclaves for the confidential computing era
Tools and applications
Nuno Santos (IST/INESC-ID Lisbon, Portugal)
ReZone: Restructuring TEEs for enhanced security on Arm platforms
Christof Fetzer (TU Dresden, Germany)
Using confidential computing for protecting data, code and secrets of applications
Aritra Dhar (Huawei Research Zurich, Switzerland)
Confidential computing for the next-generation data centers
Rüdiger Kapitza (FAU Erlangen-Nuremberg, Germany)
Securing the Internet Computer blockchain with confidential computing
Giovanni Mazzeo (Credora, USA & U Naples "Parthenope", Italy)
The road to verifiable TEE-as-a-service models, where we are and where we are headed
Thanikesavan Sivanthi (ABB Research Baden-Dättwil, Switzerland)
Cyber security challenges of industrial automation systems
"The next big thing in confidential computing ...in the next 2 years? ...in the next 10 years?"
Toward a common manifesto
May organise a hike, visit of Ascona, etc.
Short presentations by participants
Short presentations (cont'd)
Wrap-up and perspectives
Next steps toward a common manifesto
Departure of the participants
Congressi Stefano Franscini Center
Strada Collina 84
6612 Ascona (Switzerland)
Fondazione Monte Verità, Switzerland
The workshop will take place at the Congressi Stefano Franscini Center located at Monte Verità, Ascona, Switzerland, on a very green hill with amazing views of both mountains and Lake Maggiore, from Sunday October 1st and end on Wednesday October 4th (after lunch). Having a long history as a place for meetings, discussions and socialising, Monte Verità boasts years of experience in running seminars and medium-sized rconferences. Since 1989, it has housed the center Congressi Stefano Franscini, which in turn draws thousands of top researchers from all over the world to Monte Verità every year.
Getting to the venue
You can fly to the following cities or reach them by train:
Take a train from Zürich Airport (Zürich Flughafen) train station to Locarno.
Take a train from Geneva Airport train station to Locarno.
Take a train from Basel Airport (Basel EuroAirport) train station to Locarno.
Additional information to reach Locarno from Milan is provided on the ETHZ CSF website.
You can find train connections to Locarno on the SBB website.
On arrival in Locarno train station you can reach the conference venue as follows:
Free shuttle bus
There will be a free shuttle bus between Locarno and Monte Verita on the arrival and departure days. The shuttle bus stops next to the end of platform 4 (close to where public transport is leaving). Look for the white bus with the Monte Verità logo.
On arrival day (Sunday), the shuttle bus will run every 40 minutes from 14:40 to 18:00 according to the following schedule: 14:40 (first run), 15:20, 16:00, 16:40, 17:20, 18:00 (last run). Note that rooms will be available from 15:00.
On departure day (Wednesday), the shuttle bus will run every 40 minutes from 12:55 to 16:15 according to the following schedule: 12:55 (first run), 13:35, 14:15, 14:55, 15:35, 16:15 (last run).
Take bus no. 1 from Locarno railway station to the bus stop "Ascona Centro" (duration: 15 - 20 minutes). Then take the bus no. 5 "Buxi" at the bus stop Autosilo Ascona line 1 to Monte Verità ((duration: 8 minutes)). The bus stop is at the other side of the Coop supermarket.
Please note that the timetables of bus line no. 1 are different for Monday - Saturday (Lunedì - Sabato e feriali) and for Sundays and holidays (Domenica e festivi).
The bus line no. 5 runs irregularly and cash payment is mandatory. From the bus stop "Ascona Autosilo" you can also reach Monte Verità in 25 - 30 minutes on foot (follow the "Strada Collina") or by taxi located next to the Autosilo Ascona.
Various taxis are available at Locarno railway station. The company "EcoTaxsi" usually has a slightly lower price, reservation required: +41 91 792 21 01 or 0800 321 321 (free call from Swiss numbers) or via Skype. The ride takes about 15 minutes and costs about CHF 40.00.
Check our gallery from the recent events