Demystifying Internet of Things Security Successful Iot Device/Edge and Platform Security Deployment — Sunil Cheruvu Anil Kumar Ned Smith David M
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Wind River Vxworks Platforms 3.8
Wind River VxWorks Platforms 3.8 The market for secure, intelligent, Table of Contents Build System ................................ 24 connected devices is constantly expand- Command-Line Project Platforms Available in ing. Embedded devices are becoming and Build System .......................... 24 VxWorks Edition .................................2 more complex to meet market demands. Workbench Debugger .................. 24 New in VxWorks Platforms 3.8 ............2 Internet connectivity allows new levels of VxWorks Simulator ....................... 24 remote management but also calls for VxWorks Platforms Features ...............3 Workbench VxWorks Source increased levels of security. VxWorks Real-Time Operating Build Configuration ...................... 25 System ...........................................3 More powerful processors are being VxWorks 6.x Kernel Compatibility .............................3 considered to drive intelligence and Configurator ................................. 25 higher functionality into devices. Because State-of-the-Art Memory Host Shell ..................................... 25 Protection ..................................3 real-time and performance requirements Kernel Shell .................................. 25 are nonnegotiable, manufacturers are VxBus Framework ......................4 Run-Time Analysis Tools ............... 26 cautious about incorporating new Core Dump File Generation technologies into proven systems. To and Analysis ...............................4 System Viewer ........................ -
When Is a Microprocessor Not a Microprocessor? the Industrial Construction of Semiconductor Innovation I
Ross Bassett When is a Microprocessor not a Microprocessor? The Industrial Construction of Semiconductor Innovation I In the early 1990s an integrated circuit first made in 1969 and thus ante dating by two years the chip typically seen as the first microprocessor (Intel's 4004), became a microprocessor for the first time. The stimulus for this piece ofindustrial alchemy was a patent fight. A microprocessor patent had been issued to Texas Instruments, and companies faced with patent infringement lawsuits were looking for prior art with which to challenge it. 2 This old integrated circuit, but new microprocessor, was the ALl, designed by Lee Boysel and used in computers built by his start-up, Four-Phase Systems, established in 1968. In its 1990s reincarnation a demonstration system was built showing that the ALI could have oper ated according to the classic microprocessor model, with ROM (Read Only Memory), RAM (Random Access Memory), and I/O (Input/ Output) forming a basic computer. The operative words here are could have, for it was never used in that configuration during its normal life time. Instead it was used as one-third of a 24-bit CPU (Central Processing Unit) for a series ofcomputers built by Four-Phase.3 Examining the ALl through the lenses of the history of technology and business history puts Intel's microprocessor work into a different per spective. The differences between Four-Phase's and Intel's work were industrially constructed; they owed much to the different industries each saw itselfin.4 While putting a substantial part ofa central processing unit on a chip was not a discrete invention for Four-Phase or the computer industry, it was in the semiconductor industry. -
Key Exchange with Anonymous Authentication Using DAA-SIGMA Protocol
Key Exchange with Anonymous Authentication using DAA-SIGMA Protocol Jesse Walker and Jiangtao Li Intel Labs {jesse.walker, jiangtao.li}@intel.com Abstract. Anonymous digital signatures such as Direct Anonymous Attestation (DAA) and group signatures have been a fundamental building block for anonymous entity authentication. In this paper, we show how to incorporate DAA schemes into a key exchange protocol between two entities to achieve anonymous authentication and to derive a shared key between them. We propose a modification to the SIGMA key exchange protocol used in the Internet Key Exchange (IKE) standards to support anonymous authentication using DAA. Our key exchange protocol can be also extended to support group signature schemes instead of DAA. We present a secure model for key exchange with anonymous authentication derived from the Canetti-Krawczyk key-exchange security model. We prove that our DAA-SIGMA protocol is secure under our security model. 1 Introduction Anonymous digital signatures such as group signatures [22, 2, 5, 6], Direct Anonymous Attestation (DAA) [7, 8, 23, 24, 14], and anonymous credentials [15–17] play an important role in privacy en- hanced technologies. They allow an entity (e.g., a user, a computer platform, or a hardware device) to create a signature without revealing its identity. Anonymous signatures also enable anonymous entity authentication. The concept of group signature scheme was first introduced by Chaum and van Heyst [22] in 1991. In a group signature scheme, all the group members share a group public key, yet each member has a unique private key. A group signature created by a group member is anonymous to all the entities except a trusted group manager. -
SGX Attestation Process Research Seminar in Cryptograpy
SGX attestation process Research seminar in Cryptograpy Author: Hiie Vill Supervisor: Pille Pullonen Introduction Software Guard Extensions (SGX) is a technology, the main function of which is to establish special protected software containers, also known as enclaves. These enclaves can be used for provisioning sensitive parts of a software executable in order to protect them from malicious entities. In order to verify remotely that an application is running securely within an enclave, a remote attestation must be performed. This report gives an overview of the attestation process, the background related to it and the necessary requirements for remote attestation [1][2]. 1. Software Guard Extensions Software Guard Extensions (SGX) is a technology introduced by Intel in 2015, which provides hardware assisted security for the application layer. In itself, SGX is a set of processor extensions for establishing a protected execution environment, referred to as an enclave, and the software related to it. More specifically, enclaves are protected areas of execution in memory, providing a trusted execution environment, even on a compromised platform. In order to protect an application from malicious entities, the software’s code, data and stack are stored within the enclave and protected by hardware enforced access control policies, making the application inaccessible to any malware on the platform. This means that SGX enables applications to defend themselves, protecting any sensitive data used by the application (for example credentials and cryptographic keys), while retaining its integrity and confidentiality [1][2]. 2. Preliminaries In this section, some terminology will be briefly explained that is used in the remote attestation process in order to familiarize the reader with the background information. -
Outline ECE473 Computer Architecture and Organization • Technology Trends • Introduction to Computer Technology Trends Architecture
Outline ECE473 Computer Architecture and Organization • Technology Trends • Introduction to Computer Technology Trends Architecture Lecturer: Prof. Yifeng Zhu Fall, 2009 Portions of these slides are derived from: ECE473 Lec 1.1 ECE473 Lec 1.2 Dave Patterson © UCB Birth of the Revolution -- What If Your Salary? The Intel 4004 • Parameters – $16 base First Microprocessor in 1971 – 59% growth/year – 40 years • Intel 4004 • 2300 transistors • Initially $16 Æ buy book • Barely a processor • 3rd year’s $64 Æ buy computer game • Could access 300 bytes • 16th year’s $27 ,000 Æ buy cacar of memory • 22nd year’s $430,000 Æ buy house th @intel • 40 year’s > billion dollars Æ buy a lot Introduced November 15, 1971 You have to find fundamental new ways to spend money! 108 KHz, 50 KIPs, 2300 10μ transistors ECE473 Lec 1.3 ECE473 Lec 1.4 2002 - Intel Itanium 2 Processor for Servers 2002 – Pentium® 4 Processor • 64-bit processors Branch Unit Floating Point Unit • .18μm bulk, 6 layer Al process IA32 Pipeline Control November 14, 2002 L1I • 8 stage, fully stalled in- cache ALAT Integer Multi- Int order pipeline L1D Medi Datapath RF @3.06 GHz, 533 MT/s bus cache a • Symmetric six integer- CLK unit issue design HPW DTLB 1099 SPECint_base2000* • IA32 execution engine 1077 SPECfp_base2000* integrated 21.6 mm L2D Array and Control L3 Tag • 3 levels of cache on-die totaling 3.3MB 55 Million 130 nm process • 221 Million transistors Bus Logic • 130W @1GHz, 1.5V • 421 mm2 die @intel • 142 mm2 CPU core L3 Cache ECE473 Lec 1.5 ECE473 19.5mm Lec 1.6 Source: http://www.specbench.org/cpu2000/results/ @intel 2006 - Intel Core Duo Processors for Desktop 2008 - Intel Core i7 64-bit x86-64 PERFORMANCE • Successor to the Intel Core 2 family 40% • Max CPU clock: 2.66 GHz to 3.33 GHz • Cores :4(: 4 (physical)8(), 8 (logical) • 45 nm CMOS process • Adding GPU into the processor POWER 40% …relative to Intel® Pentium® D 960 When compared to the Intel® Pentium® D processor 960. -
Adagio for the Internet of Things Iot Penetration Testing and Security Analysis of a Smart Plug
DEGREE PROJECT IN COMPUTER ENGINEERING, FIRST CYCLE, 15 CREDITS STOCKHOLM, SWEDEN 2021 Adagio For The Internet Of Things IoT penetration testing and security analysis of a smart plug RAMAN SALIH KTH ROYAL INSTITUTE OF TECHNOLOGY SCHOOL OF ELECTRICAL ENGINEERING AND COMPUTER SCIENCE Adagio For The Internet Of Things IoT penetration testing and security analysis of a smart plug Raman Salih Supervisor: Pontus Johnson Examiner: Robert Lagerström Abstract— The emergence of the Internet of Things (IoT) Index Terms— Hacking; Wi-Fi; Threat model; IoT security; shows us that more and more devices will be connected to Smart plug the internet for all types of different purposes. One of those devices, the smart plug, have been rapidly deployed because I. INTRODUCTION of the ease it brings users into achieving home automation by turning their previous dumb devices smart by giving them As technology becomes smaller, faster, and more the means of controlling the devices remotely. These IoT connected over time it leads to more and more potential devices that gives the user control could however pose devices to join the internet and exchange data between serious security problems if their vulnerabilities were not carefully investigated and analyzed before we blindly themselves. Everything from coffee makers to blinds for your integrate them into our everyday life. In this paper, we do a windows may one day be connected to the internet and be threat model and subsequent penetration testing on a smart controlled remotely and dynamically. This category of plug system made by particular brand by exploiting its devices is known as the Internet of Things (IoT) and is set to singular communication protocol and we successfully launch reach 20.4 billion connected devices by 2020 according to a five attacks: a replay attack, a MCU tampering attack, a forecast made by Gartner 1 . -
A Letter to the FCC [PDF]
Before the FEDERAL COMMUNICATIONS COMMISSION Washington, DC 20554 In the Matter of ) ) Amendment of Part 0, 1, 2, 15 and 18 of the ) ET Docket No. 15170 Commission’s Rules regarding Authorization ) Of Radio frequency Equipment ) ) Request for the Allowance of Optional ) RM11673 Electronic Labeling for Wireless Devices ) Summary The rules laid out in ET Docket No. 15170 should not go into effect as written. They would cause more harm than good and risk a significant overreach of the Commission’s authority. Specifically, the rules would limit the ability to upgrade or replace firmware in commercial, offtheshelf home or smallbusiness routers. This would damage the compliance, security, reliability and functionality of home and business networks. It would also restrict innovation and research into new networking technologies. We present an alternate proposal that better meets the goals of the FCC, not only ensuring the desired operation of the RF portion of a WiFi router within the mandated parameters, but also assisting in the FCC’s broader goals of increasing consumer choice, fostering competition, protecting infrastructure, and increasing resiliency to communication disruptions. If the Commission does not intend to prohibit the upgrade or replacement of firmware in WiFi devices, the undersigned would welcome a clear statement of that intent. Introduction We recommend the FCC pursue an alternative path to ensuring Radio Frequency (RF) compliance from WiFi equipment. We understand there are significant concerns regarding existing users of the WiFi spectrum, and a desire to avoid uncontrolled change. However, we most strenuously advise against prohibiting changes to firmware of devices containing radio components, and furthermore advise against allowing nonupdatable devices into the field. -
Hoja De Datos De Familes Del Procesador Intel(R) Core(TM) De 10A Generación, Vol.1
10a generación de familias de procesadores Intel® Core™ Ficha técnica, Volumen 1 de 2 Compatible con la 10a generación de la familia de procesadores Intel® Core™, procesadores Intel® Pentium®, procesadores Intel® Celeron® para plataformas U/Y, anteriormente conocidos como Ice Lake. Agosto de 2019 Revisión 001 Número del Documento: 341077-001 Líneas legales y descargos de responsabilidad Esta información es una combinación de una traducción hecha por humanos y de la traducción automática por computadora del contenido original para su conveniencia. Este contenido se ofrece únicamente como información general y no debe ser considerada como completa o precisa. No puede utilizar ni facilitar el uso de este documento en relación con ninguna infracción u otro análisis legal relacionado con los productos Intel descritos en este documento. Usted acepta conceder a Intel una licencia no exclusiva y libre de regalías a cualquier reclamación de patente redactada posteriormente que incluya el objeto divulgado en este documento. Este documento no concede ninguna licencia (expresa o implícita, por impedimento o de otro tipo) a ningún derecho de propiedad intelectual. Las características y beneficios de las tecnologías Intel dependen de la configuración del sistema y pueden requerir la activación de hardware, software o servicio habilitado. El desempeño varía según la configuración del sistema. Ningún equipo puede ser absolutamente seguro. Consulte al fabricante de su sistema o su distribuidor minorista u obtenga más información en intel.la. Las tecnologías Intel pueden requerir la activación de hardware habilitado, software específico o servicios. Consulte con el fabricante o distribuidor del sistema. Los productos descritos pueden contener defectos de diseño o errores conocidos como erratas que pueden hacer que el producto se desvíe de las especificaciones publicadas. -
An Introduction
An Introduction Slides by Michael Hall Modified and Presented by Alex Courouble edgexfoundry.org | @edgexfoundry Edge Computing Why do I need it? edgexfoundry.org | @edgexfoundry Who is EdgeX Foundry? And how to join us edgexfoundry.org | @edgexfoundry Vendor-neutral open source project hosted by The Linux Foundation building a common open framework for IoT edge computing. Interoperability framework and reference platform to enable an ecosystem of plug-and-play components that unifies the marketplace and accelerates the deployment of IoT solutions. Architected to be agnostic to protocol, silicon (e.g., x86, ARM), OS (e.g., Linux, Windows, Mac OS), and application environment (e.g., Java, JavaScript, Python, Go Lang, C/C++) to support customer preferences for differentiation Part of the LF Edge project at the Linux Foundation LF Edge Premium Members LF Edge General Members Getting Involved ● Open Source and contributor ● GitHub: driven, anybody can participate ○ https://github.com/edgexfoundry ● TSC and WG meetings open to ● Documentation ○ https://docs.edgexfoundry.org public ● Slack ● Technical leadership (TSC & WG ○ https://slack.edgexfoundry.org chairs) elected by technical ● Mailing Lists contributors ○ https://lists.edgexfoundry.org ○ https://lists.edgexfoundry.org/calendar What is EdgeX? Microservices and Deployments edgexfoundry.org | @edgexfoundry Walkthrough Let’s see it in action edgexfoundry.org | @edgexfoundry Get Started in Three Steps 1. Run the EgdeX Microservices with Docker Compose 2. Create a Device Service with device-sdk-go -
GPU Developments 2018
GPU Developments 2018 2018 GPU Developments 2018 © Copyright Jon Peddie Research 2019. All rights reserved. Reproduction in whole or in part is prohibited without written permission from Jon Peddie Research. This report is the property of Jon Peddie Research (JPR) and made available to a restricted number of clients only upon these terms and conditions. Agreement not to copy or disclose. This report and all future reports or other materials provided by JPR pursuant to this subscription (collectively, “Reports”) are protected by: (i) federal copyright, pursuant to the Copyright Act of 1976; and (ii) the nondisclosure provisions set forth immediately following. License, exclusive use, and agreement not to disclose. Reports are the trade secret property exclusively of JPR and are made available to a restricted number of clients, for their exclusive use and only upon the following terms and conditions. JPR grants site-wide license to read and utilize the information in the Reports, exclusively to the initial subscriber to the Reports, its subsidiaries, divisions, and employees (collectively, “Subscriber”). The Reports shall, at all times, be treated by Subscriber as proprietary and confidential documents, for internal use only. Subscriber agrees that it will not reproduce for or share any of the material in the Reports (“Material”) with any entity or individual other than Subscriber (“Shared Third Party”) (collectively, “Share” or “Sharing”), without the advance written permission of JPR. Subscriber shall be liable for any breach of this agreement and shall be subject to cancellation of its subscription to Reports. Without limiting this liability, Subscriber shall be liable for any damages suffered by JPR as a result of any Sharing of any Material, without advance written permission of JPR. -
Intel Quartus Prime Pro Edition User Guide: Programmer Send Feedback
Intel® Quartus® Prime Pro Edition User Guide Programmer Updated for Intel® Quartus® Prime Design Suite: 21.2 Subscribe UG-20134 | 2021.07.21 Send Feedback Latest document on the web: PDF | HTML Contents Contents 1. Intel® Quartus® Prime Programmer User Guide..............................................................4 1.1. Generating Primary Device Programming Files........................................................... 5 1.2. Generating Secondary Programming Files................................................................. 6 1.2.1. Generating Secondary Programming Files (Programming File Generator)........... 7 1.2.2. Generating Secondary Programming Files (Convert Programming File Dialog Box)............................................................................................. 11 1.3. Enabling Bitstream Security for Intel Stratix 10 Devices............................................ 18 1.3.1. Enabling Bitstream Authentication (Programming File Generator)................... 19 1.3.2. Specifying Additional Physical Security Settings (Programming File Generator).............................................................................................. 21 1.3.3. Enabling Bitstream Encryption (Programming File Generator).........................22 1.4. Enabling Bitstream Encryption or Compression for Intel Arria 10 and Intel Cyclone 10 GX Devices.................................................................................................. 23 1.5. Generating Programming Files for Partial Reconfiguration......................................... -
Fact Sheet: the Golden Age of Esports
The Golden Age of eSports The eSports market promises a lot of emotions and spectacular business opportunities. Worldwide, there are an estimated 1.2 billion gamers1 and 160 million fans of electronic entertainment. By 2017, these figures will double. The revenues associated with eSports are constantly growing. According to Newzoo* forecasts, they will reach $463 million in 2016 and $1 billion by 2019. The origins of eSports can be traced back to the end of 80s and beginning of 90s. Since then, not only the eSports scene, but the whole gaming market has undergone tremendous changes. In the heyday of Commodore 64 and games loaded from cassette decks, no one had ever imagined that the value of the gaming market would grow to billions of dollars, while professional players would salaried and earn five-figure prizes in a single tournament. The Golden Age of eSports According to Newzoo research agency, in 2015 the electronic entertainment market has reached $91 billion in terms of revenues. In 2014, the global revenues totaled slightly more than $83.5 billion, and that represents growth by almost 10 percent. Assuming constant growth rate, we can anticipate global revenues in this sector to reach about $107 billion in 20172. The PC segment constitutes as much as 37 percent of this market, or about $34 billion3. Intel estimates that the amounts spent on gaming hardware have also reached unprecedented levels. It is anticipated that by 2018 the figures may reach $100 billion. 40 Percent of eSports Fans Are Viewers Average gamers do not necessarily understand the significance of numbers related to the market growth.