6th Workshop on System Software for Trusted Execution (SysTEX 2023)
May 8th, 2023
Program
9:00-9:05 Welcome
9:05-10:00 Invited keynote by Jan-Erik Ekberg (Huawei) Trusted Environments for Future Consumer Devices
In my talk, I will consider the motivation and urgency to renew how trusted execution
(isolated workloads) is set up in terms of hardware and software for consumer devices.
Much can be learned from work done for cloud services and with the confidential computing
stack, but at the same time, both use cases and isolation requirements are different.
Furthermore, especially for mobile phones we need to consider legacy, i.e. a 1 Billion
strong base of ARM TrustZone powered GlobalPlatform-enabled Trusted Execution Environments
in use today. I will review existing and upcoming isolation hardware architectures, both
from industry and in academic research, and match these to work done
for the upcoming software and security architecture change that we work towards today. Short Bio:
Since 2018, Dr. Jan-Erik Ekberg serves as Head of Helsinki System Security Lab (HSSL) in
Huawei, responsible for Platform Security R&D, especially in consumer devices.
The Huawei Trusted Execution Environment, Device PKI, Linux kernel memory protection
(HKIP) and randomization as well are the Huawei device keystore (HUKS) are all technologies
originating from or co-developed at HSSL.
Jan-Erik has history as a security scientist and researcher since 1995 in Nokia Research Center,
in Trustonic Llc and DarkMatter Inc, doing both network security (2G/3G/WLAN/BT),
hardware security (TCG standardization) and platform / OS security, and he was especially
involved in developing and designing the first mobile trusted execution environment
for Nokia smartphones around 2010. He earned his PhD in Computer Science from Aalto University,
and is presently also serving as adjunct professor in his alma mater (giving lectures and
supervising theses). Jan-Erik is the co-author of more than 100 patents and his publications
have been cited more than 5000 times.
10:00-10:30 GRAMINER: Fuzz Testing Gramine LibOS to Harden the Trusted Computing Base
Jaewon Hur, Byoungyoung Lee (Seoul National University)
10:30-11:00 Coffee break
11:00-11:35 A RISC-V Extension to Minimize Privileges of Enclave Runtimes
Neelu S. Kalani, Edouard Bugnion (EPFL)
11:35-11:55 Towards Modular Trusted Execution Environments
Carsten Weinhold, Nils Asmussen (Barkhausen Institut), Diana Göhringer (Technische Universität Dresden), Michael Roitzsch (Barkhausen Institut)
11:55-12:30 Dissecting BFT Consensus: In Trusted Components we Trust
Suyash Gupta (UC Berkeley), Sajjad Rahnama, Shubham Pandey (University of California, Davis), Natacha Crooks (UC Berkeley), Mohammad Sadoghi (University of California, Davis)
12:30-14:30 Lunch
14:30-14:50 Transparent Management of BFT Systems with TEE
Bijun Li (Hainan Normal University), Pierre-Louis Aublin (IIJ Research Laboratory)
14:50-15:25 What virtualization can do for maintenance: the HSM case
Adrian Leren (Elektrobit Automotive GmbH, RPTU Kaiserslautern-Landau), Uwe Hildebrand (Elektrobit Automotive GmbH), Kai Lampka (Elektrobit Automotive GmbH, RPTU Kaiserslautern-Landau)
15:25-16:00 About Time: On the Challenges of Temporal Guarantees in Untrusted Environments
Fritz Alder (imec-DistriNet, KU Leuven), Gianluca Scopelliti (Ericsson & KU Leuven), Jo Van Bulck (imec-DistriNet, KU Leuven), Jan Tobias Mühlber (KU Leuven & Université Libre de Bruxelles)