Researchers: Adrian Perrig, Jonathan McCune
Research Area: Trustworthy Computing Platforms and Devices
Scope: Recent results both at CyLab and worldwide have made a dent in the challenges of obtaining trustworthy execution on the primary processing elements in our desktop, laptop, and server systems. However, inside these systems exist myriad additional processors, often running firmware images over which the user has little control. Vulnerabilities inside these peripheral devices can often give attackers a foothold inside otherwise wellconfigured, properly-secured systems.
Outcomes: To date, we have leveraged software-based attestation to successfully verify the integrity of the firmware image running inside a keyboard. We anticipate scaling and adapting these techniques to more powerful peripherals, including the network adapter, disk controller, and graphics controller.