Skip to main content

Software-Based Attestation for Peripherals

Researchers: Adrian Perrig, Jonathan McCune

Research Area: Trustworthy Computing Platforms and Devices

Cross Cutting Thrusts: Software Security | Threat Analysis and Modeling

Abstract

Scope: Recent results both at CyLab and worldwide have made a dent in the challenges of obtaining trustworthy execution on the primary processing elements in our desktop, laptop, and server systems. However, inside these systems exist myriad additional processors, often running firmware images over which the user has little control. Vulnerabilities inside these peripheral devices can often give attackers a foothold inside otherwise wellconfigured, properly-secured systems.

Outcomes: To date, we have leveraged software-based attestation to successfully verify the integrity of the firmware image running inside a keyboard. We anticipate scaling and adapting these techniques to more powerful peripherals, including the network adapter, disk controller, and graphics controller.