Moving Hardware from “Security through Obscurity” to “Secure by Design”
Presented as part of the 2016 HCSS conference.
ABSTRACT
It is a difficult, perhaps impossible, task to design modern hardware that is impervious to any and every attack. It is hard to insure that these complex, multi-billion transistor systems are functionally correct, let alone secure. Yet, for the most part, computing system designers assume that the hardware is secure and focus their security efforts at higher levels of abstraction (OS, programming language, algorithm, etc.). Recent attacks have shown this is a false premise, and building upon an insecure foundation is a recipe for disaster.
In this talk, we discuss techniques that enable the designer to reason about hardware security. These techniques are based upon information flow and information theoretic measures. They are oblivious to the types of variables under consideration. Thus, we can assess both functional security properties related to confidentiality and integrity as well as covert channels. Our techniques enable the characterization of portions of the system that are potentially vulnerable to attacks. And they determine the effectiveness of mitigation techniques on the overall security of the system. The end result is more secure hardware, which leads to safer and more secure computing systems.
BIO
Ryan Kastner is a professor in the Department of Computer Science and Engineering at the University of California, San Diego. He received a PhD in Computer Science (2002) at UCLA,, a Masters degree in engineering (2000) and Bachelor degrees (BS) in both Electrical Engineering and Computer Engineering (1999), all from Northwestern University. He spent the first five years after his PhD as a professor in the Department of Electrical and Computer Engineering at the University of California, Santa Barbara.
Professor Kastner’s current research interests fall into three areas: hardware acceleration, hardware security, and remote sensing. He is the co-director of the Wireless Embedded Systems Master of Advanced Studies Program. He also co-directs the Engineers for Exploration Program. He has published over 150 technical articles, and has authored three books, “Synthesis Techniques and Optimizations for Reconfigurable Systems”, “Arithmetic Optimizations for Polynomial Expressions and Linear Systems”, and “Handbook on FPGA Design Security”. He has served as member of numerous conference technical committees spanning topics like reconfigurable computing (ISFPGA, FPL, FPT), hardware design (DAC, ICCAD, DATE), hardware security (HOST), and underwater networking (WUWNet).