Abstract:
Trusted Execution Environments (TEEs) can provide strong security guarantees in distributed systems, and even protect embedded software in the IoT or in critical control systems.
Measuring the passage of time and taking actions based on such measurements is a common security-critical operation in many of these systems.
Yet, few TEEs combine security with real-time processing and availability, or provide hard guarantees on the timeliness of code execution. A key difficulty here is that TEEs execute within an effectively untrusted environment, which can influence expectations on time and progress.
In this talk, I presented our research on categorising approaches to tracking the passage of time in TEEs, highlighting the respective dependability guarantees.
Focusing first on the popular Intel SGX architecture, we analyse to what extend time can be securely measured and utilised.
We then broaden the scope to other popular trusted computing solutions and list common applications for each notion of time and progress, concluding that not every use case requires an accurate access to real-world time.
Following this, I presented a configurable embedded security architecture that provides a notion of guaranteed real-time execution for dynamically loaded enclaves.
We implement preemptive multitasking and restricted atomicity on top of strong enclave software isolation and attestation.
Our approach allows the hardware to enforce confidentiality and integrity protections, while a decoupled small enclaved scheduler software component can enforce availability and guarantee strict deadlines of a bounded number of protected applications, without necessarily introducing a notion of priorities amongst these applications.
