TCB Reduction for Trustworthy Code Execution on Commodity Platforms
|Go Back to Talks and Events|
Talk by Adrian Perrig, Professor, Carnegie Mellon University
Time: Monday May 11, 10:30 AM
Place: Room CSE2311, CS Building followed by the dissertation defense of Peter Williams at 11:30am
Much effort has been spent to reduce the software Trusted Computing Base (TCB) of modern systems. We have designed and built several systems that remove the OS from the software TCB: Flicker and TrustVisor are two examples. However, the hardware TCB remains complex and untrustworthy. Components such as memory, peripherals, and system buses may become malicious via firmware compromise, a malicious manufacturer, a malicious supply chain, or local physical tampering.
We seek to reduce the hardware TCB to a minimal set of hardware components that must be trusted. We propose the design and implementation of CARMA, an isolated execution environment on commodity x86 platforms that only relies on the CPU, without needing to trust the memory, buses, peripherals, or any other system components.BIO:
Adrian Perrig is a Professor in Electrical and Computer Engineering, Engineering and Public Policy, and Computer Science at Carnegie Mellon University. Adrian serves as the technical director for Carnegie Mellon's Cybersecurity Laboratory (CyLab). He earned his Ph.D. degree in Computer Science from Carnegie Mellon University, and spent three years during his Ph.D. degree at the University of California at Berkeley. He received his B.Sc. degree in Computer Engineering from the Swiss Federal Institute of Technology in Lausanne (EPFL). Adrian's research revolves around building secure systems and includes network security, trustworthy computing and security for social networks. More specifically, he is interested in trust establishment, trustworthy code execution in the presence of malware, and how to design secure next-generation networks. Adrian is a recipient of the NSF CAREER award in 2004, IBM faculty fellowships in 2004 and 2005, the Sloan research fellowship in 2006, the Security 7 award in the category of education by the Information Security Magazine in 2009, and the Benjamin Richard Teare teaching award in 2011.