Statement of Work - Senior Design

advertisement
i
STATEMENT OF WORK
For
Multi-core and Cell Processors Security Investigation
February 7, 2016
Rev. 2
Rev. 1
2/7/16
I.
Background and Introduction
In 2003, Sony, IBM and Toshiba created a design team to create a new multi-core processor.
They chose to completely re-design much of the architecture previously found in consumer
processors and designed the Cell Processor (www.________.com) . The Cell Processor is
comprised of a Power PC main core and a variable number of support cores. As with any
new architecture, the security concerns of the Cell Processor have not yet been fully
explored.
The key documented security features of the Cell processor include the secure processing
vault, the runtime secure boot, and the hardware root of secrecy. The secure processing
vault provides an environment that is completely isolated from every other thread running
in the system. The information in this vault cannot be changed or seen. This allows for
interesting applications Digital Rights Management; for example, a “digital movie content
can be decrypted in, and played from, the vault without the danger of the content being
compromised. The second security feature, the runtime secure boot, is a “technique
whereby during power-on time, …, the code modules go through a cryptographic-based
authentication check”. By verifying security of the initial root of the system, was can then
use that root to verify the security of other entities. Finally, the hardware root of secrecy
looks at the need for securing the root key of a system. This root key is the key used to
begins the chain of unlocking other keys used in specific applications. In the Cell processor,
this root key is embedded in the hardware and cannot be accessed through software; only a
hardware decryption facility can read that key.
Past research into multi-core processing security concerns have looked at things like data
isolation between different cores, controlled information flows, covert timing, and digital
rights management. Considering covert timing in multi-core processors is a very complex
task, as there are many shared resources and the possibly for large bandwidth transfers
over the channels. The Cell processor is set up with the secure processing vault, which
appears to make digital rights managements much simpler, however this has yet to be fully
tested.
This project seeks to further this research, exploring the various areas of concern in the Cell
Processor and testing some of these concerns.
II.
Scope of Work
The scope of this project includes the research, analysis and testing of security concerns
associated with the Cell Processor. The timeline for this project begins September 15, 2008,
2
Rev. 1
2/7/16
and ends April 15, 2008. These tasks shall be performed by the Hot Threads Senior Design
Team, in conjunction with the University of Idaho Center for Secure and Dependable
Systems, and is hereinafter referred to as the Team. Dr. Alves-Foss shall hereinafter be
referred to as the Sponsor.
III. Objectives
A.
Examine literature and list possible concerns
The cell processor and its specific applications are largely unknown, and the security flaws
are not yet identified. The initial phase of this project must be focused on understanding
the architecture so as to be able to identify possible concerns. After reviewing the
literature, the Team shall compile a list of possible concerns to be reviewed by the Sponsor.
Completion Date: October 15, 2008
B.
Identify those concerns that are of special note
The list compiled in section A will almost certainly be an extensive one. However, as the
time line and resources for this project are limited, the Team will compile a shorter list of
concerns of special note. Said list should be made up of those elements that pose the
greatest threat while still allowing for feasibility in our testing. This compressed list will be
delivered to the Sponsor no later than the completion date.
Completion Date: November 15, 2008
C.
Design tests for the concerns of special note
After reviewing the concerns of note in found in section B with the Sponsor, the Team will
design and create tests for those concerns. The test shall be included in a testbed
environment that will be delivered to the Sponsor at the conclusion of this project.
Completion Date: December 15, 2008
D.
Conduct tests on the specified concerns
The tests created in section C shall be run extensively, with as many different scenarios as
time allows.
Completion Date: March 15, 2008
E.
Create appropriate documentation on the results from tests
Appropriate documentation on all concerns and tests shall be compiled for presentation at
Engineering Expo and possible publication in a journal.
Completion Date: April 15, 2008
3
Download