| EPSRC Reference: |
EP/V000454/1 |
| Title: |
CAP-TEE: Capability Architectures for Trusted Execution |
| Principal Investigator: |
Oswald, Dr D F |
| Other Investigators: |
|
| Researcher Co-Investigators: |
|
| Project Partners: |
|
| Department: |
School of Computer Science |
| Organisation: |
University of Birmingham |
| Scheme: |
Standard Research |
| Starts: |
12 August 2020 |
Ends: |
11 June 2024 |
Value (£): |
1,000,206
|
| EPSRC Research Topic Classifications: |
| Fundamentals of Computing |
Software Engineering |
|
| EPSRC Industrial Sector Classifications: |
|
| Related Grants: |
|
| Panel History: |
| Panel Date | Panel Name | Outcome |
|
06 Apr 2020
|
ISCF Digital Security by Design Research Projects
|
Announced
|
|
|
Summary on Grant Application Form |
Trusted Execution Environments (TEEs) shield computations using security-sensitive data (e.g. personal data, banking information, or encryption keys) inside a secure "enclave" from the rest of the untrusted operating system. A TEE protects its data and code even if an attacker has gained full root access to the untrusted parts of the system. Today, TEEs like ARM Trustzone and Intel SGX are therefore widely used in general-purposes devices, including most laptops and smartphones. But with increasingly wide-spread use, TEEs have proven vulnerable to a number of hardware and software-based attacks, often leading to the complete compromise of the protected data.
In this project, we will use capability architectures (as e.g. developed by the CHERI project) to protect TEEs against such state-of-the-art attacks. We address a wide range of threats from software vulnerabilities such as buffer overflows to sophisticated hardware attacks like fault injection. CAP-TEE will provide a strong, open-source basis for the future generation of more secure TEEs.
When developing such disruptive technologies, it is key to minimise the efforts for porting existing codebases to the new system to facilitate adoption in practice. In CAP-TEE, we therefore focus on techniques to ease the transition to our capability-enabled TEE. In industrial cases studies for the automotive and rail sector, we will demonstrate how complex code written in a memory-unsafe language like C(++) can be seamlessly moved to our platform to benefit from increased security without a full redesign.
|
|
Key Findings |
|
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
|
Potential use in non-academic contexts |
|
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
|
Impacts |
|
| Description |
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk |
| Summary |
|
| Date Materialised |
|
|
|
|
Sectors submitted by the Researcher |
|
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
| Project URL: |
|
| Further Information: |
|
| Organisation Website: |
http://www.bham.ac.uk |