Thesis topic in co-operation with the Fraunhofer Institute for Applied and Integrated Security AISEC, Garching
Description
Lehrstuhl für Sicherheit in der Informatik Prof. Dr. Claudia Eckert
In cooperation with Fraunhofer AISEC
BA/MA/GR: Attestation of Dynamic Software Stacks
Motivation and Topic
Current attestation techniques can attest static contents quite well, e.g., by hash comparison of executables to make sure a binary has not been modified. However, when it comes to attestation of dynamic content, such as frequently changing function call stacks within a process, the task gets quite challenging. The aim here is to attest a simplified, though dynamic process in various points of execution during runtime.
A thesis or project in this subject area may deal with one or more of the following research topics and questions:
One possible direction is the engineering of attestation techniques using Trusted Execution Environments (TEEs) such as Intel SGX, Arm TrustZone or AMD/SEV. In this approach a protected monitor performs checks on the system to attest after the monitor has attested itself using the TEE.
A further possible direction is research into the question how potential rules or conditions for variables in the call stack can be modelled and how they can applied to source code.
Another possible route to take deals with the simplification of complex processes. The leading question is how to change and modularize software in such a way that its dynamic attestation during runtime is made feasible or at least significantly simplified.
Requirements
-
Basic programming skills
-
A preliminary understanding of trusted execution environments / attestation techniques or the motivation
to get into the topic
-
An interest in transferring challenging theories into practical applications
-
Ability to work self-directed and systematically
Contact
Fraunhofer Institute for Applied and Integrated Security (AISEC) Hendrik Meyer zum Felde E-Mail: meyerzum@aisec.fraunhofer.de
Phone: +49 89 322-9986-190