TUM Logo

Trusted Execution Environment (TEE) and software security

Trusted Execution Environment (TEE) and software security  

Praktika 6sws / 10ects (Kursbeschreibung)
Veranstalter: Peng Xu
Zeit und Ort:

Kick-off: Monday, 28.01.   16 - 16.30 h , 01.08.033



Praktikum: Tuesday 10 - 12 h at room 01.05.013

Beginn: 2019-04-23

The lecture is given in english
The slides are available in english
The exam will be in english

Motivation:

With the number of threats increasingly pressuring company and personality usage, it is important to guarantee the application running at software fault or vulnerability isolated environment. Therefore, secure software development with a trusted execution environment (TEE)  becomes more and more attractive and necessary.

In this course, we discuss how to develop secure software with the trusted execution environment (TEE) based ways. Based on the TEE-enabled core, there are many available secure world software architectures, from the range of the most complex secure world operating system to the simplest synchronous library of code in "secure" world.  

Requirements:

1. C/C++ programming  language

2. Basic knowledge of the operating system

3. Program analysis: static analysis and dynamic analysis

4. Knowledge of compiler is better (LLVM/GCC)

 

Organization: 

Session 1: concepts Introduction, practice for basic concepts, discussion how to extend basic concepts, homework;

......

Session x: concepts Introduction, practice for basic concepts, discussion how to extend basic concepts, homework.

 

Registration:

1. Registration in the Matching System until 2019-02-14 00:00

2. Set up the development environment ( Intel SGX for Linux/Windows10 or OPTEE for ARM) and give me aTEE based "hello world"  program

If your laptop or PC is not supporting Intel SGX. You can also use openSGX to accomplish the "hello  world" task.   

1. https://github.com/sslab-gatech/opensgx

2. https://gts3.org/assets/papers/2016/jain:opensgx.pdf

Contents:

0.  Kick-off meeting 

1.  Basic concepts about the TEE

2.  Proof-of-Concepts program development (Attestation, SealedData, SecureStorage, AES)

3.  Program analysis (both static and dynamic analysis) and Program Slicing

4.  Program partitioning with TEE

Links:

1. Trusted Execution Environment: What It is, and What It is Not 

2. Introduction to Trusted Execution Environments 

3. Android's Trusty TEE

4. Open Portable Trusted Execution Environment

5. ARM TrustZone 

6. Intel Software Guard Extensions (SGX)

7. Intel SGX for Linux