Announcements
  • Final Project Guidelines posted
  • Due Date for PA1 Friday the 21st
  • Problem 3 posted now
  • Okay, I updated PA1 with a pdf file that describes the setup for the system1 problem and problem 2. I wanted to get more of problem 3 done before posting, but I think I should give you what I have for now. More coming soon!
  • First assignment in process of being posted

Reading Schedule:

Tuesday
Thursday
Week 1: Introduction [1, 2] Medical Devices [3, 4]
Week 2: Automobiles [5, 6] Separation [7]
Week 3: Covert Channels [8, 9] Cloud Leakage [10]
Week 4: Cache Side-Channels [11] Architectural Countermeasures [12]
Week 5: Second Look at Countermeasures [13] none
Week 6: Model Checking [14] SLAM [15]
Week 7: Verifying an OS [16] Formal Methods Overview [17]
Week 8: Therac-25 [18] TrustZone [19]
Week 9: Flicker [20] PUFFs
Week 10:

( * = most important, ref = for reference )

  1. S. Ravi, A. Raghunathan, P. Kocher, and S. Hattangady. Security in Embedded Systems: Design Challenges ACM Transactions on Embedded Computing Systems, Vol. 3, No. 3, August 2004, Pages 461–491
  2. K. Tompson. Reflections on Trusting Trust (A Turing Award Lecture) Communications of the ACM, Col. 27, No. 8, August 1984
  3. D. Halperin, T. Heydt-Benjamin, B. Ransford, S. Clark, B. Defend, W. Morgan, K. Fu, T. Kohno, and W. Maisel. Pacemakers and implantable cardiac defibrillators: Software radio attacks and zero-power defenses. In Proceedings of the 29th Annual IEEE Symposium on Security and Privacy, pages 129–142, May 2008.
  4. K. Fu. Trustworthy medical device software. In Public Health Effectiveness of the FDA 510(k) Clearance Process: Measuring Postmarket Performance and Other Select Topics: Workshop Report, Washington, DC, 2011. IOM (Institute of Medicine), National Academies Press.
  5. K. Koscher, A. Czeskis, F. Roesner, S. Patel, T. Kohno, S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage. Experimental Security Analysis of a Modern Automobile IEEE Symposium on Security and Privacy, Oakland, CA, May 16–19, 2010.
  6. S. Checkoway, D. McCoy, B. Kantor, D. Anderson, H. Shacham, S. Savage, K. Koscher, A. Czeskis, F. Roesner, T. Kohno. Comprehensive Experimental Analyses of Automotive Attack Surfaces USENIX Security, August 10–12, 2011.
  7. J. Rushby. Design and verification of secure systems Proceedings of the eighth ACM symposium on Operating Systems Principles (SOSP), 1981.
  8. R. Kemmerer. Shared resource matrix methodology: an approach to identifying storage and timing channels ACM Transactions on Computer Systems (TOCS) Vol 1 No 3, August 1983.
  9. J. Wray. An analysis of covert timing channels IEEE Computer Society Symposium on Security and Privacy (Oakland), May 1991.
  10. T. Ristenpart, E. Tromer, H. Shacham, and S. Savage. Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party Compute Clouds ACM Conference on Computer and Communications Security, November 2009.
  11. C. Percival. Cache missing for fun and profit BSDCan, 2005.
  12. Z. Wang, and R. Lee New cache designs for thwarting software cache-based side channel attacks Proceedings of the 34th annual International Symposium on Computer Architecture (ISCA), 2007.
  13. J. Kong, O. Aciicmez, J. Seifert, and H. Zhou Deconstructing new cache designs for thwarting software cache-based side channel attacks Proceedings of the 2nd ACM workshop on Computer security architectures, 2008.
  14. G. Holzmann The Model Checker SPIN IEEE Transactions on Software Engineering, Vol 23 No 5, 1997.
  15. T. Ball, R. Majumdar, T. Millstein and S. Rajamani Automatic predicate abstraction of C programs Proceedings of Programing Languages Design and Implementation (PLDI), 2001.
  16. G. Klein, K. Elphinstone, G. Heiser, J. Andronick, D. Cock, P. Derrin, D. Elkaduwe, K. Engelhardt, R. Kolanski, M. Norrish, T. Sewell, H. Tuch, and S. Winwood seL4: Formal Verification of an OS Kernel Proceedings of the Symposium on Operating System Principles (SOSP), 2009
  17. Z. Shao. Certified Software Communications of the ACM, Vol 53 No 12, 2010
  18. N. Leveson. Medical Devices: The Therac-25 From Safeware: System Safety and Computers, 1995
  19. J. Winter. Trusted Computing Building Blocks for Embedded Linux-based ARM TrustZone Platforms Proceedings of the 3rd ACM workshop on Scalable Trusted Computing, 2008
  20. J. McCune, B. Parno, A. Perrig, M. Reiter, and H. Isozaki. Flicker: An Execution Infrastructure for TCB Minimization ACM SIGOPS Operating Systems Review, vol 42, no 4, 2008

Course Description:

Lecture Notes:
none yet
Overview:
We spend our lives bathing in a sea of computer systems as they control our infrastructure, our transportation, our money, and are increasingly even our bodies (through medical devices). How does one build an embedded system that is "safe" or "secure"? What does it even mean to be "safe"? How can I convince someone else (a customer, client, or agency) that the system will always behave in some particular way? What makes this problem uniquely challenging for embedded systems as opposed to more general purpose computing devices? In this course we will explore these questions, examining both existing practice and newer research proposals in the area. The course will cover both software-only and hardware-only approaches to these problem, although it will concentrate primarily on those problems and opportunities that involve both.
Prerequisites:
Computer Organization, Computer Architecture, Computer Security, Assembly/C Programming, Advanced Computer Architecture (cs254) recommended but not required
Class Times:
TBA
Instructor and TA info:
Instructor:
Tim Sherwood <sherwood+class@cs.ucsb.edu>
(please use the above email to insure that I find it under my piles of email)
Office: Department of Computer Science, 1119 Engineering I
Office Hours: Thursday 3-4:30 or by appointment
Grading:
100%
TBA