KYBS2500 Introduction to Trusted and Confidential Computing (5 op)
Avainteksti
Kuvaus
Trust and Confidentiality is a foundational aspect of cybersecurity. This course provides the core concepts, tools, and a practical knowledge in this topic. #TPM #SGX #UEFI
The course covers the following topics:
Trust, Identity and Integrity in Computer Systems and their relationship to the overall cybersecurity of devices and systems.
Basics of computer boot operations, firmware:
- BIOS, UEFI in x86 systems,
- Other boot systems, eg: Arm SBCs, Android systems, Microcontrollers,
- Root of trust: Core/Static and Dynamic roots of trust.
Threats:
- Firmware modification,
- Tampering,
- Supply-Chain attacks,
- Specific focus on StuxNet, Triton, SolarWinds.
Trusted Platform Module:
- Uses, abuses,
- Operations,
- Other systems: HSM, Mars, DICE.
Measurements:
- Use of TPM in the boot sequence,
- Run-time measurement, eg: Linux IMA,
- Source of the measurement values,
- Use of TPM to track O/S Updates, Firmware Updates and rebooting.
Remote Attestation:
- TPM Quotes,
- Expected Values,
- Log cross-referencing, eg: UEFI-IMA-TPM-TXT.
Confidential Computing:
- Container Trust,
- CPU Trust and CPU Enclaving,
- SGX, TDX, TrustZone and CCA.
Other Topics:
- Digital Forensics and Incident Response (loss of trust),
- Trustworthy AI/ML and how this is achieved,
- Requirements for trust, e.g. NIS2.
Osaamistavoitteet
The students will understand the concept of trust in computer systems and the mechanisms by which trust (identity and integrity) is established, reported, and verified through attestation.
How the hardware and firmware architecture of a system supports (or prevents) trust will be gained.
How secure modules such as the Trusted Platform Module is utilised in boot-time, run-time and supply-chain security. The processes of attestation will be investigated. A practical component here will be setting up a remote attestation system and investigating the behaviour of the students’ own laptops/computer or other devices as necessary will be made.
Practical knowledge of TPM, LVFS, IMA, grub, tboot, TXT and other mechanisms will be obtained through exercises.
Coverage of confidential computing topics such as SGX, TDX and other enclaving schemes will be made. This will extend to how trust may be utilised in cloud operations, scheduling, and orchestration.
Advanced topics such as attestation’s place in digital forensics and legal aspects such as NIS2 requirements will finalise the course.Esitietojen kuvaus
Basic
knowledge of Linux is desirable.