In recent times, there has been a major push and urgency to adopt the zero-trust model for cybersecurity. The zero trust model is based on the principle of “never trust, always verify” and is aimed at eliminating all implicit trust in a system. While adopting a zero-trust model for network security generally involves authenticating, authorizing and continuously validating the credentials of users in a network, these measures alone are not enough to create a true zero trust based architecture. The underlying hardware needs to be trusted and secured as well. Thus, novel approaches for building zero trust architectures, from systems all the way down to silicon, is one of the big challenges for next generation hardware system design.
Traditionally, research on establishing trust and security in hardware has primarily focused on the host and its associated memory subsystems. These include principles of trusted execution environments, silicon roots of trust, Trusted Platform Modules, encryption at rest etc. However, in modern system architectures such as edge/cloud computing, composable systems and chiplet based integrated circuits, the realm of trust needs to be extended beyond the host system and incorporate many hardware devices and IPs. In view of threats such as compromised supply chain integrity, counterfeit chips, hardware trojan implants, malicious firmware, malware, etc., it is important to establish trust in hardware components and to communicate trust between different components of a system. The different kinds of communication could range from that between different IPs inside a SoC, between a host and its attached peripherals, as well as between chiplets inside a multi-chip module. Trust also needs to be established and revoked in a dynamic manner, with the ability to handle large number of subcomponents in the design. Thus, a new set of protocols that can work to establish trust and security in these new types of system architectures has become necessary. While some of these protocols are being developed as industry and government standards, large-scale effort is required to bring them to adoption. It is equally important to develop open source and verifiable hardware designs that can bring security without compromising system parameters such as performance or functionality. The focus of this workshop will be on all aspects of security and trust required to create zero-trust hardware architectures for heterogeneous computing systems.
Topics of interest
The areas of interest include but are not limited to:
- Roots of Trust and Chain of Trust in hardware
- Link encryption and secure communication channels
- Enabling Trusted Execution Environments (TEEs) for peripherals
- Authentication, Attestation and Encryption in Chiplet based designs
- Authentication, Attestation and Encryption in Composable system architectures
- Hardware based access control and monitoring
- Measuring trust in hardware and systems
- Hardware-based security techniques in edge/cloud systems
- Supply chain security
© ZTHA: Zero Trust Hardware Architectures Workshop@ICCAD, 2022