Loading…
Linaro Connect San Diego 2019 has ended
Linaro Connect resources will be available here during and after Connect!

Booking Private Meetings
Private meetings are booked through san19.skedda.com and your personal calendar (i.e. Google Calendar). View detailed instructions here.

For Speakers
Please add your presentation to your session by attaching a pdf file to your session (under Manage Session > + Add Presentation). We will export these presentations daily and feature on the connect.linaro.org website here. Videos will be uploaded as we receive them (if the video of your session cannot be published please let us know immediately by emailing connect@linaro.org).

Dave’s Puzzle - linaro.co/san19puzzle

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Security [clear filter]
Tuesday, September 24
 

2:30pm

SAN19-226 Enabling AOSP FBE for OP-TEE Keymaster
This session summarizes the limitations of OP-TEE when File Based Encryption (FBE) is enabled in AOSP, and how to overcome them

Speakers
avatar for Victor Chong

Victor Chong

Engineer, Linaro



Tuesday September 24, 2019 2:30pm - 2:55pm
Sunset IV (Session 2)

3:00pm

SAN19-203 Trusted Firmware Project Update
Hosted by the Board chairs for the Trusted Firmware community project, this will be an update of development progress for Trusted Firmware M and Trusted Firmware A.


Speakers
avatar for Bill Fletcher

Bill Fletcher

Technical Solutions Director, Linaro Ltd
I enjoy hands-on development with Linux, C, LAVA, Python and Zephyr. Responsible for turning ideas into launchable projects. Project Manager for the Trusted Firmware project. Also I'm occasionally the business development and technical marketing specialist - check out my posts, articles... Read More →
avatar for Matteo Carlini

Matteo Carlini

Director, Software Technology Management, Arm
Director of Open Source Software responsible for Open Source Firmware (Trusted Firmware, UEFI, SCP), Linux Kernel and KVM.



Tuesday September 24, 2019 3:00pm - 3:50pm
Sunset 3 (Session 3)

3:00pm

SAN19-225 Fuzzing embedded (trusted) operating systems using AFL
Trusted Execution Environments (TEEs) have an increasing role in the security of embedded systems and one of the leading open-source solutions is OP-TEE by Linaro. As more and more security-critical tasks are moved to the TEE, the complexity and thus risk of vulnerabilities increases as well. By now it are small operating systems running trusted applications and having a system call interface exposing drivers and other services.

In this talk we present a fuzzing framework for OP-TEE using an unmodified version of AFL with coverage tracking integrated in the TEE kernel using compile-time injected hooks. This framework can be used to test any code running in the kernel such as the interface exposed to the non-secure the world, as well as trusted applications embedded in the kernel and the system call interface by providing the coverage data to the non-secure world.

We discuss the challenges of fuzzing a (trusted) operating system running nonvirtualized on an actual device as well as our approach that allows using an unmodified version of AFL running as Linux application in the non-secure world. Additionally, we discuss how we created a useful set of initial inputs to seed AFL. The approach discussed in this talk is not limited to OP-TEE but could be used for any (trusted) operating system.

Last, we discuss some of the latest improvements to the framework, making it more efficient and some of the issues found by fuzzing OP-TEE.

Speakers
avatar for Martijn Bogaard

Martijn Bogaard

Senior Security Analyst at Riscure, Riscure
Martijn Bogaard is a Senior Security Analyst at Riscure where he focuses most of his time on analyzing the security of low-level embedded software (bootloaders, operating systems) and is slowly expanding into embedded hardware security. Recent research interests include the effects... Read More →



Tuesday September 24, 2019 3:00pm - 3:50pm
Sunset IV (Session 2)
 
Wednesday, September 25
 

10:30am

SAN19-SWG01 Encrypted Trusted Applications (Sunset 1)
DRM content vendors want to make it even harder to reverse engineer Trusted Applications and therefore would like to see that TA’s are not just signed, but also encrypted. In this session we would like to discuss the different alternatives we see.

Speakers
avatar for Sumit Garg

Sumit Garg

Software Engineer, Linaro
Currently working as part of Support and Solutions team, Linaro. Responsible for activities related to platform security like OP-TEE, trusted firmware, boot-loaders etc. Also responsible for tool-chain support activities. Contributed in various open source projects like OP-TEE, TF-A... Read More →


Wednesday September 25, 2019 10:30am - 11:00am
Sunset 1 (Developer Room)

11:00am

SAN19-SWG02 OP-TEE’s Virtualization support (Sunset 1)
  • Since a while ago there has been experimental support to run virtualization in OP-TEE. Then there is also ongoing work in OP-TEE with adding support for secure EL-2 that is coming in newer Armv8-A versions.
  • In this session we want to discuss and brainstorm around future goals with Virtualization in OP-TEE.
  • Related session:
    SAN19-402 Virtualization for OP-TEE

Speakers
avatar for Jens Wiklander

Jens Wiklander

Senior Software Engineer, Linaro
Senior Software Engineer in Linaro Security Working Group
avatar for Volodymyr Babchuk

Volodymyr Babchuk

Senior Embedded Engineer at EPAM Systems, EPAM Systems
Volodymyr is senior embedded software engineer at EPAM Systems. He participates in a project aimed to bring XEN hypervisor into automotive solutions.


Wednesday September 25, 2019 11:00am - 11:30am
Sunset 1 (Developer Room)

11:40am

SAN19-SWG03 Portability (Sunset 1)
Abstraction layer to centralize everything a partner may need to customize in order to have OP-TEE running

Speakers
avatar for Joakim Bech

Joakim Bech

Principal Engineer Security, Linaro
Joakim has been a Linux user for about 15 years where he spent most of the time in his professional career working with security for embedded devices. The last five years he has been heading Security Working Group in Linaro who are working with various upstream projects related to... Read More →


Wednesday September 25, 2019 11:40am - 12:00pm
Sunset 1 (Developer Room)

12:00pm

SAN19-SWG04 Running a Fuzzer in OP-TEE? (Sunset 1)
  • Riscure (Martijn B) has created a fuzzer tool for OP-TEE. It has been successfully used to find a couple of potential security issues in OP-TEE.
  • As of today the tool is quite invasive in terms of making changes to the current OP-TEE source code.
  • In this session we would like to discuss whether there is anything we can do make the fuzzer code closer to upstream.
Related session: 
SAN19-225 Fuzzing embedded (trusted) 

Speakers
avatar for Joakim Bech

Joakim Bech

Principal Engineer Security, Linaro
Joakim has been a Linux user for about 15 years where he spent most of the time in his professional career working with security for embedded devices. The last five years he has been heading Security Working Group in Linaro who are working with various upstream projects related to... Read More →
avatar for Martijn Bogaard

Martijn Bogaard

Senior Security Analyst at Riscure, Riscure
Martijn Bogaard is a Senior Security Analyst at Riscure where he focuses most of his time on analyzing the security of low-level embedded software (bootloaders, operating systems) and is slowly expanding into embedded hardware security. Recent research interests include the effects... Read More →


Wednesday September 25, 2019 12:00pm - 12:30pm
Sunset 1 (Developer Room)

12:30pm

SAN19-SWG05 Keymaster (Sunset 1)
  • Linaro have been working on a (Google AOSP) Keymaster implementation for OP-TEE. The current solution implements Keymaster 3 (Keymaster and Gatekeeper).
  • In this session we would like to have a general discussion about:
    • Ongoing tasks
      a) The progress with upstreaming? Where are we and what needs to be done?
      b) Refactoring and removal of the PTA?
Future tasks?
a) Keymaster 4?
b) Fingerprintd?
c) Are the other Keymaster components that will be mandatory in future AOSP/Android releases?

Speakers
avatar for Victor Chong

Victor Chong

Engineer, Linaro


Wednesday September 25, 2019 12:30pm - 1:00pm
Sunset 1 (Developer Room)

2:00pm

SAN19-SWG06 SCMI, SPCI and StMM (Sunset 1)
  • Different teams and people are working with technologies that overlap to some degree.
  • In this session we would like to gather people from every team doing work in these areas to have a general discussion about these topics.
  • The goal is to make everyone aware of what other people are doing and to try to avoid duplicating work.

Speakers
avatar for Ilias Apalodimas

Ilias Apalodimas

Tech Lead, Linaro
Linux kernel developer with a taste for networking and performance
avatar for Jens Wiklander

Jens Wiklander

Senior Software Engineer, Linaro
Senior Software Engineer in Linaro Security Working Group
avatar for Joakim Bech

Joakim Bech

Principal Engineer Security, Linaro
Joakim has been a Linux user for about 15 years where he spent most of the time in his professional career working with security for embedded devices. The last five years he has been heading Security Working Group in Linaro who are working with various upstream projects related to... Read More →
avatar for Pipat Methavanitpong

Pipat Methavanitpong

Firmware Engineer, Socionext Inc.
Develop LEDGE's secure boot reference. Work with EDK2 and OP-TEE. Support SNI DeveloperBox 96boards.


Wednesday September 25, 2019 2:00pm - 2:40pm
Sunset 1 (Developer Room)

2:40pm

SAN19-SWG07 Abstract / protect high sensitive keys (Sunset 1)
There is a need to abstract / protect high sensitive keys (HUK, ...) in a way that it is never directly exposed in clear memory if the STB HW offers such capability? How can that be achieved?

Speakers
avatar for Joakim Bech

Joakim Bech

Principal Engineer Security, Linaro
Joakim has been a Linux user for about 15 years where he spent most of the time in his professional career working with security for embedded devices. The last five years he has been heading Security Working Group in Linaro who are working with various upstream projects related to... Read More →


Wednesday September 25, 2019 2:40pm - 3:00pm
Sunset 1 (Developer Room)

3:00pm

SAN19-SWG08 Richness of the TEE/OS (Sunset 1)
Find proper ways to modularize OP-TEE and reduce the attack surface to what's actually required for a given project.

Speakers
avatar for Victor Chong

Victor Chong

Engineer, Linaro


Wednesday September 25, 2019 3:00pm - 3:20pm
Sunset 1 (Developer Room)

3:30pm

SAN19-SWG09 CVE, CNA, Mitre (Sunset 1)
  • The Zephyr project has become a CNA, which makes it the authority for allocating and managing CVEs for the project
  • Information about the process, etc.
Considerations of becoming a CVE for OP-TEE, and/or TF-(A/M). Should Linaro, or trustedfirmware.org do this?

Speakers
avatar for David Brown

David Brown

Senior Engineer, Linaro
David Brown is a member of the Linaro Security Working Group, and has worked on the Linux kernel, with a focus on security for a number of years. Recently, he has been focusing on security as it relates to IoT and embedded devices, including focusing on secure booting, and secure... Read More →


Wednesday September 25, 2019 3:30pm - 4:00pm
Sunset 1 (Developer Room)

4:00pm

SAN19-SWG10 SVP issues and proposed DRM changes (Sunset 1)
TBD

Speakers
avatar for Joakim Bech

Joakim Bech

Principal Engineer Security, Linaro
Joakim has been a Linux user for about 15 years where he spent most of the time in his professional career working with security for embedded devices. The last five years he has been heading Security Working Group in Linaro who are working with various upstream projects related to... Read More →


Wednesday September 25, 2019 4:00pm - 4:30pm
Sunset 1 (Developer Room)

4:30pm

SAN19-SWG11 RPMB error handling (Sunset 1)
TBD

Speakers
avatar for Joakim Bech

Joakim Bech

Principal Engineer Security, Linaro
Joakim has been a Linux user for about 15 years where he spent most of the time in his professional career working with security for embedded devices. The last five years he has been heading Security Working Group in Linaro who are working with various upstream projects related to... Read More →


Wednesday September 25, 2019 4:30pm - 5:00pm
Sunset 1 (Developer Room)
 
Thursday, September 26
 

8:30am

SAN19-402 **Cancelled** Virtualization for OP-TEE
**This Session has been cancelled**
Volodymyr will speak about his work on adding virtualization support to OP-TEE and about OP-TEE mediator in Xen hypervisor.

Speakers
avatar for Volodymyr Babchuk

Volodymyr Babchuk

Senior Embedded Engineer at EPAM Systems, EPAM Systems
Volodymyr is senior embedded software engineer at EPAM Systems. He participates in a project aimed to bring XEN hypervisor into automotive solutions.


Thursday September 26, 2019 8:30am - 8:55am
Sunset V (Session 1)

11:00am

SAN19-411 Runtime Secure Keys in OP-TEE
Till now all keys stored in OP-TEE secure storage are secured at rest by encrypting it with FEK.
But when these keys are being used for operations these keys are kept in plain format in OP-TEE internal structures.

This is because cryptographic operations in OP-TEE are currently done with software libraries(libtomcypt and mbedTLS), and cryptographic operations are nothing but mathematical operations, so software libraries need private keys in “plain format” for operations.

Keeping these keys in plain format makes them vulnerable to following attacks with respect to confidentiality and integrity which is main objective of Trusted Execution Environment.
- By exploiting any vulnerability in code such as buffer overrun or bugs like Heartbleed.
- Using side channel attacks such as cold boot attack - in which an attacker with physical access to a computer performs a memory dump of a computer's RAM by performing a hard reset of the target machine.

Since nature of hardware-based cryptography ensures that the information stored in hardware is better protected from external attacks, so above issue can be fixed when these keys are backed by some hardware component. We need some mechanism in which the keys doesn’t exist in plain format in secure memory.

Hardware component will export the private keys only in encrypted form to secure memory.
During operations takes private keys in encrypted form and convert them into plain format internally and do operations with them.
Even If attacker gets access to this key in secure memory somehow, will not be able to find out the actual key.

Speakers
avatar for Sahil Malhotra

Sahil Malhotra

Lead Software Engineer, NXP Semiconductors
Having a total experience of 7 years in Embedded Programming.Worked on various areas including PKCS#11, Arm TrustZone, OP-TEE, OpenSSL, Networking.



Thursday September 26, 2019 11:00am - 11:25am
Sunset V (Session 1)

11:30am

SAN19-413 TEE based Trusted Keys in Linux
Protecting key confidentiality is essential for many kernel security use-cases such as disk encryption, file encryption and protecting the integrity of file metadata. Trusted and encrypted keys provides a mechanism to export keys to user-space for storage as an encrypted blob and for the user-space to later reload them onto Linux keyring without the user-space knowing the encryption key. The existing Trusted Keys implementation relied on a TPM device but what if you are working on a system without one?

This session will introduce a Trusted Keys implementation which relies on a much simpler trusted application running in a Trusted Execution Environment (TEE) for sealing and unsealing of Trusted Keys using a hardware unique key provided by the TEE.

Speakers
avatar for Sumit Garg

Sumit Garg

Software Engineer, Linaro
Currently working as part of Support and Solutions team, Linaro. Responsible for activities related to platform security like OP-TEE, trusted firmware, boot-loaders etc. Also responsible for tool-chain support activities. Contributed in various open source projects like OP-TEE, TF-A... Read More →



Thursday September 26, 2019 11:30am - 11:55am
Sunset V (Session 1)
 
Friday, September 27
 

11:30am

SAN19-513 Rust TrustZone SDK: Enabling Safe, Functional, and Ergonomic Development of Trustlets
ARM TrustZone shields the most critical security components from the normal world legacy OS, which grows larger and more complex over time and has become quite difficult to harden. However, in recent years we have also witnessed memory exploits targeting TrustZone systems as well. Such vulnerabilities can be utilized by the attackers as the bridge to further subvert the secure OS, thus take over the whole device.

As an important mission of the open source project under the MesaTEE platform, we aim to bring memory safety to ARM TrustZone. In particular, we enabled Rust programming for Trustlets, making them immune to memory exploits by nature while preserving native execution speed. Unlike the previous attempts, Rust OP-TEE TrustZone SDK is the first to:

- utilize the Rust programming language's security checks and type checks, so that developers can never misuse;
- enable Rust standard library and millions of Rust crates/libraries for developing Trustlets, so that developers can conveniently leverage the existing rich Rust ecosystem;
- provide automatic Trustlet lifecycle management via the "resource allocation is initialisation" (RAII) design pattern, preventing errors where a resource is not finalised and where a resource is used after finalisation, so that developers no longer bother calling session/context related APIs manually.

We will present our current implementation based on OP-TEE (complying to the GlobalPlatform TEE specifications), and will provide demonstrations for popular TrustZone applications like secure storage, key management, device identification, authentication, DRM, etc. Most importantly, we revolutionarily provide support for trusted and secure machine learning computation in TrustZone. To our best knowledge, we are the first to offer safe, fast, functional, and ergonomic development for Trustlets.

Speakers
avatar for Mingshen Sun

Mingshen Sun

Security Researcher, Baidu X-Lab
Mingshen Sun is a senior security researcher of Baidu X-Lab at Baidu USA. He received his Ph.D. degree in Computer Science and Engineering from The Chinese University of Hong Kong. His interests lie in solving real-world security problems related to system, mobile, IoT devices and... Read More →



Friday September 27, 2019 11:30am - 11:55am
Pacific Room (Keynote)