Publication
A RISC-V Extension to Minimize Privileges of Enclave Runtimes
Related publications (33)
Design and in vitro Characterization of a Wearable Multisensing System for Hydration Monitoring
Sandro Carrara, Ali Meimandi, Ata Jedari Golparvar, Sarah Tonello
Dehydration is a frequent condition in the elderly and can lead to serious health complications if not compensated timely. Early diagnosis can be problematic, as medical examinations in the hospital would be needed. Fully wearable low-cost multisensing dev ...
Ieee-Inst Electrical Electronics Engineers Inc2024Creating Trust by Abolishing Hierarchies
Mathias Josef Payer, Edouard Bugnion, Evangelos Marios Kogias, Adrien Ghosn, Charly Nicolas Lucien Castes, Neelu Shivprakash Kalani, Yuchen Qian
Software is going through a trust crisis. Privileged code is no longer trusted and processes insufficiently protect user code from unverified libraries. While usually treated separately, confidential computing and program compartmentalization are both symp ...
Association for Computing Machinery2023TEEzz: Fuzzing Trusted Applications on COTS Android Devices
Mathias Josef Payer, Marcel Busch
Security and privacy-sensitive smartphone applications use trusted execution environments (TEEs) to protect sensitive operations from malicious code. By design, TEEs have privileged access to the entire system but expose little to no insight into their inn ...
IEEE COMPUTER SOC2023A review of the security vulnerabilities and countermeasures in the Internet of Things solutions: A bright future for the Blockchain
Jan Van Herle, Hossein Pourrahmani
The current advances in the Internet of Things (IoT) and the solutions being offered by this technology have accounted IoT among the top ten technologies that will transform the global economy by 2030. IoT is a state-of-the-art paradigm that has developed ...
2023Imprecise Store Exceptions
Babak Falsafi, Mathias Josef Payer, Yuanlong Li, Siddharth Gupta, Yunho Oh, Qingxuan Kang, Abhishek Bhattacharjee
Precise exceptions are a cornerstone of modern computing as they provide the abstraction of sequential instruction execution to programmers while accommodating microarchitectural optimizations. However, increasing compute capabilities in deep memory hierar ...
ACM2023Midas: Systematic Kernel TOCTTOU Protection
Mathias Josef Payer, Atri Bhattacharyya, Uros Tesic
Double-fetch bugs are a plague across all major operating system kernels. They occur when data is fetched twice across the user/kernel trust boundary while allowing concurrent modification. Such bugs enable an attacker to illegally access memory, cause den ...
2022Attestable Software Versioning for Stateful Confidential Computing
Edouard Bugnion, Charly Nicolas Lucien Castes
Trusted execution environments enable the creation of confidential and attestable enclaves that exclude the platform and service providers from the trusted base. From its initial attestable state, a stateful enclave such as a confidential database can hold ...
2022Electrical-Level Attacks on CPUs, FPGAs, and GPUs: Survey and Implications in the Heterogeneous Era
Mirjana Stojilovic, Dina Gamaleldin Ahmed Shawky Mahmoud
Given the need for efficient high-performance computing, computer architectures combining CPUs, GPUs, and FPGAs are nowadays prevalent. However, each of these components suffers from electrical-level security risks. Moving to heterogeneous systems, with th ...
2022A Deep-Learning Approach to Side-Channel Based CPU Disassembly at Design Time
Side-channel CPU disassembly is a side-channel attack that allows an adversary to recover instructions executed by a processor. Not only does such an attack compromise code confidentiality, it can also reveal critical information on the system’s internals. ...
2022Trust as a Programming Primitive
Programming has changed; programming languages have not.Modern software embraced reusable software components, i.e., public libraries, and runs in the cloud, on machines that co-locate applications from various origins.This new programming paradigm leads t ...
EPFL2021