SecAppDev 2019 has ended
Back To Schedule
Thursday, February 21 • 09:00 - 10:30
Trusted Execution Environments and how far you can trust them

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Modern processors provide Trusted Execution Environments that allow you to protect software components even from an untrusted operating system. Learn when and how to use them!

Imagine that you have developed the perfectly secure piece of software. You did your best engineering effort; you used safe programming languages; you tested it thoroughly; you even did a bit of formal verification for the most critical parts. Now you want to deploy it, and you realize that you can't really trust the client's PC, their software stack to be up-to-date, or even their operating system to not tamper with your software. How could you possibly protect your software from malicious low-level interactions?

In this session, you will learn how to leverage component isolation and remote software attestation as provided by modern Trusted Computing techniques. A number of processors provide different variants of these security primitives: Cloud providers allow you to run SGX enclaves, mobile devices feature TrustZone technology, and with Sancus there is even an emerging solution for light-weight embedded devices. The session will focus on using these platforms to build secure distributed applications.

This session is intended for architects, developers, testers, software security, and verification engineers.


Jan Tobias Muehlberg

Research manager, KU Leuven

Thursday February 21, 2019 09:00 - 10:30 CET
Main building (room Lemaire)