KYBS2500 Introduction to Trusted and Confidential Computing (5 cr)

Study level:
Advanced studies
Grading scale:
0-5
Language:
English
Responsible organisation:
Faculty of Information Technology
Curriculum periods:
2024-2025, 2025-2026, 2026-2027, 2027-2028

Tweet text

Trust and Confidentiality is a foundational aspect of cybersecurity.

Description

Trust and Confidentiality is a foundational aspect of cybersecurity. This course provides the core concepts, tools, and a practical knowledge in this topic. #TPM #SGX #UEFI

The course covers the following topics:

Trust, Identity and Integrity in Computer Systems and their relationship to the overall cybersecurity of devices and systems.

Basics of computer boot operations, firmware:

  • BIOS, UEFI in x86 systems,
  • Other boot systems, eg: Arm SBCs, Android systems, Microcontrollers,
  • Root of trust: Core/Static and Dynamic roots of trust.

Threats:

  • Firmware modification,
  • Tampering,
  • Supply-Chain attacks,
  • Specific focus on StuxNet, Triton, SolarWinds.

Trusted Platform Module:

  • Uses, abuses,
  • Operations,
  • Other systems: HSM, Mars, DICE.

Measurements:

  • Use of TPM in the boot sequence,
  • Run-time measurement, eg: Linux IMA,
  • Source of the measurement values,
  • Use of TPM to track O/S Updates, Firmware Updates and rebooting.

Remote Attestation:

  • TPM Quotes,
  • Expected Values,
  • Log cross-referencing, eg: UEFI-IMA-TPM-TXT.

Confidential Computing:

  • Container Trust,
  • CPU Trust and CPU Enclaving,
  • SGX, TDX, TrustZone and CCA.

Other Topics:

  • Digital Forensics and Incident Response (loss of trust),
  • Trustworthy AI/ML and how this is achieved,
  • Requirements for trust, e.g. NIS2.

Learning outcomes

The students will understand the concept of trust in computer systems and the mechanisms by which trust (identity and integrity) is established, reported, and verified through attestation.

How the hardware and firmware architecture of a system supports (or prevents) trust will be gained.

How secure modules such as the Trusted Platform Module is utilised in boot-time, run-time and supply-chain security. The processes of attestation will be investigated. A practical component here will be setting up a remote attestation system and investigating the behaviour of the students’ own laptops/computer or other devices as necessary will be made.

Practical knowledge of TPM, LVFS, IMA, grub, tboot, TXT and other mechanisms will be obtained through exercises.

Coverage of confidential computing topics such as SGX, TDX and other enclaving schemes will be made. This will extend to how trust may be utilised in cloud operations, scheduling, and orchestration.

Advanced topics such as attestation’s place in digital forensics and legal aspects such as NIS2 requirements will finalise the course.

Description of prerequisites

Basic knowledge of Linux is desirable.

Completion methods

Method 1

Select all marked parts
Parts of the completion methods
x

Participation in teaching (5 cr)

Type:
Participation in teaching
Grading scale:
0-5
Language:
English
No published teaching