Minimizing a Smartphone's TCB for Security-Critical Programs with Exclusively-Used, Physically-Isolated, Statically-Partitioned Hardware

Zhihao Yao, Seyed Mohammadjavad Seyed Talebi, Mingyi Chen, Ardalan Amiri Sani, Thomas Anderson

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Scopus citations

Abstract

Smartphone owners often need to run security-critical programs on the same device as other untrusted and potentially malicious programs. This requires users to trust hardware and system software to correctly sandbox malicious programs, trust that is often misplaced. Our goal is to minimize the number and complexity of hardware and software components that a smartphone owner needs to trust. We present a split-trust hardware design composed of statically-partitioned, physically-isolated trust domains. We introduce a few simple, formally-verified hardware components to enable a program to gain provably exclusive and simultaneous access to both computation and I/O on a temporary basis. To manage this hardware, we present OctopOS, an OS composed of mutually distrustful subsystems. We present a prototype of this machine (hardware and OS) on a CPU-FPGA board and show that it incurs a small hardware cost compared to modern smartphone SoCs. For security-critical programs, we show that this machine significantly reduces the required trust compared to mainstream TEEs while achieving usable performance. For normal programs, performance is similar to a legacy machine.

Original languageEnglish (US)
Title of host publicationMobiSys 2023 - Proceedings of the 21st Annual International Conference on Mobile Systems, Applications and Services
PublisherAssociation for Computing Machinery, Inc
Pages233-246
Number of pages14
ISBN (Electronic)9798400701108
DOIs
StatePublished - Jun 18 2023
Externally publishedYes
Event21st Annual International Conference on Mobile Systems, Applications and Services, MobiSys 2023 - Helsinki, Finland
Duration: Jun 18 2023Jun 22 2023

Publication series

NameMobiSys 2023 - Proceedings of the 21st Annual International Conference on Mobile Systems, Applications and Services

Conference

Conference21st Annual International Conference on Mobile Systems, Applications and Services, MobiSys 2023
Country/TerritoryFinland
CityHelsinki
Period6/18/236/22/23

All Science Journal Classification (ASJC) codes

  • Software
  • Safety, Risk, Reliability and Quality
  • Health Informatics
  • Instrumentation
  • Radiation
  • Artificial Intelligence
  • Computer Networks and Communications
  • Information Systems

Keywords

  • exclusive use
  • physical isolation
  • static partitioning

Fingerprint

Dive into the research topics of 'Minimizing a Smartphone's TCB for Security-Critical Programs with Exclusively-Used, Physically-Isolated, Statically-Partitioned Hardware'. Together they form a unique fingerprint.

Cite this