Securing hard drives with the Security Protocol and Data Model (SPDM)

Alves, Renan C. A.; Albertini, Bruno; Simplício, Marcos A.

doi:10.1109/isvlsi54635.2022.00099

Cited by 4 publications

(2 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In addition, the PCI express (PCIe) integrity and data encryption key management (IDE_KM) protocol [33] for link encryption and other application protocols are built on top of the SPDM protocol. It standardizes the authentication of hardware components and enables the establishment of secure communication channels among them [34]. The protocol allows endpoints to discover and negotiate each other's security capabilities and to retrieve each other's measurements, which include the configurations of the hardware and the firmware.…”

Section: Threat Model and An Overview Of Spdm Protocolmentioning

confidence: 99%

Light-Weight Security Protocol and Data Model for Chip-to-Chip Zero-Trust

2023

View full text Add to dashboard Cite

The semiconductor supply chain is vulnerable to multiple security attacks, such as hardware Trojan injection, intellectual property theft, and overproduction. The notion of zero-trust (ZT) -never trust, always verify -offers a promising opportunity for chip security by authenticating integrated circuits (ICs) when they are connected to critical computing systems. Before exchanging any data, the system establishes trust with the chip using industry security protocols. In this paper, we propose using the secure protocol and data model (SPDM) to establish chip-to-chip (C2C)-ZT communications. Furthermore, we present formal models for this solution and verify these models using state-of-the-art formal verification tools. The results show that the SPDM meets the requirements of the ZT architecture and can be used as a foundation for secure C2C interconnection. INDEX TERMSSecure protocol and data model (SPDM), automatic verification of internet security protocols and applications (AVISPA), secure protocol animator (SPAN), formal verification (FV). I. INTRODUCTIONASHFAQ AHMED (Senior Member, IEEE) received the M.S. and Ph.D. degrees from the

show abstract

Section: Threat Model and An Overview Of Spdm Protocolmentioning

confidence: 99%

Light-Weight Security Protocol and Data Model for Chip-to-Chip Zero-Trust

2023

View full text Add to dashboard Cite

show abstract

“…Recentemente, o TLS influenciou a especificac ¸ão do SPDM (Security Protocol and Data Model), um padrão aberto proposto pela DMTF (Distributed Management Task Force) que define um conjunto de mecanismos e formatos para autenticac ¸ão de hardware e firmware [DMTF 2023]. O SPDM pode ser usado por exemplo para aumentar a seguranc ¸a nas leituras e escritas de um disco rígido [Alves et al 2022]. Dada a relac ¸ão entre o TLS e o SPDM e a descoberta de falhas em implementac ¸ões do TLS com o uso de fuzzers [Beurdouche et al 2017], é razoável considerar a seguinte pergunta de pesquisa: Qual a eficácia de adaptar fuzzers do TLS para o SPDM?…”

Section: Introduc ¸ãOunclassified

Fuzzing para o Protocolo TLS: Estado da Arte e Comparação de Fuzzers Existentes

Velozo,

Ferreira,

Pacheco

et al. 2023

Anais Estendidos Do XXIII Simpósio Brasileiro De Segurança Da Informação E De Sistemas Computacionais (SBSeg Estendido 2023)

View full text Add to dashboard Cite

Dentre as várias formas de verificar a implementação de um protocolo, os testes fuzzing merecem destaque, dados os bons resultados alcançados nos últimos anos tanto no sentido de cobrir o código que implementa um protocolo, quanto no sentido de encontrar bugs que podem causar falhas de segurança. Este artigo apresenta resultados preliminares decorrentes da investigação de fuzzers existentes para o protocolo TLS, com o objetivo final de modificar um deles para um novo protocolo de segurança. É mostrado que nem todos os fuzzers existentes são funcionais e que, dentre aqueles que de fato funcionam, o tlsfuzzer merece destaque a ponto de ser considerado como o ideal para ser adaptado para verificar a implementação do protocolo SPDM.

show abstract