Secure Debug in Trusted Execution Environments

No Thumbnail Available
Journal Title
Journal ISSN
Volume Title
Perustieteiden korkeakoulu | Master's thesis
Date
2021-10-18
Department
Major/Subject
Security and Cloud Computing
Mcode
SCI3084
Degree programme
Master’s Programme in Security and Cloud Computing (SECCLO)
Language
en
Pages
54
Series
Abstract
Trusted Execution Environments provide improved security guarantees with a smaller attack surface at the cost of a reduced feature set. This accomplishes the goal of a secure environment, however the lack of introspection and debugging solutions can also hamper development efforts for secure applications. The goal of this thesis is to examine introspection techniques for improving development effort, enabling debugging and tracing of secure components while accounting for security considerations inherently present in such activities. Specific focus is put on the Secure World within ARM TrustZone. Both hardware and softwarebased tracing approaches are considered and studied. This thesis details the implementation and evaluation of a hardware tracing solution, which integrates open-source technologies and leverages the ARM CoreSight Architecture. A softwarebased stack trace feature for 64-bit ARM is also implemented and design considerations are evaluated. The two approaches are compared in terms of capabilities, advantages, and drawbacks. This thesis also performs a security evaluation, which discusses security tradeoffs between the different approaches and design decisions.
Description
Supervisor
Ekberg, Jan-Erik
Thesis advisor
Hänel, Lukas
Keywords
debug, trace, introspection, security
Other note
Citation