Secure and Dynamic Hardware Partitioning Management on Heterogeneous SoC - Zahra Tarkhani, Microsoft
Secure and Dynamic Hardware Partitioning Management on Heterogeneous SoC - Zahra Tarkhani, Microsoft Corporation
Heterogeneous SoC architectures enable a wide range of functionalities, notably for modern IoT/edge platforms. Modern SoCs contain heterogeneous CPUs (e.g., a combination of ARM and RISC-V architectures) and peripherals. As a result, the systems stack on such devices includes multiple OSs (e.g., Linux and FreeRTOS), hypervisors, or TEEs (trusted execution environments). Hence secure partitioning and sharing hardware resources within such complex system layers is challenging. Static hardware partitioning at boot time can not satisfy most use cases' security, performance, or compatibility requirements. This talk describes a hardware-assisted dynamic partitioning framework for Linux- and TEE-based heterogeneous architectures. We first summerise state-of-the-art hardware features for fine-grained privilege separation. Then we discuss how our solution modifies the Linux kernel, trusted firmware, and TEE kernel to achieve this goal while resolving various security and functionality challenges.
Видео Secure and Dynamic Hardware Partitioning Management on Heterogeneous SoC - Zahra Tarkhani, Microsoft канала The Linux Foundation
Heterogeneous SoC architectures enable a wide range of functionalities, notably for modern IoT/edge platforms. Modern SoCs contain heterogeneous CPUs (e.g., a combination of ARM and RISC-V architectures) and peripherals. As a result, the systems stack on such devices includes multiple OSs (e.g., Linux and FreeRTOS), hypervisors, or TEEs (trusted execution environments). Hence secure partitioning and sharing hardware resources within such complex system layers is challenging. Static hardware partitioning at boot time can not satisfy most use cases' security, performance, or compatibility requirements. This talk describes a hardware-assisted dynamic partitioning framework for Linux- and TEE-based heterogeneous architectures. We first summerise state-of-the-art hardware features for fine-grained privilege separation. Then we discuss how our solution modifies the Linux kernel, trusted firmware, and TEE kernel to achieve this goal while resolving various security and functionality challenges.
Видео Secure and Dynamic Hardware Partitioning Management on Heterogeneous SoC - Zahra Tarkhani, Microsoft канала The Linux Foundation
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
V4L2 M2M as the Driver Framework for Video Processing IP - Karthik Poduval, Amazon Lab126The Evolution of Milvus: A Cloud-Native Vector Database - Frank Liu, ZillizMentorship Session: Dynamic Program Analysis for Fun and ProfitKeynote: The Difference Between a Crowd and a Community - Joseph Gordon-LevittLF Live Webinar: Architecting Your DevOps Pipeline for Automation at ScaleOpen Source Drones Summit by The Dronecode FoundationEnabling Linux Usage in Space Applications - Antoine Certain, Airbus Defence and SpaceMentorship Session: Stress-ng: How to Stress Test Your Computer (and Possibly Break It)Userspace control of memory mappings to support live update - James Gowans & David WoodhouseOpening Keynote: What a Difference 5 Years Makes - The New Open World - Jim ZemlinIntroduction to the J1939 Kernel Stack - Marc Kleine-Budde, PengutronixLF Live Webinar: Why You Need An Ingress Controller and How to Pick OneBoF: Automotive Grade Linux Developer Community - Walt Miner, The Linux FoundationLimits of Development - Hannes ReineckeKeynote: The Rise of DevSecOps - Yvonne Wassenaar, Chief Executive Officer, PuppetFrom Zero to First Test in Your Own LAVA Laboratory in less than 45 minutes) - Paweł WieczorekLinux You Can Drive My Car - Walt Miner, Linux FoundationMillennium Technology Prize Winners: Torvalds and YamanakaVirtIO- a Common Device Framework to Achieve Software Defined Vehicle Jerry, Zhao JiancongSONiC – open than ever - Dave Maltz, Azure Networking, MicrosoftKeynote: State of the Union - Jim Zemlin, Executive Director, The Linux Foundation