LEVERAGING CONFIDENTIAL COMPUTING TO ENABLE SECURE INFORMATION SHARING

Chadwick, Samuel; Graham, Scott; Dean, James; Dallmeyer, Matthew

doi:10.1007/978-3-031-20137-0_9

Samuel Chadwick¹⁷,
Scott Graham¹⁷,
James Dean¹⁷ &
…
Matthew Dallmeyer¹⁷

Part of the book series: IFIP Advances in Information and Communication Technology ((IFIPAICT,volume 666))

Included in the following conference series:

International Conference on Critical Infrastructure Protection

368 Accesses

Abstract

The emergence of the RISC-V Instruction Set Architecture incentivizes the critical infrastructure protection community to consider the use of emerging open-source security mechanisms to facilitate secure information sharing. An exemplar is Keystone, a Confidential Computing Consortium project, that offers an accessible open-source framework for building trustworthy secure hardware enclaves based on the RISC-V Instruction Set Architecture.

This chapter describes an attempt at extending Keystone to the HiFive Unmatched development platform and proposes enclave application development to effectively and affordably supplement deployed supervisory control and data acquisition devices with secure information sharing capabilities. Since the implementation of confidential computing principles axiomatically degrades real-time performance, the performance of supervisory control and data acquisition devices must be characterized to ensure that the devices enhanced with trusted execution environments meet operational requirements while supporting critical infrastructure operations with secure information sharing capabilities.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic

$34.99 /Month

Get 10 units per month
Download Article/Chapter or eBook
1 Unit = 1 Article or 1 Chapter
Cancel anytime

Buy Now

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 139.00; Price excludes VAT (USA)

Softcover Book: USD 179.99; Price excludes VAT (USA)

Hardcover Book: USD 179.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Cryptographic Security Through a Hardware Root of Trust

Developing Secure Services for IoT with OP-TEE: A First Look at Performance and Usability

TALUS: Reinforcing TEE Confidentiality with Cryptographic Coprocessors

References

Confidential Computing Consortium, A Technical Analysis of Confidential Computing (v1.1), The Linux Foundation, San Francisco, California (confidentialcomputing.io/wp-content/uploads/sites/85/2021/03/CCC-Tech-Analysis-Confidential-Computing-V1.pdf), 2021.
Google Scholar
Confidential Computing Consortium, What is the Confidential Computing Consortium? The Linux Foundation, San Francisco, California (confidentialcomputing.io), 2022.
Google Scholar
D. Lee, D. Kohlbrenner, S. Shinde, K. Asanovic and D. Song, Keystone: An open framework for architecting trusted execution environments, Proceedings of the Fifteenth European Conference on Computer Systems, article no. 38, 2020.
Google Scholar
opensbi Contributors, RISC-C Open Source Supervisor Binary Interface, GitHub (github.com/riscv-software-src/opensbi), 2021.
Google Scholar
M. Sabt, M. Achemlal and A. Bouabdallah, Trusted execution environment: What it is and what it is not, Proceedings of the IEEE International Conference on Trust, Security and Privacy in Computing and Communications, pp. 57–64, 2015.
Google Scholar
SiFive, SiFive FU740-C000 Manual (v1p6), San Mateo, California (sifive.cdn.prismic.io/sifive/1a82e600-1f93-4f41-b2d8-86ed8b16acba_fu740-c000-manual-v1p6.pdf), 2021.
Google Scholar
J. Tullos, Characterizing Security Monitor and Embedded System Performance Across Distinct RISC-V IP-Cores, M.S. Thesis, Department of Electrical and Computer Engineering, Air Force Institute of Technology, Wright-Patterson Air Force Base, Ohio, 2021.
Google Scholar
A. Waterman and K. Asanovic (Eds.), The RISC-V Instruction Set Manual Volume I: Unprivileged ISA, Document Version 20191213, RISC-V Foundation, Department of Electrical Engineering and Computer Sciences, University of California Berkeley, Berkeley, California, 2019.
Google Scholar
A. Waterman, K. Asanovic and J. Hauser (Eds.), The RISC-V Instruction Set Manual Volume II: Privileged Architecture, Document Version 20211203, RISC-V Foundation, Department of Electrical Engineering and Computer Sciences, University of California Berkeley, Berkeley, California, 2021.
Google Scholar

Download references

Author information

Authors and Affiliations

Air Force Institute of Technology, Wright-Patterson Air Force Base, Ohio, USA
Samuel Chadwick, Scott Graham, James Dean & Matthew Dallmeyer

Authors

Samuel Chadwick
View author publications
You can also search for this author in PubMed Google Scholar
Scott Graham
View author publications
You can also search for this author in PubMed Google Scholar
James Dean
View author publications
You can also search for this author in PubMed Google Scholar
Matthew Dallmeyer
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Scott Graham .

Editor information

Editors and Affiliations

University of Tulsa, Tulsa, OK, USA
Jason Staggs
University of Tulsa, Tulsa, OK, USA
Sujeet Shenoi

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Chadwick, S., Graham, S., Dean, J., Dallmeyer, M. (2022). LEVERAGING CONFIDENTIAL COMPUTING TO ENABLE SECURE INFORMATION SHARING. In: Staggs, J., Shenoi, S. (eds) Critical Infrastructure Protection XVI. ICCIP 2022. IFIP Advances in Information and Communication Technology, vol 666. Springer, Cham. https://doi.org/10.1007/978-3-031-20137-0_9

Download citation

DOI: https://doi.org/10.1007/978-3-031-20137-0_9
Published: 30 November 2022
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-20136-3
Online ISBN: 978-3-031-20137-0
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics