Browse and download our research within the Presentations category.


Out-of-Order Execution as a Cross-VM Side-Channel and Other Applications

In this paper, we introduce a novel side-channel which functions across virtual machines. The side-channel functions through the detection of out-of-order execution. We create a simple duplex channel as well as a broadcast channel. We discuss possible adversaries for the side-channel and propose further work to make the channel more secure, efficient and applicable in realistic scenarios. In addition, we consider seven possible malicious applications of this channel: theft of encryption keys, program identification, environmental keying, malicious triggers, determining virtual machine co-location, malicious data injection, and covert channels.

Firmly Rooted in Hardware

Practical protection from firmware attacks in hardware supply chain.

In Search of Lost Bytes, “Assurance Under Low Trust Conditions”

Digital markets have quickly grown to international proportions, complexities in materials, development, and distribution have developed accordingly, resulting in market efficiency.

When expanding any supply chain for an IoT voting machine to an entire national infrastructure, cost, reliability, and security of the alien component is taken into account. However, often overlooked is the incalculable risks associated with failings from any number of attributes tied to the supplier.

There is a fine line between acceptable and irreconcilable risk, and mitigations only serve to reduce risk. While some risks are avoidable, others are not, and ignoring the facts has disproportionate consequences. This presentation will explore modern supply chain security risks and mitigations by showcasing the technical details of several security vulnerabilities, calculated risk, and difficulty in fully mitigating them through a technical deep dive of 5G infrastructure.

Hacking the Motherboard – Exploiting Implicit Trust in all of the Forgotten Places

Our economy is becoming more specialized and more and more tasks are being automated. We must have confidence in these systems and the technical infrastructure that supports them. However, this confidence relies on too much implicit trust – overlooking serious risks. Assurance in this area is hard won, manual, and costly.

Last year, Bloomberg’s Big Hack article gave everyone a – questionably accurate but – much needed scare which forced companies to evaluate their exposure to supply chain intervention attacks. We need to understand the attack vectors and the inherent hardware vulnerabilities used by these backdoors, as well as the steps we can take to protect ourselves.

Several recent hacks highlight this problem including the ASUS software update hijacking, the SuperMicro supply chain, and the political-economic arguments for Huawei 5G. Including a technical overview of various types of hardware implants, the access they enable, and what we should be doing to detect and mitigate.


« Return to Recent Publications