Security for VEDLIoT Components, from Cloud through Edge to IoT. Marcelo Pasin. Workshop on Deep Learning for IoT (DL4IoT), co-located with HiPEAC 2022, Budapest, Hungary, June 2022
1. Marcelo Pasin
University of Neuchâtel
HiPEAC 2022
Budapest, 20 June 2022
Security for VEDLIoT Components,
from Cloud through Edge to IoT
2. 2
Applications
(WP7)
Requirements
(WP2)
Security &
Safety (WP5)
Trusted Exec.
Hardware
(WP4)
Accelerator
(WP3)
Middleware
(WP6)
Embedded / Far Edge (u.RECS) Near Edge (t.RECS) Cloud (RECS|Box)
FPGA Reconfigurable Infrastructure
Communication
Run-Time
reconfiguration
Management
ASIC AI Accelerators
Ultra
Low
Power
Mid
Range
High
Performance
AI Toolchain (EmbeDL)
Optimization
Model Zoo
Robustness
Deployment
Industrial IoT
Motor Condition
Classification
Arc
Detection
Automotive AI
Automatic
Emergency
Breaking
Safety and
Robustness
Monitoring
RISC-V
extensions
Trusted Web
Assembly VM
Root of Trust
Distributed
Attestation
RISC-V evaluation
(Embench Tester)
Benchmark Framework
(Kenning)
Smart Home
Smart Mirror
Require-
ments
Engineering
Ethics
Safety and
Robustness
Modelling
and
Verification
IoT/Edge Emulation
Framework (Renode)
Processing
Platforms
Peripherals
Communication
Infrastructures
ARM, x86, RISC-V, GPU, FPGA, ASIC
Open Calls
… … …
Trusted Com.
Secure IoT
Gateway
LORA/5G
3. 3
Processing IoT data in 2022
• Cloud applications are everywhere
• High availability and performance, flexible management
• Very common usage: cloud-backed handheld apps
• Edge processing capacity is expanding
• Proximity, lower latency
• Legal compliance
• Internet of things is being deployed
• Small devices, simple tasks, user-centred
• VEDLIoT project
• Develop hardware and software solutions
• Use deep learning to process IoT data
GPS
4. 4
Security must be part of the continuum
• Providers, developers and users must be able to trust in the whole continuum
• Security has always been essential in the cloud
• Users need guarantees that their data's confidentiality and integrity are respected
• Hard to provide in a multi-tenant system: co-tenants may use vulnerabilities to uncover (or infer) data
• Even harder when the providers are curious, they have the power to inspect all content
• Infrastructure providers wish to be protected from malicious tenants
• Tenants may try to exploit vulnerabilities for their own profit
• Edge-based infrastructure offers far fewer guarantees than the cloud
• Edge computers are much more distributed when compared to the cloud
• Installed in user buildings, shared infrastructures, next to roads
• Impossible to maintain physical control over the resources
• Edge administrators have physical control of the edge devices (similar to cloud)
• Users are in the proximity of the edge devices and may physically abuse them
• IoT security: either same as edge, or the end-user responsibility
5. 5
Trusted execution environments can help
• Most recent computer architectures include a practical solution for establishing trust
• Trusted execution environments (TEEs)
• TEEs allow software execution in a segregated (secure) space
• Access to the space is architecturally impossible from other software
• Not even machine administrators can access TEE software
• Hardware implementations include an extra execution mode in the processor
• May even include memory (RAM) encryption for TEE data
• Very popular implementation of TEE: Intel's Secure Guard Extensions (SGX)
• Commercial cloud services already exist (ex. Azure Confidential Computing)
• Similar solution is necessary for the edge deployments as well
• Very popular edge architecture: Arm, offers TrustZone as a TEE
• Underlying hardware is built using proprietary and incompatible solutions
• Harder to reuse trusted software from cloud to edge and vice versa
7. 7
WebAssembly as the common denominator
• In VEDLIoT, we proposed using WebAssembly as the technology
• We advocate that it is adequate for implementing applications in the continuum
• Seamless technology across most hardware devices and software environments
• Modern hardware is already able to run WebAssembly efficiently
• Technology developed for running distributed applications in web browsers
• Good performance and decent levels of security
• One can increase security using trusted execution environments
• So many bits are still missing for the true continuum
• Some of the missing bits are being developed in VEDLIoT
• Several security artifacts around TEEs
• In this presentation: TEEs in WebAssembly
8. 8
TWINE, a solution with Intel SGX
• TWINE: an execution environment suited for WebAssembly applications inside TEEs
• Implemented using
Intel SGX
• Built with two main blocks
• WebAssembly runtime
• Adapted WAMR
• Entirely inside the TEE
• WASI interface
• Bridge between trusted and untrusted environments
• Abstracts the machinery of the underlying OS
10. 10
WATZ, a solution with Arm TrustZone
• WATZ: WebAssembly for TrustZone
• Similar to TWINE, using Arm processors
• Added missing functionality: remote attestation
• Extended WASI interface
12. 12
There’s much more in VEDLIoT
Other components for implementing security (this list keeps growing)
• Physical Memory Protection Unit for RISC-V
• ISA extension for facilitating trusted execution on embedded devices
• Free and open-source implementation and docs
• Secure communication in TrustZone-M (IoT devices)
• Mechanism for communication between the TEE and the untrusted environment
• Lightweight message protection scheme using the Memory Protection Unit
• Replicated remote attestation system
• Byzantine fault-tolerant implementation
• Auditable integrity-protected storage
• Membership and coordination primitives
13. 13
Conclusion
Security for VEDLIoT Components, from cloud through edge to the IoT
• WebAssembly to build composable applications over the continuum
• WebAssembly runtimes for Intel SGX and Arm TrustZone, with attestation
• Byzantine fault-tolerant attestation service
• TEE for RISC-V
• Communication for Arm TEE for embedded systems
• Work ahead
• Support applications, for example: (yet to define)
• Running machine learning in TEEs
• Implement distributed attestation in a use case
• Maybe edge-cloud migration (offloading)