Security of esoteric firmware and trusted execution environments

Chen, Zitai ORCID: 0000-0001-5640-0538 (2023). Security of esoteric firmware and trusted execution environments. University of Birmingham. Ph.D.

Preview

Chen2023PhD.pdf
Text - Accepted Version
Available under License All rights reserved.
Download (13MB) | Preview

Abstract

Computer systems have become deeply integrated into everyday life and become more complex in order to satisfy functionality requirements. In modern vehicles, there are multiple embedded devices of different architectures, connected together to improve the driving experience. Modern computers including PC and server systems are also becoming a piece of embedded system with multiple components. Apart from the main Central Processing Unit (CPU), there are multiple microcontrollers on the motherboard. Additionally, modern architectures often provide a Trusted Execution Environment (TEE) which aims to provide a secure environment to protect the information used in it, even if the device is under the attacker's control.

These new developments in computer systems raise new challenges to security analysis. With multiple devices and microcontrollers of different architectures used in the system, firmware analyses have become a challenging task. Besides, with the complex design of x86 systems, the threat model of TEE, where the device holder can be considered malicious, has not been fully evaluated.

In this thesis, we contributed to three aspects of the security analysis of the after-mentioned systems. Firstly, MetaEmu provides an architecture-agnostic emulator for re-hosting firmware of different architectures, which makes dynamic analysis possible for esoteric firmware. Furthermore, the firmware partitioning method introduced in Incision makes it easier to dissect large firmware blobs to aid manual analysis.

Secondly, with the analysis of Voltage Regulator Module (VRM) and TEE on Intel platforms, which is Intel SGX, we developed VoltPillager, a low-cost tool for injecting messages on the Serial Voltage Identification bus between the CPU and the voltage regulator on the motherboard. This allows us to precisely control the CPU core voltage. We leverage this powerful tool to mount the first hardware-based fault-injection attacks that breach confidentiality and integrity of Intel SGX enclaves. This attack would require a rethink of the SGX adversarial model, where a cloud provider is untrusted and has physical access to the hardware.

Last, but not least, PMFault investigated the board-level security of server motherboards. With the analysis of Baseboard Management Controller (BMC) firmware and the motherboard design, we showcase new attacks which utilize the software-hardware interface exposed by microcontrollers on the motherboard. These attacks can cause serious security vulnerabilities, including leak of sensitive information in SGX and permanent damage to the CPU. This work gives a new perspective in the security evaluation of modern computer systems, which is board-level security analysis.

Type of Work:

Thesis (Doctorates > Ph.D.)

Award Type:

Doctorates > Ph.D.

Supervisor(s):