Attaques matérielles, composants matériels pour la sécurité
Objectives
Learning of the following aspects :
Hardware components for security (virtualization, IO-MMU, TPM)
Hardware attacks (auxiliary channels) and countermeasures
Spectre, Meltdown, rowhammer and temporal auxiliary channel attacks using caches
Description
The objective of this course is to present the main attacks performed from the hardware and the associated countermeasures. A scan of the components of a system will be performed by identifying the usefulness and the risks associated with the presence of each of these components. Some of these risks will be illustrated by recent attacks, either by reconfiguring the concerned components or by performing a hardware and physical study of these components. Also, countermeasures will be presented with the latest advances in terms of hardware protection made by the processors and chipset manufacturers.
At the end of this course, the student should be able to obtain a global view of the exchanges between the hardware components of an information system, considering software and network components as well as hardware. They will be able to understand how an attack on hardware works, to describe it and to explain the associated
protection mechanisms. He will also be able to identify the critical components of a system, to analyze the vulnerabilities that can target these components, to determine the countermeasures to protect them and to implement these countermeasures.