Presentation is loading. Please wait.

Presentation is loading. Please wait.

Teaching: Secure Systems Presentation to HP Denis A Nicole 2014-05-07

Published byKylie Wadley Modified over 10 years ago

Similar presentations

Presentation on theme: "Teaching: Secure Systems Presentation to HP Denis A Nicole 2014-05-07"— Presentation transcript:

1 Teaching: Secure Systems Presentation to HP Denis A Nicole dan@ecs.soton.ac.uk 2014-05-07 dan@ecs.soton.ac.uk

2 Taught Modules Existing: COMP2040 Secure Systems, Pt II, 5 ECTS †. New: COMP3217 Secure Systems, Pt III, 7.5 ECTS. † European Credit Transfer & Accumulation System. 60 ECTS make up a typical year of study. 2

3 New Syllabus Background: types of attack and attacker, range of systems Wireless ID: ISO14443, Mifare, E- Passports and related near-field communications systems Card security, EMV payment systems, GSM and SIM cards Physical security: chip and pin machines, secure modules Wired and WiFi network security Examples of weak cryptosystems: GSM, WEP 3 Password vulnerabilities Public Key infrastructure Penetration testing of web-based systems Hardware vulnerabilities Side channel attacks: power analysis and resistant designs OS vulnerabilities: patch management, rootkits and viruses Infrastructure attacks: smart grids, the Italian Job, cyber-warfare

4 Hands-on laboratory work RFID CHIP AND PIN Penetration testing: PonziBank (with Netcraft) Side Channels 4

5 Which do you trust? 5

6 Mifare detuning: coupled oscillators 6

7 125kHz tag spoofer: PCB design exercise 7 For all first year Electronics students

8 8 EMV electrical protocol C1 Vcc (+5V, 55mA until Jan 2014) C2 Reset (active low) C3 Clock (1MHz to 5MHz) C5 Ground C7 Input/Output (1 bit = 372 clocks)

9 Check a PIN 9 Sending: 80 CA 9F 17 00 How many tries do I have left? Received: 9F 17 01 03 90 00 Three. It might not tell you! Sending: 00 20 00 80 08 24 00 00 FF FF FF FF FF Is it 0000? Received: 63 C2 Nope; two tries left State of non-volatile memory changed. Counter: 0x2 Sending: 00 20 00 80 08 24 00 01 FF FF FF FF FF 0001? Received: 90 00 Yes Sending: 80 CA 9F 17 04 Received: 9F 17 01 03 90 00 We’re back to three tries If you “brick” your card, an ATM should check online and reset it. Gives a good introduction to ASN.1

10 PonziBank 10 http://xkcd.com/327/

11 Research: C/C++ Verification Presentation to HP Denis A Nicole dan@ecs.soton.ac.uk 2014-05-07 dan@ecs.soton.ac.uk

12 Our contribution to security A whole new class of software vulnerabilities arise in “multicore” chips: all modern phones, desktops and servers. The vulnerabilities are timing-dependent and cannot usually be found by conventional testing. 12

13 ESBMC is a Collaboration between University of Southampton –Jeremy Morse and Denis Nicole Federal University of Amazonas, Brazil –Mikhail Ramalho, Mauro Freitas, Felipe Sousa, Hendrio Marques and Lucas Cordeiro University of Stellenbosch, South Africa –Bernd Fischer 13

14 ESBMC is a bounded model checker It exhaustively analyses all possible behaviours of a (multithreaded) C or C++ program up to a fixed depth of –loop iteration (including backward jumps and recursion), –thread interleaving. Within these bounds, it checks for –C errors: pointer errors, arithmetic errors, array bounds, malloc() / free(), assert() failures, data races, etc. –Violation of Linear Temporal Logic specifications. 14

15 Model Checking is not Simulation Simulation (testing) checks correctness for a particular input and a particular thread interleaving. You need to run multiple simulations with different data and different timing before you get some assurance. Model Checking exhaustively analyses all possible behaviours over a range of possible inputs and generates a witness, a trace of program state, if there are any possible failures. Good-coverage simulation may be effective against “random” errors; it offers little protection against tailored attacks. 15

16 Improvement by competition The field of C model checking research is now large enough to support annual competitions; perhaps the best known is that held in conjunction with the International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS). The team is proud to report that ESBMC v1.17 won the Gold Medal in the SystemC and Concurrency categories and the Bronze Medal in the overall ranking of the first International Competition on Software Verification at TACAS 2012. ESBMC v1.20 won the Bronze Medal in the overall ranking of the second competition at TACAS 2013. 16

Download ppt "Teaching: Secure Systems Presentation to HP Denis A Nicole 2014-05-07"

Similar presentations

1 Verification by Model Checking. 2 Part 1 : Motivation.

1 Verification by Model Checking. 2 Part 1 : Motivation.
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
3. Protection of Information Assets (25%)

3. Protection of Information Assets (25%)
Sequential Logic Design

Sequential Logic Design
1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 116.

1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 116.
1 Copyright © 2013 Elsevier Inc. All rights reserved. Appendix 01.

1 Copyright © 2013 Elsevier Inc. All rights reserved. Appendix 01.
1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 40.

1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 40.
1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 28.

1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 28.
1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 38.

1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 38.
1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 75.

1 Copyright © 2013 Elsevier Inc. All rights reserved. Chapter 75.
Chapter 1 Image Slides Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.

Chapter 1 Image Slides Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Confidential 1 Phoenix Security Architecture and DevID July 2005 Karen Zelenko Phoenix Technologies.

Confidential 1 Phoenix Security Architecture and DevID July 2005 Karen Zelenko Phoenix Technologies.
Achieving online trust through Mutual Authentication.

Achieving online trust through Mutual Authentication.
0 - 0.

0 - 0.
Addition Facts 1 - 20.

Addition Facts
Joint Information Systems Committee 01/04/2014 | | Slide 1 e-Infrastructure Programme James Farnhill e-Research Programme Manager e-Infrastructure Security.

Joint Information Systems Committee 01/04/2014 | | Slide 1 e-Infrastructure Programme James Farnhill e-Research Programme Manager e-Infrastructure Security.
© University of Reading 2008 www.reading.ac.uk David Spence 20 April 2014 e-Research: Activities and Needs.

© University of Reading David Spence 20 April 2014 e-Research: Activities and Needs.
B-CERB complete protection against phishing copyright 2008 by Wheel.

B-CERB complete protection against phishing copyright 2008 by Wheel.
European Consumer Summit 2014 On-line and mobile payments Dr Florent Frederix Trust & Security Unit, DG CONNECT, European Commission 1 th of April 2014.

European Consumer Summit 2014 On-line and mobile payments Dr Florent Frederix Trust & Security Unit, DG CONNECT, European Commission 1 th of April 2014.
Chapter 9 Bootloader.

Chapter 9 Bootloader.

Similar presentations

Ads by Google