Trustworthy building blocks for a more secure embedded computing environment

It is amazing how accustomed we have grown to the ubiquitous threats in our every day computing lives. By now the design flaws in hardware components, as well as software applications and operating systems, are well known and can easily be exploited if an injection vector is found. Furthermore, there is a movement in the embedded sector to shift away from proprietary software and hardware components to the well-established ×86 architecture and to employ commonly used operating systems such as Windows or Linux. In addition attacks against IT systems are becoming more sophisticated and pure software-based solutions cannot guarantee lifetime integrity anymore. To improve on this situation, it is necessary to anchor additional hardware-based security modules as an integral part of a platform. Today's systems have a requirement for a high level of dependability, offering both safety and security features. In this paper we propose an efficient hardware-based security architecture utilizing Trusted Computing (TC) techniques based on trustworthy building blocks. A key focus of the work is the development of a hypervisor-based security architecture which utilizes a state-of-the-art hardware trust anchor to increase the security and trustworthiness of commonly used operating systems in the embedded ×86 sector.