Calls:

Send in your ideas. Deadline December 1st, 2020.

 

Open Source DRTM implementation with TrenchBoot for AMD processors

[Open Source DRTM implementation with TrenchBoot for AMD processors]

The Trenchboot project aims to create a unified framework for dynamic RTM (DRTM) implementation for all platforms. (D)RTM is used to verify if bugs or vulnerabilities have compromised a system, and as such is an important component to get to advanced stages of trustworthiness for our hardware.

Why does this actually matter to end users?

Software security today can be a matter of life and death, because we rely on all sorts of applications and programs to keep our lights on, our vehicles moving and our money available. Backdoors in software leave room for attackers to steal data or disrupt important processes. To make this less abstract: hackers have already managed to get inside the control rooms of power plants to potentially cause blackouts.

So how can you know for sure you can trust the computer on your desk or the server you just connected to? Security experts will first go through the system and check which parts are critical to its security and are potential points of failure. This is summarized as the trusted computing base, or TCB, of a computer system. To prove your setup is secure, you would need to reliably show that this trusted computing base is actually safe, which you can do with so-called roots of trust for measurement. This project develops open source tools that can provably verify the security of all computer platforms, as an important alternative to closed-of proprietary solutions which can infringe on user privacy and even their security.

Run by 3mdeb Embedded Systems Consulting

Logo NLnet: abstract logo of four people seen from above Logo NGI Zero: letterlogo shaped like a tag

This project was funded through the NGI0 PET Fund, a fund established by NLnet with financial support from the European Commission's Next Generation Internet programme, under the aegis of DG Communications Networks, Content and Technology under grant agreement No 825310.