Systems & Networks Seminar - Andrew Bauman - Komodo: Using Verification to Disentangle Secure-Enclave Hardware from Software
Paul G. Allen School via YouTube
Overview
Syllabus
Intro
Intel SGX
SGX is complex
EADD pseudocode
EINIT pseudocode
SGX limitations
Example: memory management
The fundamental problem
Project Komodo
Komodo architecture
Prototype on ARM TrustZone
Komodo API
Verification overview
Proving security via non-interference
Verified assembly in Vale
Implementation
Notary performance
Verification effort
Experiences
Related work
Future work
Conclusion
Taught by
Paul G. Allen School