Precursor: Towards Evidence-Based Trust in Hardware presented at BlackHatEurope 2020

by Andrew "bunnie" Huang,

Summary : In hardware, the status quo is that we may have faith in our wares, but we have no direct, evidence-based reason to trust it. Even the best microscopes can only reveal partial information about the way a chip is constructed, and typically only in a destructive fashion. Trusted fabs are also insufficient, especially considering literal MITM agents such as delivery couriers and customs inspectors.Ideally, the case to trust a specific instance of hardware should be built on evidence that can be collected using relatively inexpensive tools that an end-user directly operates. This talk will discuss my vision for evidence-based trust in hardware, through the lens of the Precursor platform. Precursor is an FPGA-based, open hardware platform. Critically, the use of an FPGA delays the binding of the CPU core to the hardware, giving users the option to design-in countermeasures and apply patches. This shifts the balance of power, taking us from a situation where users have no choice but to have faith in their hardware, to one where users have some agency to reason about its security properties, as well as having options to defend their turf apropos to their threat model. We will also touch on how Precursor also extends the boundary of evidence-based trust to the input and output attack surfaces.