Future of Assurance: Ensuring that a System is Trustworthy

  • Ahmad-Reza Sadeghi
  • Ingrid Verbauwhede
  • Claire Vishik


Significant efforts are put in defining and implementing strong security measures for all components of the comput-ing environment. It is equally important to be able to evaluate the strength and robustness of these measures and establish trust among the components of the computing environment based on parameters and attributes of these elements and best practices associated with their production and deployment. Today the inventory of techniques used for security assurance and to establish trust -- audit, security-conscious development process, cryptographic components, external evaluation – is somewhat limited. These methods have their indisputable strengths and have contributed significantly to the advancement in the area of security assurance. However, shorter product and tech-nology development cycles and the sheer complexity of modern digital systems and processes have begun to decrease the efficiency of these techniques. Moreover, these approaches and technologies address only some aspects of security assurance and, for the most part, evaluate assurance in a general design rather than an instance of a product. Additionally, various components of the computing environment participating in the same processes enjoy different levels of security assurance, making it difficult to ensure adequate levels of protection end-to-end. Finally, most evaluation methodologies rely on the knowledge and skill of the evaluators, making reliable assessments of trustworthiness of a system even harder to achieve. The paper outlines some issues in security assurance that apply across the board, with the focus on the trustworthiness and authenticity of hardware components and evaluates current approaches to assurance.


Computing Environment Trust Platform Module Trust Computing Physical Unclonable Function Security Assurance 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. Austin, T. DIVA: A Dynamic Approach to Microprocessor Verification, May 2000.Google Scholar
  2. Alves-Foss, J., Oman, P. W., Taylor, C, nad Harrison, S. The MILS architecture for high-assurance embedded systems. IJES 2(3/4): 239-247 (2006)CrossRefGoogle Scholar
  3. Benzel, T, Irvine, C, Levin, T, Bhaskara, G.,. Nguyen, T, and Clark, P. Design principles for security. ISI-TR-605, Information Sciences Institute, Santa Monica, California, and NPS-CS-05-010, Naval Postgraduate School, Monterey, California, 2005.Google Scholar
  4. Beznosov, K. and Kruchten, P. 2004. Towards agile security assurance. In Proceedings of the 2004 Workshop on New Security Paradigms (Nova Scotia, Canada, September 20 – 23, 2004). NSPW ‘04. ACM, New York, NY, 47-54.Google Scholar
  5. Dodis, Y, Reyzin, M., Smith, A.: Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In Cachin, C, Camenisch, J., eds.: Advances in Cryptology – EUROCRYPT 2004. Volume 3027 of LNCS., Springer-Verlag (2004) 523-540Google Scholar
  6. Gassend, B., Clarke, D.E., van Dijk, M., Devadas, S.: Silicon physical unknown functions. In Atluri, V, ed.: ACM Conference on Computer and Communications Security – CCS 2002, ACM (November 2002) 148-160Google Scholar
  7. Guajardo, J., Kumar, S.S., Schrijen, G.J., Tuyls, P.: FPGA Intrinsic PUFs and Their Use for IP Protection. In Paillier, P., Verbauwhede, I., eds.: Cryptographic Hardware and Embedded Systems – CHES 2007. Volume 4727 of LNCS., Springer (September 10-13, 2007) 63-80Google Scholar
  8. Greve, D. and M. Wilding and W.M. Vanfleet.. A Separation Kernel Formal Scurity Policy, In Proceeding of the ACL2 Workshop 2003, July 2003.Google Scholar
  9. Hardin, D. S. 2008. Considerations in the design and verification of microprocessors for safety-critical and security-critical applications: invited tutorial. In Proceedings of the 2008 international Conference on Formal Methods in Computer-Aided Design (Portland, Oregon, November 17 – 20, 2008). A. Ci-matti and R. B. Jones, Eds. Formal Methods in Computer Aided Design. IEEE Press, Piscataway, NJ, 1-8.Google Scholar
  10. International Chamber of Commerce, Business Action to stop Counterfeiting and Piracy, United States Trade Representative, 2005, Special ReportGoogle Scholar
  11. Irvine, C. and Leavitt, K. Trusted Hardware: Can It Be Trustworthy?Google Scholar
  12. Koushanfar, F AND Potkonjak, M. 2007. CAD-based security, cryptography, and digital rights management. In Proceedings of the Design Automation Conference (DAC).Google Scholar
  13. Lim, W., Lee, J., Gassend, B., Suh, E. G., van Dijk, M., and Devadas, S. Extracting Secret Keys from Integrated Circuits. IEEE Transactions on Very Large Scale Integration (VLSI) Systems, Volume 13, Issue 10, p.1200-1205, October 2005.CrossRefGoogle Scholar
  14. Hopkins, D., Kontnik, L, and Turnage, T Counterfeiting exposed: Protecting your Brand and Custom-ers, New York: Wiley, 2003.[LT03] Linnartz, J.P.M.G., Tuyls, P.: New Shielding Functions to Enhance Privacy and Prevent Misuse of Biometric Templates. In Kittler, J., Nixon, M.S., eds.: Audioand Video-Based Biometrie Person Authentication – AVBPA 2003. Volume 2688 of LNCS, Springer (June 9-11, 2003) 393-402Google Scholar
  15. Maes,R., Schellekens, D, Tuyls, P., and Verbauwhede, I. Analysis and Design of Active IC Metering Schemes. In Proc. of the 2nd IEEE International workshop on Hardware-Oriented Security and Trust, San Francisco, CA, July 2009.Google Scholar
  16. Majzoobi, M., Koushanfar, F., and Potkonjak, M. 2008. Lightweight secure PUFs. In Proceedings of the 2008 IEEE/ACM international Conference on Computer-Aided Design (San Jose, California, November 10 – 13, 2008). International Conference on Computer Aided Design. IEEE Press, Piscataway, NJ, 670-673.Google Scholar
  17. Myers, J. P. and Riela, S. 2008. Taming the diversity of information assurance & security. J. Comput. Small Coll. 23, 4 (Apr. 2008), 173-179.Google Scholar
  18. The economic impact of counterfeiting and piracy, executive summary, The OECD 2007, ICC, International Chamber of CommerceGoogle Scholar
  19. Pappu, R., Recht, B., Taylor, J., and Gershenfeld, N. 2002. Physical one-way functions. Science 297, 2026-2030.CrossRefGoogle Scholar
  20. Pfleeger, C.P & Pfleeger, S.L., Security in Computing (4th ed.), Prentice Hall (Upper Saddle River, NJ), 2007.Google Scholar
  21. Pham, N. and Riguidel, M. 2007. Security Assurance Aggregation for IT Infrastructures. In Proceedings of the Second international Conference on Systems and Networks Communications(August 25 – 31, 2007). ICSNC. IEEE Computer Society, Washington, DC, 72.Google Scholar
  22. Pieprzyk, J., Hardjono, T, & Seberry, J., Fundamentals of Computer Security, Springer (New York), 2003.Google Scholar
  23. Skoric, B., Bel, T, Blom, A., de Jong, B., Kretschman, H., Nellissen, A.: Randomized resonators as uniquely identifiable anti-counterfeiting tags. Technical report, Philips Research Laboratories (January 28th, 2008)Google Scholar
  24. Smith, Sean. Trusted Computing Platforms: Design and Applications. Springer-Verlag New York: Seacaucus, NJ, 2005Google Scholar
  25. Tuyls, P., Schrijen, G.J., Skoric, B., van Geloven, J., Verhaegh, N., Wolters, R.: Read-Proof Hardware from Protective Coatings. In Goubin, L., Matsui, M., eds.: Cryptographic Hardware and Embedded Systems – CHES 2006. Volume 4249 of LNCS., Springer (October 10-13, 2006) 369-383Google Scholar
  26. Wagner, I. and Bertacco, V Engineering Trust with Semantic Guardians. Design Automation and Test in Europe (DATE), Nice, France, April 2007Google Scholar

Copyright information

© Vieweg+Teubner | GWV Fachverlage GmbH 2010

Authors and Affiliations

  • Ahmad-Reza Sadeghi
  • Ingrid Verbauwhede
  • Claire Vishik

There are no affiliations available

Personalised recommendations