Thursday May 9, 2019 | Time: 8:45 – 9:45

Bio: Dr Matthew Areno is a Principal Engineer at Intel Corporation in the Intel Product Assurance and Security (IPAS) group. Dr. Areno completed his Bachelor’s and Master’s degrees at Utah State University in 2007 and took a position with Sandia National Laboratories. At Sandia, he focused on vulnerability assessment and reverse engineering of embedded systems primarily utilizing ARM-core processors. During this time, he also completed his Ph.D. at the University of New Mexico with dissertation work on strengthening embedded system security through the use of PUF-enhanced cryptographic units. In 2013, Dr. Areno took a position with Raytheon Cyber Security Innovations in Austin, TX; he served as a Chief Architect for a number of anti-tamper solutions, with specific expertise in establishing trust in COTS equipment. Dr. Areno holds several patents and has numerous publications in the area of hardware security and PUF technologies.

Title: Challenges with System-level Security Assessment in Modern Computing Environments

Abstract: Computing systems today include more firmware on more devices than ever before. Although firmware used to be located primarily in CPU flash and executed only by the corresponding CPU, today nearly every component or device has its own firmware executed by its own processor or microcontroller. Securing all firmware data in the three key stages (at rest/in use/in transit) is typically not mandated by any specific standard and has thus created a significant challenge in attempting to assess a system’s security state. This presentation will cover current attempts by industry to address this issue, as well as discuss potential collaborations between government, industry, and academia to support this work.