RustZone: Writing Trusted Applications in Rust

Presented at Black Hat Europe 2018, Dec. 6, 2018, 10 a.m. (50 minutes).

Trusted Execution Environments (TEEs) are present in many devices today, and are used to perform security critical computation in an isolated environment. ARM's TrustZone is one of the most widely used TEEs in the world today, present in nearly every modern Android device.

TrustZone allows developers to write applications that run in a "Secure World" with hardware isolation of resources. Most implementations use a Trusted Operating System to run multiple Trusted Applications.

However, Trusted Applications are still written in C, and many common classes of vulnerabilities have been found in these applications. While TrustZone provides isolation of resources, it cannot prevent against vulnerable code.

In this talk, we will explore using the Rust language to write a Trusted Application. Rust allows developers to write system level code, but provides security features including memory safety, type safety, and error handling. These are desirable features for development of Trusted Applications.

We will begin with an overview of TrustZone and Rust language, then show how Rust can be used to develop a Trusted Application. To conclude, we will demo a Trusted Application on real TrustZone hardware.


Presenters:

  • Eric Evenchick - Principal Research Consultant, Atredis Partners
    Eric Evenchick has worked in development and reverse engineering roles for hardware and software companies, specializing in embedded devices, automotive systems, and bespoke tool development. He is currently a Principal Research Consultant at Atredis Partners. Eric's work with embedded systems began with development of research vehicles at the University of Waterloo, in partnership with General Motors and the US Environmental Protection Agency. This experience lead to roles in developing automotive firmware and reverse engineering vehicle systems at companies including Tesla Motors and Faraday Future. In 2014, Eric founded Linklayer Labs, which provided consulting services and developed open source hardware tools for the information security community. Since 2012, he has been a contributor to Hackaday, a blog covering hardware and software "hacks."

Links:

Similar Presentations: