Participants of this tutorial will develop a distributed trusted computing application that features secure, authenticated communication between an embedded MSP430 Sancus enclave and an off-the-shelf x86 Intel SGX enclave. Particularly, as depicted below, the application's goal is to cryptographically prove to a trusted SGX enclave that an expected Sancus enclave is executing untampered on a genuine Sancus-enabled CPU (i.e., remote attestation guarantee). The Sancus enclave itself will furthermore establish local trust relations with dedicated Sancus driver enclaves for secure I/O (i.e., local attestation guarantee). All communication between the SGX and Sancus sides proceeds over an untrusted automotive industry-standard CAN bus.
This tutorial is aimed at a target audience of C programmers with an interest in security. The tutorial takes about three hours, with an equal split between lectures and practical exercises (further details are provided on the webpage).
To get started, simply clone this repository:
$ git clone https://github.com/sancus-pma/tutorial-dsn18.git
$ cd tutorial-dsn18
$ git submodule init
$ git submodule update
The source code in this repository is organized as follows:
- app/sancus: instructions and source code exercises for the Sancus-enabled MSP430 FPGA side of the distributed enclave application.
- app/sgx: instructions and source code exercises for the SGX-capable PC side of the distributed enclave application.
- scrips: collection of utility scrips for configuring the teaching setup boxes (not needed for participants).
- usbtin: utilities for configuring the CAN2USB interface (not needed for participants).
One teaching setup box features five Sancus-enabled Xess XuLA2-LX25 Spartan-6 FPGAs, each synthesized with a Sancus-enabled OpenMSP430 core and mounted on a Stickit!-2 board. All Sancus nodes are interfaced with a Pmod LED, a Pmod BTN, and a NiRen SPI CAN transceiver peripheral module. Each FPGA connects to the PC side via a dedicated USBtin connector.