Securing the Firmware Of Modern SoCs

Modern computing platforms increasingly need to host critical workloads that require strong security guarantees. Trusted Execution Environments (TEEs) provide such guarantees. They isolate applications from untrusted components such as the operating system or hypervisor. A small Security Monitor (SM), assumed to be trusted by the entire platform, executes alongside the platform firmware and manages TEEs by configuring hardware-based memory isolation. However, current firmware stacks are large and include a variety of device drivers and management logic in addition to TEE functionality. This significantly increases the Trusted Computing Base (TCB) and, with it, the risk of vulnerabilities. To address this issue, recent research has explored several directions, such as developing firmware components in memory-safe languages like Rust, applying formal verification techniques, or changing firmware designs to reduce complexity. These approaches all share the common goal of reducing the attack surface and strengthening the foundations of TEEs. In this thesis, we evaluate the feasibility of one such approach. First, we analyze the structure of the firmware implementation, with respect to its security-critical components. We then explore mechanisms to implement stricter security guarantees as proposed in prior works. Finally, we evaluate the compatibility and performance implications of these mechanisms.