building secure & trustworthy systems

Q: What are side-channel attacks?

Attacks that exploit physical effects (e.g., timing, power use) rather than software flaws.

Q: What is a Prime+Probe attack?

A cache timing attack where an attacker fills a cache set, waits, then checks for eviction.

Q: What makes Prime+Probe possible?

Shared last-level cache (LLC) in multicore systems.

Q: What is a Flush+Flush attack?

A side-channel that detects cache state by measuring flush timing.

Q: How can you mitigate Flush+Flush attacks?

Use cache partitioning, disable timers, or restrict shared memory.

Q: What is speculative execution?

CPU executes paths before conditions resolve; basis for Spectre/Meltdown.

Q: What is Spectre?

Exploits speculative execution (branch prediction) to leak memory content.

Q: What is Meltdown?

Exploits out-of-order execution to read kernel memory from user space.

Q: How can Meltdown be mitigated?

Use kernel page-table isolation (KPTI).

Q: What is a cache line?

The smallest unit of memory that can be stored in a cache.

Q: What is a timing attack?

Leverages the time differences of operations to infer secret data.

Q: What is a power analysis attack?

Measures power usage to extract cryptographic keys.

Q: What is DPA (Differential Power Analysis)?

Uses multiple traces to statistically recover secret keys.

Q: What is SPA (Simple Power Analysis)?

Directly interprets power traces to reveal operations.

Q: What does TCB stand for?

Trusted Computing Base.

Q: What is secure boot?

A boot process that verifies digital signatures of bootloaders and OS.

Q: What is attestation?

Process of proving software integrity to a verifier.

Q: What is a root of trust?

The foundational component in a system that is always trusted.

Q: What is the purpose of a reference monitor?

Mediates all access between subjects and objects.

Q: List the three properties of a reference monitor.

Tamperproof, always invoked, small enough to verify.

Q: What is a hardware enclave?

A secure, isolated memory region (e.g., Intel SGX).

Q: What is code signing?

Cryptographically proving code integrity and origin.

Q: What is the Principle of Least Privilege?

Users/processes should only access what they need.

Q: What is multilevel security?

Enforces policies based on data classification and clearance.

Q: What does the Bell-LaPadula model enforce?

Confidentiality.

Q: Bell-LaPadula: What does 'No Read Up' mean?

Subjects can’t read data at a higher classification.

Q: Bell-LaPadula: What does 'No Write Down' mean?

Subjects can’t write to a lower classification level.

Q: What does the Biba model enforce?

Integrity.

Q: Biba: What does 'No Write Up' mean?

Subjects can’t write to higher integrity levels.

Q: Biba: What does 'No Read Down' mean?

Subjects can’t read from lower integrity levels.

Q: What is the invocation property in Biba?

A subject can invoke another only at its level or lower.

Q: What is a covert channel?

An unauthorized pathway for information flow.

Q: What is memory isolation?

Preventing one process from accessing another's memory.

Q: What is stack canary?

A known value used to detect stack buffer overflows.

Q: What is ASLR?

Address Space Layout Randomization – randomizes memory locations to hinder exploits.

Q: What is the SSDLC?

Secure Software Development Lifecycle – integrates security at all stages.

Q: What are the phases of SSDLC?

Requirements, Design, Implementation, Testing, Deployment.

Q: What is secure by design?

Building systems with security as a core requirement.

Q: What is a buffer overflow?

Writing beyond the buffer’s limit, overwriting memory.

Q: What is input validation?

Ensuring user input meets expected format before processing.

Q: What is threat modeling?

Identifying and analyzing potential threats in a system.

Q: What is the STRIDE model?

Spoofing, Tampering, Repudiation, Information Disclosure, DoS, Elevation of Privilege.

Q: What is spoofing in STRIDE?

Pretending to be someone else (e.g., fake credentials).

Q: What is repudiation?

Ability to deny having performed an action.

Q: What is fuzz testing?

Inputting random or malformed data to uncover bugs.

Q: What is static code analysis?

Examining source code without running it.

Q: What is dynamic code analysis?

Analyzing software while it's running.

Q: What is the OWASP Top 10?

A list of top web application security risks.

Q: What is SQL injection?

Injecting SQL commands via input to manipulate the database.

Q: What is Cross-Site Scripting (XSS)?

Injecting malicious scripts into web pages.

Q: What is CVE?

Common Vulnerabilities and Exposures – public vulnerability database.

Q: What is CWE?

Common Weakness Enumeration – standard for coding errors.

Q: What is CVSS?

Common Vulnerability Scoring System – rates severity.

Q: What is a CVSS base score of 9.0–10.0?

Critical severity.

Q: What is the attack vector (AV) in CVSS?

Describes how an attacker exploits the vulnerability.

Q: What is privilege escalation?

Gaining higher access rights than permitted.

Q: What is a race condition?

System behavior depends on the sequence/timing of inputs.

Q: What is symbolic execution?

Uses symbols instead of values to explore program paths.

Q: What is code injection?

Attacker injects malicious code into an application.

Q: What is the goal of input sanitization?

Remove/encode dangerous input to prevent injection attacks.

Q: What is GDPR?

General Data Protection Regulation – EU privacy law.

Q: What is data minimization?

Collecting only data necessary for a purpose.

Q: What is a privacy impact assessment (PIA)?

An analysis to identify and mitigate privacy risks.

Q: What is informed consent under GDPR?

Clear agreement from users after being informed.

Q: What is collective privacy?

Privacy risks that affect groups, not just individuals.

Q: What is vulnerability disclosure?

Reporting security flaws to the affected party.

Q: What is responsible disclosure?

Coordinated reporting of vulnerabilities to vendors before publicizing.

Q: What is DevSecOps?

Incorporating security practices in DevOps.

Q: What is session management?

Controlling user session lifecycles securely.

Q: What are secure coding guidelines?

Standards to avoid common vulnerabilities during development.

Trusted Computing Base

the set of hardware, software, and firmware components in a computer system

that are critical for maintaining the system's security

What is TCB responsible for, and in respect to what?

Responsible for enforcing the system’s security policies and ensuring that the system behaves as expected with respect to:

o Access control
o Confidentiality
o Integrity
o Availability of data

Key characteristics of a Rich Execution Environment (REE)

Full-featured OS & Applications

Optimised for Performance

Large Attack Surface Software & Hardware

Device Interaction and User Access

No Hardware-Enforced Isolation

Security Vulnerabilities

Key advantages of REE

Flexibility, Performance, User Interaction

Key disadvantages of REE

Security Risks, Lack of Hardware Protection, Susceptibility to Malware

Trusted Execution Environment (TEE)

A secure area within a processor that ensures the integrity and confidentiality of sensitive code and data.

• Provides an isolated environment, separate from the main operating system

• Applications can run securely in isolated environment without interference from potentially compromised software or hardware.

TEE key features

Isolation, Confidentiality and Integrity, Secure storage, Secure Execution, Cryptographic operation, Authentication and Attestation, Access control, tamper resistance, minimal attack surface, real-time protection

Flush + flush attack sequence

• Spy maps shared library

• Spy flushes shared cache line

• Victim loads data

• Spy flushes the data again

• Spy measures timing in both cases (with & without cache line)

Flush + flush

An attack technique that relies only on the execution time of the flush instruction, which depends on whether data is cached or not! It does not make any memory accesses, contrary to any other cache attack

Prime + probe attack sequence

• Spy fills cache lines

• Victim flushes cache lines while running

• Spy probes data to determine if set is being accessed or not

• Spy measures timing in both cases (with & without cache line)

Prime + Probe SCA

A cache side-channel attack technique does not require sharing cores or memory between attacker and victim. Does not exploit VMM weaknesses and works on typical server platforms

Evict + Reload SCA

A form of cache side-channel attack where an attacker evicts data from the cache and then reloads it to measure the access time, revealing whether a victim's data was accessed.

Rowhammer SCA

Is a circuit-level vulnerability. A type of cache side-channel attack that exploits DRAM’s physical properties, allowing an attacker to flip bits in adjacent memory rows through repeated access, potentially compromising security.

Static RAM

SRAM retains bit value as long as power is on without any refresh requirement. Faster, Lower Density, Higher cost

Dynamic RAM

• DRAM requires periodic refresh to retain stored value

• Capacitors charged to store data

• Higher density, lowered cost

• Susceptible to “Cold boot attacks” exploiting capacitor discharge time to read sensitive data from physical memory, as well as Row hammering attacks

• DRAM cells are grouped into rows

• All cells in a row are refreshed together

Spectre mechanism

Miss-trains Branch Prediction to convince CPU to speculatively execute code that should not be executed during correct program execution

Flush + reload SCA

Relies on shared memory (LLC), and high-resolution timers to infer access patterns. The victim and attacker must share at least 1 page of data physically. When the attacker uses the clflush command with an address pointing to this shared data, it's completely flushed from the cache hierarchy. Because the data is shared, the attacker is allowed to hit on this data in cache. So, the attacker repeatedly flushes shared data with the victim, then allows/waits for the victim to run, then reloads the data.

Scoring of CVSS consists of…

Access Vector: N(network) A(adjacent network) L(local) P(physical)

Attack Complexity: LH

Privileges Required: N(none) L(low) H(high)

User Interaction: N(none) R(required ie clicking a link)

Scope: U(unchanged, only affects 1 component/system) C(changed, many affected)

Confidentiality: NHL

Integrity: NHL

Availability: NHL