Pinnedlei zhouinSystem WeaknessCase Study: Google Pixel 6 phone security & Privacy (Part 1 — Threat Analysis and Countermeasures)Note: All technical information or diagrams referenced in this blog are publicly available online from vendor’s website. In case no…Dec 12, 2021Dec 12, 2021
lei zhouEstablish device trustworthiness via attestation and TPM2.0’s roleAndroid PlayIntergity API helps you check that service requests are coming from your genuine app binary running on a genuine Android device…May 2May 2
lei zhouConfidential computing and open compute Project — Part 2: Interconnect and Security ProtocolWith confidential computing’s threat model discussed in part 1, we are now deep-diving into heterogenous computing platform and understand…Apr 11Apr 11
lei zhouConfidential computing and open compute Project(OCP) — Part OneTransport Layer Security(TLS) protects data communication on IP network, which provides following security properties:Mar 18Mar 18
lei zhouSCADA system’s threat model and Zero Trust Architecture as mitigationSCADA system E2E full-stack use cases range from RTU, industrial field bus, PLC, frontend/backend integration and physical connectivity…Apr 13, 2023Apr 13, 2023
lei zhouLinux kernel USB gadget driver frameworkUSB communication system comprises of two parts: USB host and multiple USB devices(up to 127 devices, USB hub can be used to connect to…Jan 7, 2023Jan 7, 2023
lei zhouEnable OP-TEE on OSD32MP1-BRK (STM32MP15x) platformThis article will discuss STM32MP1x Trusted Execution Environment(TEE) firmware stacks briefly and then details how to enable/bring-up…Jun 20, 2022Jun 20, 2022
lei zhouConfidential computing solution case studies(Intel SGX, AMD SEV-SNP and ARM CCA comparison)AMD SEV-SNP(Secure encryption virtualization-Secure nested paging). Virtual machine(VM) based confidential computing solution with…May 23, 20223May 23, 20223
lei zhouBuild highly secure IOT device: secure boot, measured boot and attestation, secure storage etcSecure Boot is the mechanism that validates the integrity of every mutable code being loaded before passing control to it. Secure boot is…Apr 2, 20221Apr 2, 20221
lei zhouBlockchain, Hash and Merkle-tree: data immutability and integrity, append-only databaseHash chaining and merkle hash tree play important role in many applications to provide data immutability and system integrity protection…Feb 13, 2022Feb 13, 2022