Non-intrusive Code Coverage: How To Use ASSURED For Trace-based Debugging and Runtime Analysis

The third ASSURED webinar, entitled “ASSURED CyberSecurity and Insider Threats | Non-intrusive Code Coverage: How to Use ASSURED for Trace-based Debugging and Runtime Analysis“, was held on Tuesday, June 20th, focusing on the software-based and hardware-based tracing mechanisms designed as part of ASSURED. These are a central building block of the framework towards supporting the execution of the implemented remote attestation mechanisms, as well as supporting the core vision of achieving high trustworthiness levels in cyber-physical systems and devices.

Five presentations were given by members of the ASSURED consortium, discussing various aspects of the tracing mechanisms of ASSURED and outlining their innovations and contributions. First, the positioning of tracing within the ASSURED framework was presented, as well as its role in achieving operational assurance in complex service graph chains. In addition, existing tracing mechanisms and tools were analyzed, focusing on their evolution over time and the path towards achieving non-intrusive tracing of software processes. Next, the software-based tracing mechanisms of ASSURED were presented. These support the ASSURED attestation toolkit and, unlike existing state-of-the-art solutions, do not require custom hardware extensions and offer multi-level execution tracing with the required timing guarantees and minimal trust assumptions. The hardware-based tracing mechanisms of ASSURED were also analyzed, which leverage Coresight in order to provide a highly efficient collection of software execution data. A live demo of the implemented attestation mechanisms was also performed, demonstrating their performance and efficiency. Finally, the role of tracing in supporting the ASSURED remote attestation mechanisms was presented based on their ability to collect attestation evidence in a secure and trustworthy manner.

The webinar was attended by experts and academics from various application domains and was part of the dissemination activities of ASSURED on sharing the outcomes and innovations of the project with the scientific community towards advancing the state-of-the-art in a wide array of research fields and practical applications. In addition, this webinar was part of the envisioned open-source activities of ASSURED, where all internal components and mechanisms will be open for download and testing. In this regard, technical details were also provided on how all these tools can be set up and deployed to any testbed.

The slides are available here:

If you miss the webinar, the recording is available below and on our YouTube channel.