Hardware has long been viewed as a trusted party supporting the whole computer system and is often treated as an abstract layer running instructions passed through the software layer. Historically, cybersecurity community believed that the integrated circuit (IC) supply chain is well protected. However, the IC supply chain, which is now spread around the globe, has become more vulnerable to attacks than before. The heavy reliance on third-party resources/services breeds security concerns and invalidates the illusion that attackers cannot easily access the isolated IC supply chain. Formal methods have been proven to be effective in security verification on hardware code. Trustworthy hardware is also under development for the construction of the root-of-trust. The intrinsic properties of existing and emerging devices, MOSFET, memristor, spintronics, etc. are leveraged for security primitives and applications. Another trend in the hardware security area is the development of security enhanced hardware infrastructure for system level protection. The goal is to provide a fully operational software and hardware platform that ensures secure design, manufacturing, and deployment of modern computer systems.

Asian Hardware Oriented Security and Trust Symposium (AsianHOST) aims to facilitate the rapid growth of hardware security research and development in Asia and South Pacific areas. AsianHOST highlights new results in the area of hardware and system security. Relevant research topics include techniques, tools, design/test methods, architectures, circuits, and applications of secure hardware. AsianHOST 2017 invites original contributions related to, but not limited by, the following topics.

http://asianhost.org/2018/authors.htm#cfp

Model checking boot code from AWS data centers

This paper describes our experience with symbolic model checking in an industrial setting. We have proved that the initial boot code running in data centers at Amazon Web Services is memory safe, an essential step in establishing the security of any data center. Standard static analysis tools cannot be easily used on boot code without modification owing to issues not commonly found in higher-level code, including memory-mapped device interfaces, byte-level memory access, and linker scripts. This paper describes automated solutions to these issues and their implementation in the C Bounded Model Checker (CBMC). CBMC is now the first source-level static analysis tool to extract the memory layout described in a linker script for use in its analysis.

https://ora.ox.ac.uk/objects/uuid:a4566b04-ad64-4bed-9bbe-20b5a4d98c2d

http://cavconference.org/2018/
https://easychair.org/smart-program/FLoC2018/CAV-program.html

Platform Security Summit
May 23-24, 2018 · Fairfax, VA

Day 1 topics include:
* Incentives, policy and software ecosystems
* Hypervisor requirements and use cases
* Boot integrity and firmware security

Day 2 topics include:
* Hypervisor-based products
* Operating system boot integrity
* Hypervisor research and development

Open Source Software and the Department of Defense David A. Wheeler
A Model of Agent Authority: Interpretation, Trust, and the Role of Rules Tim Clancy
SecureView Overview Kevin Pearson
Enterprise Scale Separation VMM Systems Myong Kang
TrenchBoot: Unified Approach to Harness Boot Integrity Technologies Daniel Smith
Dell Firmware Security: Past, Present, and Future Justin Johnson
Endpoint Resiliency in an Age of Advanced Persistent Threats Jim Mann
Firmware is the new Software Trammell Hudson
Open-Source Host Firmware Directions Vincent Zimmer
A penny per visit adds up real fast: designing effective defenses against an adversary that makes more money than your entire company does Michael Tiffany
Xen Security Weather Report 2018 Lars Kurth
Crucible: Tailoring Xen to support Critical Systems Ryan Thibodeaux
Introduction to the Bareflank Hypervisor and OpenXT Rian Quinn
XenTT: Deterministic System Analysis in Xen Anton Burtsev
Bear – A Resilient Operating System Stephen Kuhn
Anti-Evil Maid with UEFI and Xen Brendan Kerrigan
TPM 2.0 Software Stack: Usability, Privacy and Security Philip Tricca
STM PE Eugene Myers
Magrana Server John Shackleton
The meta-virtualization Layer of OpenEmbedded Bruce Ashfield
Improving the security of QEMU as a device emulator in Xen Paul Durrant

https://www.platformsecuritysummit.com/

Linux Foundation has an article on HardwareCon by the event founder:

https://www.linux.com/blog/event/hardware-con/2018/3/hardwarecon-slope-enlightenment

https://www.hardwarecon.com/home

There is one talk that has ‘security’ in it’s title: ” Cloud Platforms and the Product Management Lifecycle: Cloud Costs, Data Analytics and Security”. I guess this is better than previous hardware startup events, which were 100% security-free. Still, there is not enough security content in these hardware startup events. 😦