{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,8]],"date-time":"2025-09-08T05:51:52Z","timestamp":1757310712954,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":82,"publisher":"ACM","license":[{"start":{"date-parts":[[2017,6,25]],"date-time":"2017-06-25T00:00:00Z","timestamp":1498348800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/100004415","name":"North Atlantic Treaty Organization","doi-asserted-by":"publisher","award":["G110696"],"award-info":[{"award-number":["G110696"]}],"id":[{"id":"10.13039\/100004415","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["DGE 1433817"],"award-info":[{"award-number":["DGE 1433817"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2017,6,25]]},"DOI":"10.1145\/3092627.3092633","type":"proceedings-article","created":{"date-parts":[[2017,6,26]],"date-time":"2017-06-26T12:13:28Z","timestamp":1498479208000},"page":"1-8","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":21,"title":["Position Paper"],"prefix":"10.1145","author":[{"given":"Zhenyu","family":"Ning","sequence":"first","affiliation":[{"name":"Department of Computer Science, Wayne State University, Detroit, Michigan, USA"}]},{"given":"Fengwei","family":"Zhang","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Wayne State University, Detroit, Michigan, USA"}]},{"given":"Weisong","family":"Shi","sequence":"additional","affiliation":[{"name":"Department of Computer Science, Wayne State University, Detroit, Michigan, USA"}]},{"given":"Weidong","family":"Shi","sequence":"additional","affiliation":[{"name":"Department of Computer Science, University of Houston, Houston, Texas, USA"}]}],"member":"320","published-online":{"date-parts":[[2017,6,25]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"2014. NSA's ANT Division Catalog of Exploits for Nearly Every Major Software\/Hardware\/Firmware. http:\/\/Leaksource.wordpress.com. (2014).  2014. NSA's ANT Division Catalog of Exploits for Nearly Every Major Software\/Hardware\/Firmware. http:\/\/Leaksource.wordpress.com. (2014)."},{"volume-title":"TWC: Small: System Infrastructure for SMM-based Runtime Integrity Measurement. https:\/\/nsf.gov\/awardsearch\/showAward?AWD_ID=1528185. (August","year":"2015","key":"e_1_3_2_1_2_1","unstructured":"2015. TWC: Small: System Infrastructure for SMM-based Runtime Integrity Measurement. https:\/\/nsf.gov\/awardsearch\/showAward?AWD_ID=1528185. (August 2015 ). 2015. TWC: Small: System Infrastructure for SMM-based Runtime Integrity Measurement. https:\/\/nsf.gov\/awardsearch\/showAward?AWD_ID=1528185. (August 2015)."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978358"},{"key":"e_1_3_2_1_4_1","unstructured":"Advanced Micro Devices Inc. 2015. BIOS and Kernel Developer's Guide (BKDG) for AMD Family 16h Models 30h-3Fh Processors. http:\/\/support.amd.com\/TechDocs\/52740_16h_Models_30h-3Fh_BKDG.pdf. (March 2015).  Advanced Micro Devices Inc. 2015. BIOS and Kernel Developer's Guide (BKDG) for AMD Family 16h Models 30h-3Fh Processors. http:\/\/support.amd.com\/TechDocs\/52740_16h_Models_30h-3Fh_BKDG.pdf. (March 2015)."},{"key":"e_1_3_2_1_5_1","unstructured":"AMD TATS BIOS Development Group. 2013. AMD Security and Server Innovation. http:\/\/www.uefi.org\/sites\/default\/files\/resources\/UEFI_PlugFest_AMD_Security_and_Server_innovation_AMD_March_2013.pdf. (2013).  AMD TATS BIOS Development Group. 2013. AMD Security and Server Innovation. http:\/\/www.uefi.org\/sites\/default\/files\/resources\/UEFI_PlugFest_AMD_Security_and_Server_innovation_AMD_March_2013.pdf. (2013)."},{"key":"e_1_3_2_1_6_1","volume-title":"Proceedings of the 2nd Workshop on Hardware and Architectural Support for Security and Privacy (HASP'13)","author":"Anati Ittai","year":"2013","unstructured":"Ittai Anati , Shay Gueron , Simon P Johnson , and Vincent R Scarlata . 2013 . Innovative Technology for CPU Based Attestation and Sealing . In Proceedings of the 2nd Workshop on Hardware and Architectural Support for Security and Privacy (HASP'13) . Ittai Anati, Shay Gueron, Simon P Johnson, and Vincent R Scarlata. 2013. Innovative Technology for CPU Based Attestation and Sealing. In Proceedings of the 2nd Workshop on Hardware and Architectural Support for Security and Privacy (HASP'13)."},{"key":"e_1_3_2_1_7_1","unstructured":"ARM. 2009. ARM Security Technology - Building a Secure System using TrustZone Technology. http:\/\/infocenter.arm.com\/help\/topic\/com.arm.doc.prd29-genc-009492c\/PRD29-GENC-009492C_trustzone_security_whitepaper.pdf. (2009).  ARM. 2009. ARM Security Technology - Building a Secure System using TrustZone Technology. http:\/\/infocenter.arm.com\/help\/topic\/com.arm.doc.prd29-genc-009492c\/PRD29-GENC-009492C_trustzone_security_whitepaper.pdf. (2009)."},{"key":"e_1_3_2_1_8_1","unstructured":"ARM. 2016. ARM Trusted Firmware. https:\/\/github.com\/ARM-software\/arm-trusted-firmware. (2016).  ARM. 2016. ARM Trusted Firmware. https:\/\/github.com\/ARM-software\/arm-trusted-firmware. (2016)."},{"key":"e_1_3_2_1_9_1","volume-title":"Proceedings of The 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI'16)","author":"Arnautov Sergei","year":"2016","unstructured":"Sergei Arnautov , Bohdan Trach , Franz Gregor , Thomas Knauth , Andre Martin , Christian Priebe , Joshua Lind , Divya Muthukumaran , Daniel O'Keeffe , Mark L Stillwell , David Goltzsche , Dave Eyers , Rudiger Kapitza , Peter Pietzuch , and Christof Fetzer . 2016 . SCONE: Secure Linux Containers with Intel SGX . In Proceedings of The 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI'16) . Sergei Arnautov, Bohdan Trach, Franz Gregor, Thomas Knauth, Andre Martin, Christian Priebe, Joshua Lind, Divya Muthukumaran, Daniel O'Keeffe, Mark L Stillwell, David Goltzsche, Dave Eyers, Rudiger Kapitza, Peter Pietzuch, and Christof Fetzer. 2016. SCONE: Secure Linux Containers with Intel SGX. In Proceedings of The 12th USENIX Symposium on Operating Systems Design and Implementation (OSDI'16)."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660267.2660350"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/1866307.1866313"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046707.2046752"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.5555\/2685048.2685070"},{"key":"e_1_3_2_1_14_1","unstructured":"David Brash. 2002. ARM White Paper The ARM Architecture Version 6 (ARMv6). http:\/\/lars.nocrew.org\/computers\/processors\/ARM\/ARMv6.pdf. (January 2002).  David Brash. 2002. ARM White Paper The ARM Architecture Version 6 (ARMv6). http:\/\/lars.nocrew.org\/computers\/processors\/ARM\/ARMv6.pdf. (January 2002)."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/2906388.2906390"},{"key":"e_1_3_2_1_16_1","unstructured":"Ferdinand Brasser Urs M\u00fcller Alexandra Dmitrienko Kari Kostiainen Srdjan Capkun and Ahmad-Reza Sadeghi. 2017. Software Grand Exposure: SGX Cache Attacks Are Practical. (2017). http:\/\/arxiv.org\/abs\/1702.07521  Ferdinand Brasser Urs M\u00fcller Alexandra Dmitrienko Kari Kostiainen Srdjan Capkun and Ahmad-Reza Sadeghi. 2017. Software Grand Exposure: SGX Cache Attacks Are Practical. (2017). http:\/\/arxiv.org\/abs\/1702.07521"},{"volume-title":"coideloko, and D0nAnd0n","year":"2008","key":"e_1_3_2_1_17_1","unstructured":"BSDaemon , coideloko, and D0nAnd0n . 2008 . System Management Mode Hack: Using SMM for 'Other Purposes'. Phrack Magazine (2008). Issue 65. BSDaemon, coideloko, and D0nAnd0n. 2008. System Management Mode Hack: Using SMM for 'Other Purposes'. Phrack Magazine (2008). Issue 65."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1145\/2508859.2516714"},{"key":"e_1_3_2_1_19_1","unstructured":"Coreboot. 2011. Open-Source BIOS. http:\/\/www.coreboot.org\/. (2011).  Coreboot. 2011. Open-Source BIOS. http:\/\/www.coreboot.org\/. (2011)."},{"key":"e_1_3_2_1_20_1","unstructured":"Victor Costan and Srinivas Devadas. 2016. Intel SGX Explained. https:\/\/eprint.iacr.org\/2016\/086.pdf. (2016).  Victor Costan and Srinivas Devadas. 2016. Intel SGX Explained. https:\/\/eprint.iacr.org\/2016\/086.pdf. (2016)."},{"key":"e_1_3_2_1_21_1","unstructured":"Jeremy Powell David Kaplan and Tom Woller. 2016. AMD Memory Encryption White Paper. http:\/\/amd-dev.wpengine.netdna-cdn.com\/wordpress\/media\/2013\/12\/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf. (April 2016).  Jeremy Powell David Kaplan and Tom Woller. 2016. AMD Memory Encryption White Paper. http:\/\/amd-dev.wpengine.netdna-cdn.com\/wordpress\/media\/2013\/12\/AMD_Memory_Encryption_Whitepaper_v7-Public.pdf. (April 2016)."},{"key":"e_1_3_2_1_22_1","unstructured":"Loic Duflot Olivier Levillain Benjamin Morin and Olivier Grumelard. System Management Mode Design and Security Issues. http:\/\/www.ssi.gouv.fr\/IMG\/pdf\/IT_Defense_2010_final.pdf. (????).  Loic Duflot Olivier Levillain Benjamin Morin and Olivier Grumelard. System Management Mode Design and Security Issues. http:\/\/www.ssi.gouv.fr\/IMG\/pdf\/IT_Defense_2010_final.pdf. (????)."},{"key":"e_1_3_2_1_23_1","volume-title":"Proceedings of the 12th CanSecWest Conference (CanSecWest'09)","author":"Duflot Loic","year":"2009","unstructured":"Loic Duflot , Olivier Levillain , Benjamin Morin , and Olivier Grumelard . 2009 . Getting into the SMRAM: SMM Reloaded , In Proceedings of the 12th CanSecWest Conference (CanSecWest'09) . CanSecWest, Vancouver, Canada (2009). Loic Duflot, Olivier Levillain, Benjamin Morin, and Olivier Grumelard. 2009. Getting into the SMRAM: SMM Reloaded, In Proceedings of the 12th CanSecWest Conference (CanSecWest'09). CanSecWest, Vancouver, Canada (2009)."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/1460877.1460892"},{"key":"e_1_3_2_1_25_1","volume-title":"Proceedings of The 3rd IEEE Mobile Security Technologies Workshop (MoST).","author":"Ge Xinyang","year":"2014","unstructured":"Xinyang Ge , Hayawardh Vijayakumar , and Trent Jaeger . 2014 . SPROBES: Enforcing Kernel Code Integrity on the TrustZone Architecture . In Proceedings of The 3rd IEEE Mobile Security Technologies Workshop (MoST). Xinyang Ge, Hayawardh Vijayakumar, and Trent Jaeger. 2014. SPROBES: Enforcing Kernel Code Integrity on the TrustZone Architecture. In Proceedings of The 3rd IEEE Mobile Security Technologies Workshop (MoST)."},{"key":"e_1_3_2_1_26_1","volume-title":"The hijacking flaw that lurked in Intel chips is worse than anyone thought. https:\/\/arstechnica.com\/security\/2017\/05\/the-hijacking-flaw-that-lurked-in-intel-chips-is-worse-than-anyone-thought\/. (May","author":"Goodin Dan","year":"2017","unstructured":"Dan Goodin . 2017. The hijacking flaw that lurked in Intel chips is worse than anyone thought. https:\/\/arstechnica.com\/security\/2017\/05\/the-hijacking-flaw-that-lurked-in-intel-chips-is-worse-than-anyone-thought\/. (May 2017 ). Accessed 05\/10\/2017. Dan Goodin. 2017. The hijacking flaw that lurked in Intel chips is worse than anyone thought. https:\/\/arstechnica.com\/security\/2017\/05\/the-hijacking-flaw-that-lurked-in-intel-chips-is-worse-than-anyone-thought\/. (May 2017). Accessed 05\/10\/2017."},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/2487726.2488370"},{"key":"e_1_3_2_1_28_1","volume-title":"Proceedings of 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI).","author":"Hunt Tyler","year":"2016","unstructured":"Tyler Hunt , Zhiting Zhu , Yuanzhong Xu , Simon Peter , and Emmett Witchel . 2016 . Ryoan: A distributed sandbox for untrusted computation on secret data . In Proceedings of 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI). Tyler Hunt, Zhiting Zhu, Yuanzhong Xu, Simon Peter, and Emmett Witchel. 2016. Ryoan: A distributed sandbox for untrusted computation on secret data. In Proceedings of 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI)."},{"key":"e_1_3_2_1_29_1","unstructured":"Intel. 2009. 64 and IA-32 Architectures Software Developer's Manual. http:\/\/www.intel.com\/content\/www\/us\/en\/processors\/architectures-software-developer-manuals.html. (2009). http:\/\/www.intel.com\/content\/www\/us\/en\/processors\/architectures-software-developer-manuals.html  Intel. 2009. 64 and IA-32 Architectures Software Developer's Manual. http:\/\/www.intel.com\/content\/www\/us\/en\/processors\/architectures-software-developer-manuals.html. (2009). http:\/\/www.intel.com\/content\/www\/us\/en\/processors\/architectures-software-developer-manuals.html"},{"volume-title":"64 and IA-32 Architectures Software Developer's Manual","year":"2014","key":"e_1_3_2_1_30_1","unstructured":"Intel. 2014. 64 and IA-32 Architectures Software Developer's Manual : Chapter 34. ( 2014 ). Intel. 2014. 64 and IA-32 Architectures Software Developer's Manual: Chapter 34. (2014)."},{"volume-title":"ISCA 2015 SGX Tutorial. https:\/\/software.intel.com\/sites\/default\/files\/332680-002","year":"2015","key":"e_1_3_2_1_31_1","unstructured":"Intel. 2015 . ISCA 2015 SGX Tutorial. https:\/\/software.intel.com\/sites\/default\/files\/332680-002 .pdf. (2015). Intel. 2015. ISCA 2015 SGX Tutorial. https:\/\/software.intel.com\/sites\/default\/files\/332680-002.pdf. (2015)."},{"key":"e_1_3_2_1_32_1","volume-title":"https:\/\/security-center.intel.com\/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr. (May","author":"Intel Security Group","year":"2017","unstructured":"Intel Security Group . 2017. INTEL-SA-00075. https:\/\/security-center.intel.com\/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr. (May 2017 ). Accessed 05\/10\/2017. Intel Security Group. 2017. INTEL-SA-00075. https:\/\/security-center.intel.com\/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr. (May 2017). Accessed 05\/10\/2017."},{"key":"e_1_3_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2016.23011"},{"key":"e_1_3_2_1_34_1","volume-title":"PrivateZone: Providing a Private Execution Environment using ARM TrustZone","author":"Jang Jinsoo","year":"2016","unstructured":"Jinsoo Jang , Changho Choi , Jaehyuk Lee , Nohyun Kwak , Seongman Lee , Yeseul Choi , and Brent Byunghoon Kang . 2016. PrivateZone: Providing a Private Execution Environment using ARM TrustZone . IEEE Transactions on Dependable and Secure Computing ( 2016 ). Jinsoo Jang, Changho Choi, Jaehyuk Lee, Nohyun Kwak, Seongman Lee, Yeseul Choi, and Brent Byunghoon Kang. 2016. PrivateZone: Providing a Private Execution Environment using ARM TrustZone. IEEE Transactions on Dependable and Secure Computing (2016)."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2015.23189"},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/2731186.2731203"},{"key":"e_1_3_2_1_37_1","unstructured":"Corey Kallenberg and Xeno Kovah. 2015. How Many Million BIOSes Would you Like to Infect? http:\/\/conference.hitb.org\/hitbsecconf2015ams\/wp-content\/uploads\/2015\/02\/D1T1-Xeno-Kovah-and-Corey-Kallenberg-How-Many-Million-BIOSes-Would-You-Like-to-Infect.pdf. (2015).  Corey Kallenberg and Xeno Kovah. 2015. How Many Million BIOSes Would you Like to Infect? http:\/\/conference.hitb.org\/hitbsecconf2015ams\/wp-content\/uploads\/2015\/02\/D1T1-Xeno-Kovah-and-Corey-Kallenberg-How-Many-Million-BIOSes-Would-You-Like-to-Infect.pdf. (2015)."},{"key":"e_1_3_2_1_38_1","volume-title":"Speed Racer: Exploiting an Intel Flash Protection Race Condition. https:\/\/events.ccc.de\/congress\/2014\/Fahrplan\/system\/attachments\/2565\/original\/speed_racer_whitepaper.pdf.","author":"Kallenberg Corey","year":"2014","unstructured":"Corey Kallenberg and Rafal Wojtczuk . 2014 . Speed Racer: Exploiting an Intel Flash Protection Race Condition. https:\/\/events.ccc.de\/congress\/2014\/Fahrplan\/system\/attachments\/2565\/original\/speed_racer_whitepaper.pdf. (2014). Corey Kallenberg and Rafal Wojtczuk. 2014. Speed Racer: Exploiting an Intel Flash Protection Race Condition. https:\/\/events.ccc.de\/congress\/2014\/Fahrplan\/system\/attachments\/2565\/original\/speed_racer_whitepaper.pdf. (2014)."},{"key":"e_1_3_2_1_39_1","volume-title":"USENIX Security Tutorial","author":"Kaplan David","year":"2016","unstructured":"David Kaplan . 2016. AMD x86 Memory Encryption Technologies , USENIX Security Tutorial 2016 . https:\/\/www.usenix.org\/conference\/usenixsecurity16\/technical-sessions\/presentation\/kaplan. (2016). David Kaplan. 2016. AMD x86 Memory Encryption Technologies, USENIX Security Tutorial 2016. https:\/\/www.usenix.org\/conference\/usenixsecurity16\/technical-sessions\/presentation\/kaplan. (2016)."},{"key":"e_1_3_2_1_40_1","volume-title":"ISCA 2016","author":"Kaplan David","year":"2016","unstructured":"David Kaplan , Tom Woller , and Jeremy Powell . 2016 . AMD Memory Encryption Tutorial , ISCA 2016 . https:\/\/sites.google.com\/site\/metisca2016\/. (2016). David Kaplan, Tom Woller, and Jeremy Powell. 2016. AMD Memory Encryption Tutorial, ISCA 2016. https:\/\/sites.google.com\/site\/metisca2016\/. (2016)."},{"key":"e_1_3_2_1_41_1","doi-asserted-by":"publisher","DOI":"10.1145\/3052973.3053034"},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1109\/SANER.2016.25"},{"key":"e_1_3_2_1_43_1","doi-asserted-by":"publisher","DOI":"10.1145\/2742647.2742676"},{"key":"e_1_3_2_1_44_1","volume-title":"Proceedings of 25th USENIX Security Symposium (USENIX Security'16)","author":"Lipp Moritz","year":"2016","unstructured":"Moritz Lipp , Daniel Gruss , Raphael Spreitzer , Cl\u00e9mentine Maurice , and Stefan Mangard . 2016 . ARMageddon: Cache attacks on mobile devices . In Proceedings of 25th USENIX Security Symposium (USENIX Security'16) . Moritz Lipp, Daniel Gruss, Raphael Spreitzer, Cl\u00e9mentine Maurice, and Stefan Mangard. 2016. ARMageddon: Cache attacks on mobile devices. In Proceedings of 25th USENIX Security Symposium (USENIX Security'16)."},{"key":"e_1_3_2_1_45_1","unstructured":"Rudolf Marek. 2014. AMD x86 SMU firmware analysis - Do you care about Matroshka processors? https:\/\/events.ccc.de\/congress\/2014\/Fahrplan\/system\/attachments\/2503\/original\/ccc-final.pdf. (2014).  Rudolf Marek. 2014. AMD x86 SMU firmware analysis - Do you care about Matroshka processors? https:\/\/events.ccc.de\/congress\/2014\/Fahrplan\/system\/attachments\/2503\/original\/ccc-final.pdf. (2014)."},{"key":"e_1_3_2_1_46_1","doi-asserted-by":"publisher","DOI":"10.1145\/2487726.2488368"},{"volume-title":"Proceedings of 9th USENIX Workshop on Offensive Technologies (WOOT'15)","author":"Bazhaniuk Oleksandr","key":"e_1_3_2_1_47_1","unstructured":"Oleksandr Bazhaniuk and John Loucaides and Lee Rosenbaum and Mark R . Tuttle and Vincent Zimmer. 2015. Symbolic Execution for BIOS Security . In Proceedings of 9th USENIX Workshop on Offensive Technologies (WOOT'15) . Oleksandr Bazhaniuk and John Loucaides and Lee Rosenbaum and Mark R. Tuttle and Vincent Zimmer. 2015. Symbolic Execution for BIOS Security. In Proceedings of 9th USENIX Workshop on Offensive Technologies (WOOT'15)."},{"key":"e_1_3_2_1_48_1","unstructured":"Oleksandr Bazhaniuk Yuriy Bulygin Andrew Furtak Mikhail Gorobets John Loucaides Alexander Matrosov Mickey Shkatov. 2015. A New Class of Vulnerabilities in SMI Handlers. http:\/\/www.c7zero.info\/stuff\/ANewClassOfVulnInSMIHandlers_csw2015.pdf. (2015).  Oleksandr Bazhaniuk Yuriy Bulygin Andrew Furtak Mikhail Gorobets John Loucaides Alexander Matrosov Mickey Shkatov. 2015. A New Class of Vulnerabilities in SMI Handlers. http:\/\/www.c7zero.info\/stuff\/ANewClassOfVulnInSMIHandlers_csw2015.pdf. (2015)."},{"key":"e_1_3_2_1_49_1","volume-title":"Tenable Blog: Rediscovering the Intel AMT Vulnerability. https:\/\/www.tenable.com\/blog\/rediscovering-the-intel-amt-vulnerability. (May","author":"Perez Carlos","year":"2017","unstructured":"Carlos Perez . 2017 . Tenable Blog: Rediscovering the Intel AMT Vulnerability. https:\/\/www.tenable.com\/blog\/rediscovering-the-intel-amt-vulnerability. (May 2017). Accessed 05\/10\/2017. Carlos Perez. 2017. Tenable Blog: Rediscovering the Intel AMT Vulnerability. https:\/\/www.tenable.com\/blog\/rediscovering-the-intel-amt-vulnerability. (May 2017). Accessed 05\/10\/2017."},{"key":"e_1_3_2_1_50_1","volume-title":"Proceedings of The 25th USENIX Security Symposium (UsenixSecurity'16)","author":"Raj Himanshu","year":"2016","unstructured":"Himanshu Raj , Stefan Saroiu , Alec Wolman , Ronald Aigner , Jeremiah Cox , Paul England , Chris Fenner , Kinshuman Kinshumann , Jork Loeser , Dennis Mattoon , Magnus Nystrom , David Robinson , Rob Spiger , Stefan Thom , and David Wooten . 2016 . fTPM: A Software-only Implementation of a TPM Chip . In Proceedings of The 25th USENIX Security Symposium (UsenixSecurity'16) . Himanshu Raj, Stefan Saroiu, Alec Wolman, Ronald Aigner, Jeremiah Cox, Paul England, Chris Fenner, Kinshuman Kinshumann, Jork Loeser, Dennis Mattoon, Magnus Nystrom, David Robinson, Rob Spiger, Stefan Thom, and David Wooten. 2016. fTPM: A Software-only Implementation of a TPM Chip. In Proceedings of The 25th USENIX Security Symposium (UsenixSecurity'16)."},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/2420950.2420962"},{"key":"e_1_3_2_1_52_1","volume-title":"Reflections on trusting trustzone. BlackHat USA","author":"Rosenberg Dan","year":"2014","unstructured":"Dan Rosenberg . 2014. Reflections on trusting trustzone. BlackHat USA ( 2014 ). Dan Rosenberg. 2014. Reflections on trusting trustzone. BlackHat USA (2014)."},{"volume-title":"Platform Embedded Security Technology Revealed: Safeguarding the Future of Computing with Intel Embedded Security and Management Engine","author":"Ruan Xiaoyu","key":"e_1_3_2_1_53_1","unstructured":"Xiaoyu Ruan . 2014. Platform Embedded Security Technology Revealed: Safeguarding the Future of Computing with Intel Embedded Security and Management Engine . Apress . Xiaoyu Ruan. 2014. Platform Embedded Security Technology Revealed: Safeguarding the Future of Computing with Intel Embedded Security and Management Engine. Apress."},{"key":"e_1_3_2_1_54_1","unstructured":"Joanna Rutkowska. 2015. Intel x86 Considered Harmful. http:\/\/blog.invisiblethings.org\/papers\/2015\/x86_harmful.pdf. (October 2015).  Joanna Rutkowska. 2015. Intel x86 Considered Harmful. http:\/\/blog.invisiblethings.org\/papers\/2015\/x86_harmful.pdf. (October 2015)."},{"key":"e_1_3_2_1_55_1","unstructured":"Joanna Rutkowska and Rafal Wojtczuk. 2008. Preventing and Detecting Xen Hypervisor Subversions. http:\/\/www.invisiblethingslab.com\/resources\/bh08\/part2-full.pdf. (2008).  Joanna Rutkowska and Rafal Wojtczuk. 2008. Preventing and Detecting Xen Hypervisor Subversions. http:\/\/www.invisiblethingslab.com\/resources\/bh08\/part2-full.pdf. (2008)."},{"key":"e_1_3_2_1_56_1","unstructured":"Ilia Safonov and Alex Matrosov. 2016. Excite project: all the truth about symbolic execution for BIOS security. http:\/\/2016.zeronights.org\/program\/9. (2016).  Ilia Safonov and Alex Matrosov. 2016. Excite project: all the truth about symbolic execution for BIOS security. http:\/\/2016.zeronights.org\/program\/9. (2016)."},{"key":"e_1_3_2_1_57_1","doi-asserted-by":"publisher","DOI":"10.1109\/ARES.2014.44"},{"key":"e_1_3_2_1_58_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.10"},{"key":"e_1_3_2_1_59_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-60876-1_1"},{"key":"e_1_3_2_1_60_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23037"},{"key":"e_1_3_2_1_61_1","doi-asserted-by":"publisher","DOI":"10.1145\/1315245.1315313"},{"key":"e_1_3_2_1_62_1","volume-title":"Attacking your trusted core: Exploiting trustzone on android. Black Hat USA","author":"Shen D","year":"2015","unstructured":"D Shen . 2015. Attacking your trusted core: Exploiting trustzone on android. Black Hat USA ( 2015 ). D Shen. 2015. Attacking your trusted core: Exploiting trustzone on android. Black Hat USA (2015)."},{"key":"e_1_3_2_1_63_1","doi-asserted-by":"publisher","DOI":"10.1109\/JIOT.2016.2579198"},{"key":"e_1_3_2_1_64_1","doi-asserted-by":"publisher","DOI":"10.1145\/2876019.2876032"},{"key":"e_1_3_2_1_65_1","doi-asserted-by":"publisher","DOI":"10.14722\/ndss.2017.23193"},{"key":"e_1_3_2_1_66_1","unstructured":"Igor Skochinsky. 2014. Intel ME Secrets: Hidden code in your chipset and how to discover what exactly it does. https:\/\/recon.cx\/2014\/slides\/Recon%202014%20Skochinsky.pdf. (2014).  Igor Skochinsky. 2014. Intel ME Secrets: Hidden code in your chipset and how to discover what exactly it does. https:\/\/recon.cx\/2014\/slides\/Recon%202014%20Skochinsky.pdf. (2014)."},{"key":"e_1_3_2_1_67_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-37300-8_2"},{"key":"e_1_3_2_1_68_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813692"},{"key":"e_1_3_2_1_69_1","volume-title":"Proceedings of The 18th European Symposium on Research in Computer Security (ESORICS'14)","author":"Sun He","year":"2014","unstructured":"He Sun , Kun Sun , Yuewu Wang , Jiwu Jing , and Sushil Jajodia . 2014 . Trust-Dump: Reliable Memory Acquisition on Smartphones . In Proceedings of The 18th European Symposium on Research in Computer Security (ESORICS'14) . He Sun, Kun Sun, Yuewu Wang, Jiwu Jing, and Sushil Jajodia. 2014. Trust-Dump: Reliable Memory Acquisition on Smartphones. In Proceedings of The 18th European Symposium on Research in Computer Security (ESORICS'14)."},{"key":"e_1_3_2_1_70_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2015.11"},{"key":"e_1_3_2_1_71_1","unstructured":"Alexander Tereshkin and Rafal Wojtczuk. 2009. Introducing Ring -3 Rootkits. http:\/\/invisiblethingslab.com\/itl\/Resources.html. (2009).  Alexander Tereshkin and Rafal Wojtczuk. 2009. Introducing Ring -3 Rootkits. http:\/\/invisiblethingslab.com\/itl\/Resources.html. (2009)."},{"volume-title":"Proceedings of the 42nd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN'12)","author":"Wang J.","key":"e_1_3_2_1_72_1","unstructured":"J. Wang , K Sun , and A. Stavrou . 2012. A Dependability Analysis of Hardware-Assisted Polling Integrity Checking Systems . In Proceedings of the 42nd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN'12) . J. Wang, K Sun, and A. Stavrou. 2012. A Dependability Analysis of Hardware-Assisted Polling Integrity Checking Systems. In Proceedings of the 42nd Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN'12)."},{"key":"e_1_3_2_1_73_1","doi-asserted-by":"publisher","DOI":"10.1109\/SADFE.2011.7"},{"key":"e_1_3_2_1_74_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-45744-4_22"},{"key":"e_1_3_2_1_75_1","volume-title":"Attacking UEFI Boot Script. 31st Chaos Communication Congress (31C3), http:\/\/events.ccc.de\/congress\/2014\/Fahrplan\/system\/attachments\/2566\/original\/venamis_whitepaper.pdf.","author":"Wojtczuk Rafal","year":"2014","unstructured":"Rafal Wojtczuk and Corey Kallenberg . 2014 . Attacking UEFI Boot Script. 31st Chaos Communication Congress (31C3), http:\/\/events.ccc.de\/congress\/2014\/Fahrplan\/system\/attachments\/2566\/original\/venamis_whitepaper.pdf. (2014). Rafal Wojtczuk and Corey Kallenberg. 2014. Attacking UEFI Boot Script. 31st Chaos Communication Congress (31C3), http:\/\/events.ccc.de\/congress\/2014\/Fahrplan\/system\/attachments\/2566\/original\/venamis_whitepaper.pdf. (2014)."},{"key":"e_1_3_2_1_76_1","unstructured":"Rafal Wojtczuk and Joanna Rutkowska. 2009. Attacking SMM Memory via Intel CPU Cache Poisoning. (2009). http:\/\/invisiblethingslab.com\/resources\/misc09\/smm_cache_fun.pdf  Rafal Wojtczuk and Joanna Rutkowska. 2009. Attacking SMM Memory via Intel CPU Cache Poisoning. (2009). http:\/\/invisiblethingslab.com\/resources\/misc09\/smm_cache_fun.pdf"},{"key":"e_1_3_2_1_77_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSNW.2013.6615523"},{"key":"e_1_3_2_1_78_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2015.11"},{"key":"e_1_3_2_1_79_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2013.6575343"},{"key":"e_1_3_2_1_80_1","doi-asserted-by":"publisher","DOI":"10.1145\/2714576.2714614"},{"key":"e_1_3_2_1_81_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-319-11203-9_13"},{"volume-title":"HyperCheck: A Hardware-assisted Integrity Monitor","author":"Zhang Fengwei","key":"e_1_3_2_1_82_1","unstructured":"Fengwei Zhang , Jiang Wang , Kun Sun , and Angelos Stavrou . 2014. HyperCheck: A Hardware-assisted Integrity Monitor . In IEEE Transactions on Dependable and Secure Computing (TDSC '14). Fengwei Zhang, Jiang Wang, Kun Sun, and Angelos Stavrou. 2014. HyperCheck: A Hardware-assisted Integrity Monitor. In IEEE Transactions on Dependable and Secure Computing (TDSC'14)."}],"event":{"name":"HASP '17: Hardware and Architectural Support for Security and Privacy","sponsor":["Intel Intel","University of Houston"],"location":"Toronto ON Canada","acronym":"HASP '17"},"container-title":["Proceedings of the Hardware and Architectural Support for Security and Privacy"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3092627.3092633","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3092627.3092633","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3092627.3092633","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T03:03:08Z","timestamp":1750215788000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3092627.3092633"}},"subtitle":["Challenges Towards Securing Hardware-assisted Execution Environments"],"short-title":[],"issued":{"date-parts":[[2017,6,25]]},"references-count":82,"alternative-id":["10.1145\/3092627.3092633","10.1145\/3092627"],"URL":"https:\/\/doi.org\/10.1145\/3092627.3092633","relation":{},"subject":[],"published":{"date-parts":[[2017,6,25]]},"assertion":[{"value":"2017-06-25","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}