EURO-MILS 4Clogo-hipeac


Date: 14th of March, 2017

Location: Nuremberg, Gemany

Workshop description

MILS is a high-assurance security architecture based on the concepts of separation and controlled information flow. The MILS architectural approach is all about decomposition of a system design into well-understood components and their interactions with the goal to achieve composable architecture and composable assurance for the designed system.

The composability of architecture and assurance for secure systems is a grand challenge, which we undertake to meet using the MILS architectural approach.

Architecture composition defines a secure system from trustworthy components and system architecture. The MILS framework for composable architecture is based on a separation kernel (which has overlapping functionality with a hypervisor) that creates partitions to separate different security domains. Such a separation kernel often needs to support real-time because there are many use-cases in embedded systems.

Assurance composition targets creating an assurance argument for the overall system from arguments of its components and the system’s security architecture. The workshop also welcomes contributions on the industrial application of the MILS architecture, assurance and certification frameworks, attack methods and templates for MILS systems, as well as presenting the MILS community.



Workshop Programme

09:30 - 12:30 Session 06/I MILS Workshop I
09:30 - 10:00 Security by Design - Introduction to MILS, Dr. Sergey Tverdyshev, SYSGO
10:00 - 10:30 Hardening High Assurance Systems: MILS as Software Design for Avionics, Kevin Müller, Airbus
10:30 - 11:00 Current Trends and Solutions in Securing Automotive Software,
Elisabeth Waitz, Elektrobit Automotive
11:00 - 11:30 Coffee Break
11:30 - 12:00 Fog Computing as Enabler for the Industrial Internet of Things /
Industrie 4.0, Wilfried Steiner, TTTech Computertechnik
12:00 - 12:30 High-End Security Features for Low-End Microcontrollers: Hardware-Security Acceleration on ARMv8-M Systems, Milosch Meriac, ARM
14:30 - 17:30 Session 06/II MILS Workshop II
14:30 - 15:00 Hardware Enforced Separation in Embedded Multicore SoCs, Geoffrey Waters, NXP Semiconductors
15:00 - 15:30 Ease Standard Compliance by Technical Means via MILS, Sven Nordhoff, SYSGO
15:30 - 16:00 Coffee Break
16:00 - 16:30 Analysing Cryptographically-Masked Information Flows in MILS-AADL
Specifications, Prof. Dr. Thomas Noll, RWTH Aachen University
16:30 - 17:00 An Approach to SoD Validation for MILS Security Configurations, Dr. Ekaterina Rudina, Kaspersky Lab
17:00 - 17:30 Non-Interfering Composed Evaluation.
Igor Furgel, Viola Saftig, Tobias Wagner, Kevin Müller, Reinhard Schwarz and Axel Söding-Freiherr von Blomberg.


 Link to program:


Previous Events