Lateral Thinking for Trustworthy Apps
Hermann Härtig, Michael Roitzsch, Carsten Weinhold and Adam Lackorzynski
Technische Universität Dresden, Technische Universität Dresden, Technische Universität Dresden, Technische Universität Dresden

The growing computerization of critical infrastructure as well as the pervasiveness of computing in everyday life has led to increased interest in secure application development. Exemplified by ARM TrustZone and Intel SGX, we observe a flurry of new security technologies, but a lack of an architectural vision. We are convinced that point solutions are not sufficient to address the overall challenge of secure system design. In this paper, we sketch our take on a trusted component ecosystem of small individual building blocks with strong isolation. In our view, applications should no longer be designed as massive stacks of vertically layered frameworks, but instead as horizontal aggregates of mutually isolated components that collaborate across machine boundaries to provide a service. Lateral thinking is needed to create secure systems going forward.