How to Convince Your Security Team That Your AI App Is Secure Enough for the Edge�

Based on true stories

Erik Nordmark, ZEDEDA

#onesummit

Original Cloud-Native System

• Sending all the data to the cloud
• Cloud running containers using docker or kubernetes

#onesummit

Desired Edge Cloud-Native System

Edge Server w GPU

• Do the video analytics at the edge
• Less data and can operate if Internet down

​

​

​

​

​

​

• Requires a more capable edge server

​

#onesummit

Lab Edge Cloud-Native System

• Pick some hardware, a Linux distro, and the runtimes (docker, kubernetes)

​

#onesummit

Real-world Deployment

• Inside a machine in a factory
• On a truck going to well sites

​

#onesummit

Real-world Issues - Connectivity

• The network connectivity is intermittent
• Might be out for minutes or days

​

​

​

​

• Can runtime and workloads handle that?
• Advanced: handling static IP, htttps proxies

​

#onesummit

Real-world Issues - Power

• Some locations might not have reliable power
• Might not even have a UPS

​

​

​

​

• Can the OS and �runtime handle that?
• Can a database in the container handle that?

​

#onesummit

Then Security Happens

#onesummit

Security Review Questions

• What new attack surfaces are you exposing at the edge?
• Have you done a threat model/analysis?

#onesummit

Security Review Questions (more specific)

• What new attack surfaces are you exposing at the edge?
• Have you done a threat model/analysis?

​

• Our crown jewels at insecure location?
• Security/privacy of customer data on disk?
• Secure network?
• Physical theft of software or data?
• Patch/update when CVEs?
• Security monitoring?
• RBAC and SSO integration?

#onesummit

DIY Edge Security Approach

​

​

• Harden all software?
• OS - 940 pages:https://www.cisecurity.org/benchmark/ubuntu_linux
• Runtimes e.g., k8s 60 pages: https://media.defense.gov/2022/Aug/29/2003066362/-1/-1/0/CTR_KUBERNETES_HARDENING_GUIDANCE_1.2_20220829.PDF
• Applications/containers?
• And/or run a host-based firewall to protect applications?

​

#onesummit

DIY Edge Security Approach

​

• Theft?
• Secure boot insufficient. Attacker: Find old signed firmware/software with known CVEs
• Full disk encryption doesn’t help - no user to input password
• How to update OS + runtime + containers to fix CVE?
• Immutable OS images makes it easier
• Whole fleet runs few versions
• Need some Special Purpose OS

#onesummit

Project EVE Approach

Edge Virtualization Engine (EVE)

• Abstraction layer designed for the edge
• Created and donated by ZEDEDA to LF
• Open sourced under Apache License v2
• Part of Linux Foundation LF Edge Project

Any Gateway at IoT Scale

Free self-service

SaaS

​

Open Source

EVE API

Any Application

VM or Container

Sandbox

#onesummit

EVE Architecture

containerd

User Edge Compute Hardware

Open API

Partition A

Partition B

EVE managed, workload-centric storage

EVE services

EVE Controller

Disk overhead: 500M

RAM overhead: 500M�CPU overhead: 1 core

Hypervisor (Xen, KVM, ACRN)

On host/dom0

Dom 2

Dom 1

EVE Controller

#onesummit

EVE Robustness Elements

• Immutable, read-only OS image
• A/B booting
• Hardware and software watchdogs - automatic rollback
• Declarative, eventual consistency API
• Including device network connectivity (static IP, https proxy)

#onesummit

EVE Robustness and Security Elements

• Immutable, read-only OS image
• A/B booting
• Hardware and software watchdogs - automatic rollback
• Declarative, eventual consistency API
• Including device network connectivity (static IP, https proxy)
• Disable (USB) ports by default - assignable to applications
• No user accounts/login in EVE
• Zero touch, zero trust onboarding
• Mutual trust EVE - Controller from secure onboarding process
• Mutual TLS plus object signing/encryption
• Distributed firewall for every app
• Support deployment of virtual security appliances

#onesummit

Example EVE Security - handle stolen disk or server

• Start with hardware root of trust (TPM chip or firmware)
• Use TCG measured boot and remote attestation
• Use standard sealing of (storage) key under TPM measurements
• Unique: avoid attestation if no hardware/firmware/software change
• Unique: if change retrieve encrypted “for me” key from controller
• Details in https://wiki.lfedge.org/display/EVE/Measured+Boot+and+Remote+Attestation

​

#onesummit

Join us - as Users or Developers

• https://github.com/lf-edge/eve
• https://lfedge.org/resources/lf-edge-sandbox/
• Wed 11-12 demo in LF-Edge booth: Handsfree device onboarding

​

• EVE features under way:
• Application volume snapshot and rollback
• Richer 5G/LTE and local connectivity (CAN bus, USB, VLANs)
• Handling broken TPMs better
• Clustered compute and storage at the edge
• Real-time support

​

#onesummit

#onesummit