D5.1 Enhancing OpenNCP Security with Secure CPU Hardware (Version 1)

This deliverable report describes the initial activity performed in the context of WP5 (Security Mechanisms detaileddesign for trusted data exchange and storage), and in particular in T5.1. It shows the study conducted to hardenOpenNCP sensitive components leveraging the security extension of Intel’s CPU, namely Software Guard eXtension(SGX). More precisely, after exploring SGX mechanisms, this document describes where and how the Intel’shardening techniques can be integrated within OpenNCP. The development phase – reported in the following –comes after the activities carried out in WP3 (User requirements analysis) and WP4 (System requirements andoverall design), which defined, in general, the overall KONFIDO architecture, and, in particular, theinterconnections – including their data flows – between OpenNCP components. Inputs coming from WP3 andWP4 turned out to be fundamental to make targeted extensions to OpenNCP.