Trustworthy Systems

Secure IT without vulnerabilities and backdoors


Arnd Weber, Gernot Heiser, Dirk Kuhlmann, Martin Schallbruch, Anupam Chattopadhyay, Sylvain Guilley, Michael Kasper, Christoph Krau\ss, Philipp S. Krüger, Steffen Reith and Jean-Pierre Seifert

    School of Computer Science and Engineering
    Sydney 2052, Australia




Increasing dependence on information technology calls for strengthening the requirements on their safety and security. Vulnerabilities that result from flaws in hardware and software are a core problem, which market mechanisms have failed to eliminate. A strategy for resolving this issue should consider the following options: (1) private- and public-sector funding for open and secure production, (2) strengthening the sovereign control over the production of critical IT components within an economic zone, and (3) improving and enforcing regulation. This paper analyses the strengths and weaknesses of these op-tions and proposes a globally distributed, secure supply chain based on open and mathematically proved components. The approach supports the integration of legacy and new proprie-tary components.

BibTeX Entry

    author           = {Weber, Arnd and Heiser, Gernot and Kuhlmann, Dirk and Schallbruch, Martin and Chattopadhyay, Anupam
                        and Guilley, Sylvain and Kasper, Michael and Krau\ss, Christoph and Kr{\"u}ger, Philipp S. and
                        Reith, Steffen and Seifert, Jean-Pierre},
    doi              = {10.5445/IR/1000153445},
    howpublished     = {On-line},
    month            = nov,
    note             = {English version of German article that appeared in TATuP 29 (1), 30--36},
    organization     = {Karlsruhe Institute of Technology},
    paperurl         = {},
    title            = {Secure {IT} without Vulnerabilities and Backdoors},
    year             = {2022}