With growing interest in computer security and the protection of the code and data which execute on commodity computers, the amount of hardware security features in today's processors has increased significantly over the recent years. No longer of just academic interest, security features inside processors have been embraced by industry as well, with a number of commercial secure processor architectures available today. This book gives readers insights into the principles behind the design of academic and commercial secure processor architectures. Secure processor architecture research is concerned with exploring and designing hardware features inside computer processors, features which can help protect confidentiality and integrity of the code and data executing on the processor. Unlike traditional processor architecture research that focuses on performance, efficiency, and energy as the first-order design objectives, secure processor architecture design has security as the first-order design objective (while still keeping the others as important design aspects that need to be considered).

This book presents the different challenges of secure processor architecture design to graduate students interested in research on architecture and hardware security and computer architects working in industry interested in adding security features to their designs. It educates readers about how the different challenges have been solved in the past and what are the best practices, i.e., the principles, for design of new secure processor architectures. Based on the careful review of past work by many computer architects and security researchers, readers also will come to know the five basic principles needed for secure processor architecture design. The book also presents existing research challenges and potential new research directions. Finally, it presents numerous design suggestions, as well as discussing pitfalls and fallacies that designers should avoid.

Jakub Szefer, Yale University
Jakub Szefer's research interests are at the intersection of computer architecture and hardware security. Jakub's recent projects focus on security verification of processor architectures; hardware (FPGA) implementation of cryptographic algorithms, especially post-quantum cryptographic (PQC) algorithms; Cloud FPGA security; designs of new Physically Unclonable Functions (PUFs); and leveraging physical properties of computer hardware for new cryptographic and security applications. Jakub's research is currently supported through National Science Foundation and industry donations. Jakub is a recipient of a 2017 NSF CAREER award. In the summer of 2013, he became an Assistant Professor of Electrical Engineering at Yale University, where he started the Computer Architecture and Security Laboratory (CAS Lab). Prior to joining Yale, he received Ph.D. and M.A. degrees in Electrical Engineering from Princeton University, where he worked with his advisor, Prof. Ruby B. Lee, on secure processor architectures. He received a B.S. with highest honors in Electrical and Computer Engineering from the University of Illinois at Urbana-Champaign.

Table of Contents
Introduction
Basic Computer Security Concepts
Secure Processor Architectures
Trusted Execution Environments
Hardware Root of Trust
Memory Protections
Multiprocessor and Many-Core Protections
Side-Channel Threats and Protections
Security Verification of Processor Architectures
Principles of Secure Processor Architecture Design
Bibliography
Online Resources
Author's Biography