NSF Org: |
CNS Division Of Computer and Network Systems |
Recipient: |
|
Initial Amendment Date: | January 9, 2007 |
Latest Amendment Date: | March 9, 2011 |
Award Number: | 0644070 |
Award Instrument: | Continuing Grant |
Program Manager: |
Nina Amla
namla@nsf.gov (703)292-7991 CNS Division Of Computer and Network Systems CSE Direct For Computer & Info Scie & Enginr |
Start Date: | January 15, 2007 |
End Date: | December 31, 2012 (Estimated) |
Total Intended Award Amount: | $400,004.00 |
Total Awarded Amount to Date: | $438,004.00 |
Funds Obligated to Date: |
FY 2008 = $86,001.00 FY 2009 = $168,000.00 FY 2010 = $12,000.00 FY 2011 = $92,001.00 |
History of Investigator: |
|
Recipient Sponsored Research Office: |
300 TURNER ST NW BLACKSBURG VA US 24060-3359 (540)231-5281 |
Sponsor Congressional District: |
|
Primary Place of Performance: |
300 TURNER ST NW BLACKSBURG VA US 24060-3359 |
Primary Place of Performance Congressional District: |
|
Unique Entity Identifier (UEI): |
|
Parent UEI: |
|
NSF Program(s): |
ADVANCED NET INFRA & RSCH, CYBER TRUST, TRUSTWORTHY COMPUTING |
Primary Program Source: |
01000910DB NSF RESEARCH & RELATED ACTIVIT 01001011DB NSF RESEARCH & RELATED ACTIVIT 01001112DB NSF RESEARCH & RELATED ACTIVIT |
Program Reference Code(s): |
|
Program Element Code(s): |
|
Award Agency Code: | 4900 |
Fund Agency Code: | 4900 |
Assistance Listing Number(s): | 47.070 |
ABSTRACT
Patrick Schaumont
Virginia Polytechnic Institute and State University
CAREER: Hardware/Software Codesign for Secure Embedded Systems: Methods and Education
0644070
Panel ID: 070111
Abstract
The implementation of a secure cipher within the embedded electronics of a smart-card can have a large number of weak points, which are unrelated to the cryptographic strength of that cipher. Side-channel information leaks may disclose internal secrets through the cipher's power consumption, execution time, and other physical implementation effects. Affecting hardware as well as software, these leaks show that a secure embedded system is no stronger than its weakest link.
This project creates a systematic design approach that iteratively partitions an embedded system into a security-critical and a non-critical part. The partitioning goes across the boundaries of hardware and software and is guided by side-channel estimators. The partitioned components are then safely integrated using secure hardware-software interfaces. The result is a flexible yet secure system design, that combines the flexibility of software with the robustness of hardware.
The project's intellectual merit is a design methodology for secure embedded system design. The methodology complements a traditional embedded design approach that focuses on performance and design-cost but not on security and side-channel information leaks.
The project trains computer engineers at the undergraduate level in hardware/software codesign, and at the graduate level in secure embedded systems design. The training software from this course forms the basis of the secure design flow, and it is freely distributed on CD-ROM. The software is serving other academic institutions that establish similar undergraduate courses. The secure methodology enables collaboration between embedded system designers and cryptographers, and helps them to build embedded systems that are less prone to attacks and fraud.
PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH
Note:
When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).
Some links on this page may take you to non-federal websites. Their policies may differ from this site.
PROJECT OUTCOMES REPORT
Disclaimer
This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.
This project addresses design methods and techniques to create secure embedded systems, such as key fobs, small embedded computers that run cryptographic functions, smart cards, RFID, and so on. These systems are challenging to design and implement because they need to execute complex cryptographic algorithms in a resource constrained environment (limited energy, limited computational resources). Furthermore, these systems experience a specific threat model to their security, namely an attacker with physical access to the embedded systems' implementation.
This project has worked on applications, methods and tools, and implementations of secure embedded systems. In the area of applications, public-key cryptography based on elliptic curves, symmetric-key cryptography, and hash algorithms have been evaluated for embedded implementation. The main effort was on methods and tools. The project proposed new techniques for side-channel analysis (a particular attack on secure embedded systems), and then developed suitable countermeasures for these attacks. The results include a secure circuit style and a novel technique to implement secure microprocessors. Furthermore, the project has developed several tools, including a tool for combined design of embedded systems hardware and software, and a tool for systematic evaluation of side-channel leakageof secure embedded systems.
Education is an important result in this project, as well. The project has created two course, one undergraduate course called "Hardware/Software Codesign" and a graduate level course called "Secure Hardware Design". The latter course was also offered as "Handheld Computer Security". To support the undergraduate course, a textbook was written, of which two editions have been published ("A Practical Introduction to Hardware/Software Codesign").
This project has supported 13 Graduate Students and 5 Undergraduate Students. The project resulted in 20 conference papers, 5 journal papers, 1 book chapter, and 2 editions of a textbook.
Last Modified: 01/16/2013
Modified by: Patrick Schaumont
Please report errors in award information by writing to: awardsearch@nsf.gov.