Award Abstract # 0644070
CAREER: Hardware/Software Codesign for Secure Embedded Systems: Methods and Education

NSF Org: CNS
Division Of Computer and Network Systems
Recipient: VIRGINIA POLYTECHNIC INSTITUTE & STATE UNIVERSITY
Initial Amendment Date: January 9, 2007
Latest Amendment Date: March 9, 2011
Award Number: 0644070
Award Instrument: Continuing Grant
Program Manager: Nina Amla
namla@nsf.gov
 (703)292-7991
CNS
 Division Of Computer and Network Systems
CSE
 Direct For Computer & Info Scie & Enginr
Start Date: January 15, 2007
End Date: December 31, 2012 (Estimated)
Total Intended Award Amount: $400,004.00
Total Awarded Amount to Date: $438,004.00
Funds Obligated to Date: FY 2007 = $80,002.00
FY 2008 = $86,001.00

FY 2009 = $168,000.00

FY 2010 = $12,000.00

FY 2011 = $92,001.00
History of Investigator:
  • Patrick Schaumont (Principal Investigator)
    pschaumont@wpi.edu
Recipient Sponsored Research Office: Virginia Polytechnic Institute and State University
300 TURNER ST NW
BLACKSBURG
VA  US  24060-3359
(540)231-5281
Sponsor Congressional District: 09
Primary Place of Performance: Virginia Polytechnic Institute and State University
300 TURNER ST NW
BLACKSBURG
VA  US  24060-3359
Primary Place of Performance
Congressional District:
09
Unique Entity Identifier (UEI): QDE5UHE5XD16
Parent UEI: M515A1DKXAN8
NSF Program(s): ADVANCED NET INFRA & RSCH,
CYBER TRUST,
TRUSTWORTHY COMPUTING
Primary Program Source: 01000809DB NSF RESEARCH & RELATED ACTIVIT
01000910DB NSF RESEARCH & RELATED ACTIVIT

01001011DB NSF RESEARCH & RELATED ACTIVIT

01001112DB NSF RESEARCH & RELATED ACTIVIT
Program Reference Code(s): 1045, 9178, 9218, 9251, HPCC
Program Element Code(s): 4090, 7371, 7795
Award Agency Code: 4900
Fund Agency Code: 4900
Assistance Listing Number(s): 47.070

ABSTRACT

Patrick Schaumont
Virginia Polytechnic Institute and State University
CAREER: Hardware/Software Codesign for Secure Embedded Systems: Methods and Education
0644070
Panel ID: 070111

Abstract



The implementation of a secure cipher within the embedded electronics of a smart-card can have a large number of weak points, which are unrelated to the cryptographic strength of that cipher. Side-channel information leaks may disclose internal secrets through the cipher's power consumption, execution time, and other physical implementation effects. Affecting hardware as well as software, these leaks show that a secure embedded system is no stronger than its weakest link.
This project creates a systematic design approach that iteratively partitions an embedded system into a security-critical and a non-critical part. The partitioning goes across the boundaries of hardware and software and is guided by side-channel estimators. The partitioned components are then safely integrated using secure hardware-software interfaces. The result is a flexible yet secure system design, that combines the flexibility of software with the robustness of hardware.
The project's intellectual merit is a design methodology for secure embedded system design. The methodology complements a traditional embedded design approach that focuses on performance and design-cost but not on security and side-channel information leaks.
The project trains computer engineers at the undergraduate level in hardware/software codesign, and at the graduate level in secure embedded systems design. The training software from this course forms the basis of the secure design flow, and it is freely distributed on CD-ROM. The software is serving other academic institutions that establish similar undergraduate courses. The secure methodology enables collaboration between embedded system designers and cryptographers, and helps them to build embedded systems that are less prone to attacks and fraud.

PUBLICATIONS PRODUCED AS A RESULT OF THIS RESEARCH

Note:  When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).

Some links on this page may take you to non-federal websites. Their policies may differ from this site.

(Showing: 1 - 10 of 12)
Schaumont, P; Verbauwhede, I "A component-based design environment for ESL design" IEEE DESIGN & TEST OF COMPUTERS , v.23 , 2006 , p.338 View record at Web of Science
Simpson, E; Schaumont, P "Offline hardware/software authentication for reconfigurable platforms" CRYPTOGRAPHIC HARDWARE AND EMBEDDED SYSTEMS - CHES 2006, PROCEEDINGS , v.4249 , 2006 , p.311 View record at Web of Science
Schaumont, P; Hwang, D; Yang, SL; Verbauwhede, I "Multilevel design validation in a secure embedded system" IEEE TRANSACTIONS ON COMPUTERS , v.55 , 2006 , p.1380 View record at Web of Science
Schaumont, P; Ching, D; Verbauwhede, I "An interactive codesign environment for domain-specific coprocessors" ACM TRANSACTIONS ON DESIGN AUTOMATION OF ELECTRONIC SYSTEMS , v.11 , 2006 , p.70 View record at Web of Science
Schaumont, P; Verbauwbede, I "Domain-specific codesign for embedded security" COMPUTER , v.36 , 2003 , p.68 View record at Web of Science
Schaumont, P; Verbauwhede, I "Domain specific tools and methods for application in security processor design" DESIGN AUTOMATION FOR EMBEDDED SYSTEMS , v.7 , 2002 , p.365 View record at Web of Science
P. Schaumont "A Senior Level Course in Hardware/Software Codesign" IEEE Transactions on Education , v.51 , 2008 , p.306 10.1109/TE.2007.910434
Schaumont, P "A senior-level course in hardware-software codesign" IEEE TRANSACTIONS ON EDUCATION , v.51 , 2008 , p.306 View record at Web of Science 10.1109/TE.2007.91043
Schaumont, P; Raghunathan, A "Guest editors' introdution: Security and trust in embedded-systems design" IEEE DESIGN & TEST OF COMPUTERS , v.24 , 2007 , p.518 View record at Web of Science
Z. Chen, P. Schaumont "A Parallel Implementation of Montgomery Multiplication on Multi-core Systems: Algorithm, Analysis, and Prototype" IEEE Transactions on Computers , v.60 , 2011 10.1109/TC.2010.256
X. Guo, P. Schaumont "Optimized System-on-Chip Integration of a Programmable ECC Coprocessor" ACM Transactions on Reconfigurable Technology and Systems (TRETS) , v.4 , 2010 10.1145/1857927.1857933
(Showing: 1 - 10 of 12)

PROJECT OUTCOMES REPORT

Disclaimer

This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.

This project addresses design methods and techniques to create secure embedded systems, such as key fobs, small embedded computers that run cryptographic functions, smart cards, RFID, and so on. These systems are challenging to design and implement because they need to execute complex cryptographic algorithms in a resource constrained environment (limited energy, limited computational resources). Furthermore, these systems experience a specific threat model to their security, namely an attacker with physical access to the embedded systems' implementation.

This project has worked on applications, methods and tools, and implementations of secure embedded systems. In the area of applications, public-key cryptography based on elliptic curves, symmetric-key cryptography, and hash algorithms have been evaluated for embedded implementation. The main effort was on methods and tools. The project proposed new techniques for side-channel analysis (a particular attack on secure embedded systems), and then developed suitable countermeasures for these attacks. The results include a secure circuit style and a novel technique to implement secure microprocessors. Furthermore, the project has developed several tools, including a tool for combined design of embedded systems hardware and software, and a tool for systematic evaluation of side-channel leakageof secure embedded systems.

Education is an important result in this project, as well. The project has created two course, one undergraduate course called "Hardware/Software Codesign" and a graduate level course called "Secure Hardware Design". The latter course was also offered as "Handheld Computer Security". To support the undergraduate course, a  textbook was written, of which two editions have been published ("A Practical Introduction to Hardware/Software Codesign").

This project has supported 13 Graduate Students and 5 Undergraduate Students. The project resulted in 20 conference papers, 5 journal papers, 1 book chapter, and 2 editions of a textbook.



Last Modified: 01/16/2013
Modified by: Patrick Schaumont

Please report errors in award information by writing to: awardsearch@nsf.gov.

Print this page

Back to Top of page