Secure Embedded Systems eine Voraussetzung für Cyber Physical Systems und das Internet der Dinge

Size: px
Start display at page:

Download "Secure Embedded Systems eine Voraussetzung für Cyber Physical Systems und das Internet der Dinge"

Transcription

1 Secure Embedded Systems eine Voraussetzung für Cyber Physical Systems und das Internet der Dinge Mitgliederversammlung EIKON e.v. 26. Februar 2014 Prof. Dr.-Ing. Georg Sigl Lehrstuhl für Sicherheit in der Informationstechnik Technische Universität München Fraunhofer Institut für Angewandte und Integrierte Sicherheit AISEC

2 Content Attack examples on embedded systems Future secure embedded systems Testing embedded systems security Security research in Munich 2

3 ATTACKS ON EMBEDDED SYSTEMS 3

4 FUTURE SECURE EMBEDDED SYSTEMS 12

5 Requirements for future secure embedded systems 1. Security for more than 10 years (target 30 years) 2. Secure machine to machine communication (M2M) 3. Protection of embedded systems against manipulation and misuse 4. Fulfillment of typical non functional requirements, i.e.: Real time behavior Resource limitations (cost, power) 5. Maintain security despite increasing complexity 6. Protection of intellectual property 7. Secure software update during operation 13

6 Secure embedded system M2M SIM GSM other System on Chip ID Actuator ID Sensor Trust Core 1 OS Core 2 IO-interfaces Peripherals Core i Core n RAM Flash System on Chip Hardware Security Module 14

7 Secure embedded system: Chip Identities M2M SIM other System on Chip GSM ID Actuator ID Sensor Trust Core 1 OS Core 2 IO-interfaces Peripherals Core i Core n RAM Flash System on Chip Hardware Security Module 15

8 IDs for Hardware Binding of components Authentication Integrity checking Piracy protection Encryption with derived keys Methods Physical Unclonable Functions (PUF) : fingerprint of a chip Fuses (electric or laser) Flash memory 16

9 PUFs as security primitive Unique Physical Property + Measurement = Method Authentication, Key Generation + = PUF Physical Unclonable Function 17

10 Ring Oscillator PUF (Suh and Devadas, 2007) * Ring oscillator frequencies depend on manufacturing variations Two ROs are compared to obtain a response bit * G. E. Suh and S. Devadas. Physical unclonable functions for device authentication and secret key generation. Design Automation Conference, DAC th ACM/IEEE, pages 9 14,

11 SRAM PUF (Guajardo et al., 2007) * Symmetric circuit balance influenced by manufacturing variations SRAM cells show a random, but stable value after power-up * J. Guajardo, S. S. Kumar, G. J. Schrijen, and P. Tuyls. FPGA intrinsic PUFs and their use for IP protection. In CHES 2007, volume 4727 of LNCS, pages Springer,

12 Automotive ECUs today and in future Microcontroller Microcontroller NVM Code CPU RAM Code CPU key application PUF key application Embedded Flash 65nm 40nm 28nm???? Flash Encrypted Code/Data Logic Process + external Flash + Shrinkable + Lower Cost + Higher Performance 20

13 Alternatives to PUF based key generation Fuses Electrical Reliability: weak key application Laser Size: very large Security: Easy to identify and modify OTP (one time programmable memory) Cost: comparison with PUF technology open Microcontroller RAM Code Security: memory cells easier to detect, extract and modify Programming of key during test increases test complexity CPU Flash Encrypted Code/Data 21

14 Reliability of PUFs Critical parameters: Temperature Voltage Ageing Countermeasures: Differential measurement Redundancy: Selection of reliable bits (1000 PUF Bits 100 Key Bits) Proper design: Design and design parameters must consider the behavior of temperature and voltage variations as well as ageing (as for any other circuit design) 22

15 Frequency behavior of an oscillator PUF f f Osc 3 Osc 4 instable f Osc 1 Osc 2 good -40 C 25 C 150 C Osc 5 Osc 6 Critical: uniqueness may be compromised 23

16 State of the Art in error correction Encoded Key Bits PUF Response Block Borders PUF Bits: - Reliable 1 - Reliable 0 - Unreliable Helper Data index of selected bit u 1=1 u 2 =? u 3 =3 All error correctors work on fixed block structure: e.g. IBS (Yu and Devadas, 2010 *) Goal: find one white and one black square in each block of four Helper data store the indices of selected bits * M.-D. Yu and S. Devadas, Secure and robust error correction for physical unclonable functions, IEEE Design & Test of Computers, vol. 27, no. 1, pp ,

17 Differential Sequence Coding * Encoded Key Bits PUF Response Helper Data - distance - inversion No fixed block borders Helper data store distance to next bit and an inversion indicator Larger blocks of unreliable bits can be skipped Most efficient error corrector scheme known to date * M. Hiller, M. Weiner, L. Rodrigues Lima, M- Birkner and G. Sigl. Breaking through Fixed PUF Block Limitations with Differential Sequence Coding and Convolutional Codes, TrustED,

18 Secure embedded system: Secure Elements M2M SIM other System on Chip GSM ID Actuator ID Sensor Trust Core 1 OS Core 2 IO-interfaces Peripherals Core i Core n RAM Flash System on Chip Hardware Security Module 27

19 Tasks of Secure Elements Key storage Asymmetric cryptography (signing and encryption) Session key generation Random number generation Access right check Integrity check Attestation Secure data storage Resistance against Hardware attacks! 28

20 Secure Element in a vehicle In BMBF Project SEIS (Sicherheit in eingebetteten IP-basierten Systemen) AISEC integrated a Secure Element in a car. Internet Gateway OEM Server Secure Element 29

21 Secure Element in Smart Meter The BSI Protection Profile requests a Secure Element in the Smart Meter Gateway. Secure Element Source: Protection Profile für das Gateway eines Smart Metering Systems; 30

22 Secure Elements in mobile phones 3 Secure Elements SIM Security Chip Secure SD Card 32

23 TESTING EMBEDDED SYSTEMS SECURITY 36

24 AISEC Labs to test security of systems! Hardware GSM Embedded NFC, Mobile App Test 37

25 Attacks on PUF based key generation All PUFs are vulnerable to HW attacks: Probing/Forcing Fault Attacks Side Channel Attacks Attacking the physical system (ring oscillators frequencies) D. Merli, J. Heyszl, B. Heinz, D. Schuster, F. Stumpf, and G. Sigl. Localized Electromagnetic Analysis of RO PUFs. In Proceedings of Int. Symposium on Hardware-Oriented Security and Trust (HOST), June IEEE. Attacking the key extraction process D. Merli, D. Schuster, F. Stumpf, and G. Sigl. Semi-invasive EM attack on FPGA RO PUFs and countermeasures. In 6th Workshop on Embedded Systems Security (WESS 2011), Taipei, Taiwan, October ACM. D. Merli, F. Stumpf, and G. Sigl. Protecting PUF error correction by codeword masking. Cryptology eprint Archive, Report 2013/334,

26 Ring Oscillator PUF (Suh and Devadas, 2007) * Ring oscillator frequencies depend on manufacturing variations Two ROs are compared to obtain a response bit * G. E. Suh and S. Devadas. Physical unclonable functions for device authentication and secret key generation. Design Automation Conference, DAC th ACM/IEEE, pages 9 14,

27 RO PUF, EM Side-Channel Attack (Merli et al., 2011)* RO frequencies around 100 MHz Identification of RO PUF frequencies through EM side-channel * D. Merli, D. Schuster, F. Stumpf, and G. Sigl. Semi-invasive EM attack on FPGA RO PUFs and countermeasures. In 6th Workshop on Embedded Systems Security (WESS 2011), Taipei, Taiwan, October ACM. 40

28 RO PUF, EM Side-Channel Attack (Merli et al., 2011)* RO_1 RO_2 RO_2 RO_3 RO PUF modelling by EM side-channel of frequency comparisons * D. Merli, D. Schuster, F. Stumpf, and G. Sigl. Semi-invasive EM attack on FPGA RO PUFs and countermeasures. In 6th Workshop on Embedded Systems Security (WESS 2011), Taipei, Taiwan, October ACM. 41

29 Side Channel Analysis: Electromagnetic Analysis 42

30 RO PUF, Localized EM Analysis (Merli et al., 2013)* Separation of Ring Oscillator PUF measurement components possible by EM analysis RO frequency measurement can be observed step by step Full PUF model can be extracted * D. Merli, J. Heyszl, B. Heinz, D. Schuster, F. Stumpf, and G. Sigl. Localized Electromagnetic Analysis of RO PUFs. In Proceedings of Int. Symposium on Hardware-Oriented Security and Trust (HOST), June IEEE. 43

31 Security Research in Munich Industry Fraunhofer Institute for Applied and Integrated Security Claudia Eckert Georg Sigl Industry ~3000 Students TU München Electrical Engineering Georg Sigl TU München Computer Science Claudia Eckert ~3000 Students 46

32 AISEC KEY FIGURES Employees: 2013: current status: > 90 Plans for further growth 2014 > > 150 Financing (Fraunhofer Model) Up to 30% state directly, 70% 3 rd party research projects Fraunhofer

33 AISEC Fields of Expertise Embedded Security Trusted platforms (HW/SW-Co-Design) Hardware Security HSMs, Side-channel, EMA-, Fault-Analysis Product- and Know-How-Protection PUF-solutions, smart materials, Firmware-Protection Mobile Security Trusted BYOD, App-Analysis Tool, Automotive-Sec. IP-based Networks Cloud-Networking, Secure Multi-Party Computation Digital Identity Attribute based IDs, Object-IDs, Web-IDs Fraunhofer

34 Thank You 51

CHANCES AND RISKS FOR SECURITY IN MULTICORE PROCESSORS

CHANCES AND RISKS FOR SECURITY IN MULTICORE PROCESSORS CHANCES AND RISKS FOR SECURITY IN MULTICORE PROCESSORS Prof. Dr.-Ing. Georg Sigl Institute for Security in Information Technology Technical University Munich sigl@tum.de Fraunhofer Research Institution

More information

Breaking through Fixed PUF Block Limitations with Differential Sequence Coding and Convolutional Codes 04/11/2013

Breaking through Fixed PUF Block Limitations with Differential Sequence Coding and Convolutional Codes 04/11/2013 Matthias Hiller, Michael Weiner, Leandro Rodrigues Lima, Maximilian Birkner and Georg Sigl Breaking through Fixed PUF Block Limitations with Differential Sequence Coding and Convolutional Codes International

More information

APPLIED AND INTEGRATED SECURITY

APPLIED AND INTEGRATED SECURITY APPLIED AND INTEGRATED SECURITY Directors: Claudia Eckert (Managing) Georg Sigl SECURITY RESEARCH IN MUNICH Fraunhofer Institution for Applied and Integrated Security Claudia Eckert Georg Sigl TU München

More information

PUF Physical Unclonable Functions

PUF Physical Unclonable Functions Physical Unclonable Functions Protecting next-generation Smart Card ICs with SRAM-based s The use of Smart Card ICs has become more widespread, having expanded from historical banking and telecommunication

More information

Applied and Integrated Security. C. Eckert

Applied and Integrated Security. C. Eckert Applied and Integrated Security 1 Joseph von Fraunhofer (1787-1826) Researcher discovery of Fraunhofer Lines in the sun spectrum Inventor new methods of lens processing Entrepreneur head of royal glass

More information

Anti-Counterfeiting with Hardware Intrinsic Security

Anti-Counterfeiting with Hardware Intrinsic Security Anti-Counterfeiting with Hardware Intrinsic Security Vincent van der Leest and Pim Tuyls Intrinsic-ID, Eindhoven, The Netherlands http://www.intrinsic-id.com Abstract Counterfeiting of goods and electronic

More information

CycurHSM An Automotive-qualified Software Stack for Hardware Security Modules

CycurHSM An Automotive-qualified Software Stack for Hardware Security Modules CycurHSM An Automotive-qualified Software Stack for Hardware Security Modules Dr. Frederic Stumpf, ESCRYPT GmbH Embedded Security, Stuttgart, Germany 1 Introduction Electronic Control Units (ECU) are embedded

More information

Software Hardware Binding with Quiddikey

Software Hardware Binding with Quiddikey Software Hardware Binding with Quiddikey Mass scale solution against software piracy Secure your digital life Software-Hardware Binding solutions are typically required for Flash-based systems in which

More information

Malicious Off-chip Leakage Enabled by Side-channels

Malicious Off-chip Leakage Enabled by Side-channels MOLES: Malicious Off-chip Leakage Enabled by Side-channels Lang Lin* Wayne Burleson* Christof Paar* # *University of Massachusetts Amherst, USA # Ruhr University Bochum, Germany ICCAD, November 2009 This

More information

Hardware Intrinsic Security to Protect Value in the Mobile Market

Hardware Intrinsic Security to Protect Value in the Mobile Market Hardware Intrinsic Security to Protect Value in the Mobile Market Vincent van der Leest Roel Maes Geert-Jan Schrijen Pim Tuyls Intrinsic-ID { vincent.van.der.leest roel.maes geert.jan.schrijen pim.tuyls

More information

Logically Reconfigurable PUFs: Memory-Based Secure Key Storage

Logically Reconfigurable PUFs: Memory-Based Secure Key Storage Logically Reconfigurable PUFs: Memory-Based Secure Key Storage Ilze Eichhorn Intrinsic-ID High Tech Campus 9 Eindhoven, The Netherlands ilze.eichhorn@ intrinsic-id.com Patrick Koeberl Intel Ireland Collinstown

More information

Secure Services and Quality Testing SST. Security Engineering Privacy by Design Trusted Solutions. Mario Hoffmann. for Service Ecosystems

Secure Services and Quality Testing SST. Security Engineering Privacy by Design Trusted Solutions. Mario Hoffmann. for Service Ecosystems Secure Services and Quality Testing SST Security Engineering Privacy by Design Trusted Solutions for Service Ecosystems Mario Hoffmann Head of Department Fraunhofer AISEC in a nutshell Fraunhofer Profile

More information

Reviving smart card analysis

Reviving smart card analysis Reviving smart card analysis Christopher Tarnovsky Karsten Nohl chris@flylogic.net nohl@srlabs.de Executive summary Modern smart cards should be analyzed 1. Smart card chips provide the trust base for

More information

Side Channel Analysis and Embedded Systems Impact and Countermeasures

Side Channel Analysis and Embedded Systems Impact and Countermeasures Side Channel Analysis and Embedded Systems Impact and Countermeasures Job de Haas Agenda Advances in Embedded Systems Security From USB stick to game console Current attacks Cryptographic devices Side

More information

Secure Hardware PV018 Masaryk University Faculty of Informatics

Secure Hardware PV018 Masaryk University Faculty of Informatics Secure Hardware PV018 Masaryk University Faculty of Informatics Jan Krhovják Vašek Matyáš Roadmap Introduction The need of secure HW Basic terminology Architecture Cryptographic coprocessors/accelerators

More information

Quality Limitations on the Extraction of a PUF-based Cryptographic Key

Quality Limitations on the Extraction of a PUF-based Cryptographic Key Quality Limitations on the Extraction of a PUF-based Cryptographic Key Sandra L. Lattacher, TECHNIKON Forschungs- und Planungsgesellschaft mbh Joint work with Martin Deutschmann, Michael Höberl, Christina

More information

Comparative analysis of SRAM memories used as PUF primitives

Comparative analysis of SRAM memories used as PUF primitives Comparative analysis of SRAM memories used as PUF primitives Geert-Jan Schrijen, Vincent van der Leest Intrinsic-ID, Eindhoven, The Netherlands http://www.intrinsic-id.com Abstract In this publication

More information

Pervasive Computing und. Informationssicherheit

Pervasive Computing und. Informationssicherheit Pervasive Computing und 11. Symposium on Privacy and Security Rüschlikon, 13. September 2006 Prof. Christof Paar European Competence Center for IT Security www.crypto.rub.de Contents 1. Pervasive Computing

More information

Industrie 4.0. Towards a Holistic Approach for Cyber Safety and Security

Industrie 4.0. Towards a Holistic Approach for Cyber Safety and Security Industrie 4.0 Towards a Holistic Approach for Cyber Safety and Security Prof. Dr.-Ing. Reiner Anderl Marco Grimm, M.Sc. Datenverarbeitung in der Konstruktion (DiK) Fachbereich Maschinenbau Technische Universität

More information

1. Fault Attacks for Virtual Machines in Embedded Platforms. Supervisor: Dr Konstantinos Markantonakis, K.Markantonakis@rhul.ac.uk

1. Fault Attacks for Virtual Machines in Embedded Platforms. Supervisor: Dr Konstantinos Markantonakis, K.Markantonakis@rhul.ac.uk Proposed PhD Research Areas I am looking for strong PhD candidates to work on the projects listed below. The ideal candidate would have a mix of theoretical and practical skills, achieved a distinction

More information

Confidentio. Integrated security processing unit. Including key management module, encryption engine and random number generator

Confidentio. Integrated security processing unit. Including key management module, encryption engine and random number generator Confidentio Integrated security processing unit Including key management module, encryption engine and random number generator Secure your digital life Confidentio : An integrated security processing unit

More information

DRV-Fingerprinting: Using Data Retention Voltage of SRAM Cells for Chip Identification

DRV-Fingerprinting: Using Data Retention Voltage of SRAM Cells for Chip Identification DRV-Fingerprinting: Using Data Retention Voltage of SRAM Cells for Chip Identification Daniel E. Holcomb UC Berkeley Mastooreh Salajegheh UMass Amherst Kevin Fu UMass Amherst Amir Rahmati UMass Amherst

More information

Strengthen RFID Tags Security Using New Data Structure

Strengthen RFID Tags Security Using New Data Structure International Journal of Control and Automation 51 Strengthen RFID Tags Security Using New Data Structure Yan Liang and Chunming Rong Department of Electrical Engineering and Computer Science, University

More information

Microsemi Security Center of Excellence

Microsemi Security Center of Excellence Microsemi Security Center of Excellence Sales and FAE Training August 24, 2015 1 Outline What is the Security Center of Excellence (SCoE)? Overview of Microsemi s Security capabilities and expertise Threat

More information

Vehicular Security Hardware The Security for Vehicular Security Mechanisms

Vehicular Security Hardware The Security for Vehicular Security Mechanisms escrypt GmbH Embedded Security Systemhaus für eingebettete Sicherheit Vehicular Security Hardware The Security for Vehicular Security Mechanisms Marko Wolf, escrypt GmbH Embedded Security Embedded Security

More information

IoT Security Platform

IoT Security Platform IoT Security Platform 2 Introduction Wars begin when the costs of attack are low, the benefits for a victor are high, and there is an inability to enforce law. The same is true in cyberwars. Today there

More information

Security in ST : From Company to Products

Security in ST : From Company to Products Security in ST : From Company to Products July 2015 Thierry FENSCH Innovation, Collaboration and Efficiency Director Grenoble Site A global semiconductor leader 2014 revenues of $7.40B Who we are 2 Approximately

More information

Local Heating Attacks on Flash Memory Devices. Dr Sergei Skorobogatov

Local Heating Attacks on Flash Memory Devices. Dr Sergei Skorobogatov Local Heating Attacks on Flash Memory Devices Dr Sergei Skorobogatov http://www.cl.cam.ac.uk/~sps32 email: sps32@cam.ac.uk Introduction Semi-invasive attacks were introduced in 2002 ( Optical fault induction

More information

NVM memory: A Critical Design Consideration for IoT Applications

NVM memory: A Critical Design Consideration for IoT Applications NVM memory: A Critical Design Consideration for IoT Applications Jim Lipman Sidense Corp. Introduction The Internet of Things (IoT), sometimes called the Internet of Everything (IoE), refers to an evolving

More information

Embedded Java & Secure Element for high security in IoT systems

Embedded Java & Secure Element for high security in IoT systems Embedded Java & Secure Element for high security in IoT systems JavaOne - September 2014 Anne-Laure SIXOU - ST Thierry BOUSQUET - ST Frédéric VAUTE - Oracle Speakers 2 Anne-Laure SIXOU Smartgrid Product

More information

What is a Smart Card?

What is a Smart Card? An Introduction to Smart Cards and RFIDs Prof. Keith E. Mayes Keith.Mayes@rhul.ac.uk Director of the ISG - Smart Card Centre www.scc.rhul.ac.uk Learning Objectives (MSc MSc) Identify the various types

More information

AGAINST OUTSIDE THREATS

AGAINST OUTSIDE THREATS SECURING CONTROL NETWORKS AGAINST OUTSIDE THREATS MARK BUCKLAND MAY 2015 2015 Echelon Corporation IzoT PLATFORM PILLARS Full Monitoring and Control over IP Legacy Co-Existence and Evolution Industrial-strength

More information

Is your design leaking keys? Efficient testing for sidechannel

Is your design leaking keys? Efficient testing for sidechannel Is your design leaking keys? Efficient testing for sidechannel leakage Benjamin Jun Cryptography Research Inc Pankaj Rohatgi Cryptography Research Inc Session ID: ASEC-R35B Session Classification: Advanced

More information

SPARKS Cybersecurity Technology and the NESCOR Failure Scenarios

SPARKS Cybersecurity Technology and the NESCOR Failure Scenarios SPARKS Cybersecurity Technology and the NESCOR Failure Scenarios Lucie Langer and Paul Smith firstname.lastname@ait.ac.at AIT Austrian Institute of Technology ComForEn Workshop Monday 29 th September,

More information

PHYSICAL UNCLONABLE FUNCTION (PUF) BASED RANDOM NUMBER GENERATOR

PHYSICAL UNCLONABLE FUNCTION (PUF) BASED RANDOM NUMBER GENERATOR PHYSICAL UNCLONABLE FUNCTION (PUF) BASED RANDOM NUMBER GENERATOR Ali Sadr, Mostafa Zolfaghari-Nejad Department of Electrical Engineering, Iran University of Science and Technology ABSTRACT Tehran, Iran

More information

Security testing of hardware product

Security testing of hardware product Alain MERLE CESTI LETI CEA Grenoble Alain.merle@cea.fr Security testing of hardware product DCIS/SASTI/CESTI 1 Abstract «What are you doing in ITSEFs?» Testing, Security testing, Attacks, Evaluations,

More information

Credential Management for Cloud Computing

Credential Management for Cloud Computing Credential Management for Cloud Computing Workshop Cloud Security, 16.07.2014 Dr. Johannes Luyken Page 1 Security breaches increase in their impact by exploiting online access to confidential data that

More information

RFID Based Real Time Password Authentication System for ATM

RFID Based Real Time Password Authentication System for ATM IJSRD - International Journal for Scientific Research & Development Vol. 3, Issue 04, 2015 ISSN (online): 2321-0613 RFID Based Real Time Password Authentication System for ATM Soniya B. Milmile 1 Prof.

More information

Information Security Group (ISG) Core Research Areas. The ISG Smart Card Centre. From Smart Cards to NFC Smart Phone Security

Information Security Group (ISG) Core Research Areas. The ISG Smart Card Centre. From Smart Cards to NFC Smart Phone Security Information Security Group (ISG) From Smart Cards to NFC Smart Phone Security Information Security Group Activities Prof. Keith and Mayes Research From the Information Security Group ACE-CSR at Royal Holloway

More information

ERÖFFNUNG DES INNOVATIONSZENTRUMS ADAPTSYS

ERÖFFNUNG DES INNOVATIONSZENTRUMS ADAPTSYS ERÖFFNUNG DES INNOVATIONSZENTRUMS ADAPTSYS Cyber Physical Systems Sicherheit für eine Welt im Wandel Harald Pötter RF & Smart Sensor Systems Cyber Physical Systems Sicherheit für eine Welt im Wandel Agenda

More information

Embedding Trust into Cars Secure Software Delivery and Installation

Embedding Trust into Cars Secure Software Delivery and Installation Embedding Trust into Cars Secure Software Delivery and Installation André Adelsbach, Ulrich Huber, Ahmad-Reza Sadeghi, Christian Stüble Horst Görtz Institute for IT Security, Bochum, Germany Third Workshop

More information

CHASE Survey on 6 Most Important Topics in Hardware Security

CHASE Survey on 6 Most Important Topics in Hardware Security University of Connecticut CHASE Survey on 6 Most Important Topics in Hardware Security Prepared By Prof. M. Tehranipoor Charles H. Knapp Associate Professor in Engineering Innovation Topics! Counterfeit

More information

M2M For industrial and automotive

M2M For industrial and automotive M2M For industrial and automotive Content ST at a glance... 4 Where to find us... 5 The value chain... 5 Secure MCU... 6 Focus on ST33 secure microcontrollers... 6 M2M fields of application... 7 What is

More information

EVITA-Project.org: E-Safety Vehicle Intrusion Protected Applications

EVITA-Project.org: E-Safety Vehicle Intrusion Protected Applications EVITA-Project.org: E-Safety Vehicle Intrusion Protected Applications 7 th escar Embedded Security in Cars Conference November 24 25, 2009, Düsseldorf Dr.-Ing. Olaf Henniger, Fraunhofer SIT Darmstadt Hervé

More information

What is Industrie 4.0

What is Industrie 4.0 What is Industrie 4.0 Prof. Dr.-Ing. Reiner Anderl Computer Integrated Design (Datenverarbeitung in der Konstruktion, DiK) Fachbereich Maschinenbau Technische Universität Darmstadt Otto-Berndt-Straße 2

More information

Embedded Systems Security Device Attacks

Embedded Systems Security Device Attacks Embedded Systems Security Device Attacks Embedded Parallel Computing Seminar, SS12 Viktor Vasilev and Amirfarzad Azidhak Högskolan Halmstad March 2, 2012 Embedded systems trends Embedded systems are growing

More information

Hardware Trojans Detection Methods Julien FRANCQ

Hardware Trojans Detection Methods Julien FRANCQ DEFENDING WORLD SECURITY Hardware Trojans Detection Methods Julien FRANCQ 2013, December the 12th Outline c 2013 CASSIDIAN CYBERSECURITY - All rights reserved TRUDEVICE 2013, December the 12th Page 2 /

More information

Security in the Age of Nanocomputing. Hacking Devices

Security in the Age of Nanocomputing. Hacking Devices Security in the Age of Nanocomputing Matthew Tan Creti Hacking Devices The ESA estimates its total worldwide losses due to piracy at $3 billion annually [2] One million unlocked iphones could cost Apple

More information

Protected Cash Withdrawal in Atm Using Mobile Phone

Protected Cash Withdrawal in Atm Using Mobile Phone www.ijecs.in International Journal Of Engineering And Computer Science ISSN:2319-7242 Volume 2 Issue 4 April, 2013 Page No. 1346-1350 Protected Cash Withdrawal in Atm Using Mobile Phone M.R.Dineshkumar

More information

Secure USB Flash Drive. Biometric & Professional Drives

Secure USB Flash Drive. Biometric & Professional Drives Secure USB Flash Drive Biometric & Professional Drives I. CONTENTS II. INTRODUCTION... 2 OVERVIEW... 2 COPYRIGHTS AND TRADEMARKS... 2 III. SECURE FLASH DRIVE... 3 DESCRIPTION... 3 IV. MODULES OF SECURE

More information

Introducing the Industrial i.mx25 ARM9 TM Applications Processor

Introducing the Industrial i.mx25 ARM9 TM Applications Processor July, 2009 Introducing the Industrial i.mx25 ARM9 Applications Processor Ethernet, CAN, USB Amanda McGregor i.mx Product Marketing Purpose Introduction Overview of the Freescale i.mx25 family of ARM 9-based

More information

Horst Görtz Institute for IT-Security

Horst Görtz Institute for IT-Security Horst Görtz Institute for IT-Security On the Vulnerability of FPGA Bitstream Encryption against Power Analysis Attacks Extracting Keys from Xilinx Virtex-II FPGAs Amir Moradi, Alessandro Barenghi, Timo

More information

It is a microprocessor that is used as a component in a device and is designed for a specific control function within that device

It is a microprocessor that is used as a component in a device and is designed for a specific control function within that device What is an Embedded System? Security in Embedded Systems Mohammad Tehranipoor ECE 4095: Hardware Security & Trust University of Connecticut ECE Department It is a microprocessor that is used as a component

More information

The Internet of Things: Opportunities & Challenges

The Internet of Things: Opportunities & Challenges The Internet of Things: Opportunities & Challenges What is the IoT? Things, people and cloud services getting connected via the Internet to enable new use cases and business models Cloud Services How is

More information

VON BRAUN LABS. Issue #1 WE PROVIDE COMPLETE SOLUTIONS ULTRA LOW POWER STATE MACHINE SOLUTIONS VON BRAUN LABS. State Machine Technology

VON BRAUN LABS. Issue #1 WE PROVIDE COMPLETE SOLUTIONS ULTRA LOW POWER STATE MACHINE SOLUTIONS VON BRAUN LABS. State Machine Technology VON BRAUN LABS WE PROVIDE COMPLETE SOLUTIONS WWW.VONBRAUNLABS.COM Issue #1 VON BRAUN LABS WE PROVIDE COMPLETE SOLUTIONS ULTRA LOW POWER STATE MACHINE SOLUTIONS State Machine Technology IoT Solutions Learn

More information

Modeling SRAM Start-Up Behavior for Physical Unclonable Functions

Modeling SRAM Start-Up Behavior for Physical Unclonable Functions Modeling SRAM Start-Up Behavior for Physical Unclonable Functions Mafalda Cortez Apurva Dargar Said Hamdioui Delft University of Technology Faculty of EE, Mathematics and CS Mekelweg 4, 2628 CD Delft,

More information

Section 2.3 Authentication Technologies. Authentication

Section 2.3 Authentication Technologies. Authentication Section 2.3 Authentication Technologies 1 Authentication The determination of identity, usually based on a combination of something the person has (like a smart card or a radio key fob storing secret keys),

More information

Preventing fraud in epassports and eids

Preventing fraud in epassports and eids Preventing fraud in epassports and eids Security protocols for today and tomorrow by Markus Mösenbacher, NXP Machine-readable passports have been a reality since the 1980s, but it wasn't until after 2001,

More information

Securing Passive RFID Tags Using Strong Cryptographic Algorithms

Securing Passive RFID Tags Using Strong Cryptographic Algorithms Securing Passive RFID Tags Using Strong Cryptographic Algorithms 4th European Workshop on RFID Systems and Technologies 10-11 June, 2008, Freiburg, Germany Martin Feldhofer IAIK Graz University of Technology

More information

Security testing for hardware product : the security evaluations practice

Security testing for hardware product : the security evaluations practice Alain MERLE CESTI LETI CEA Grenoble Alain.merle@cea.fr Security testing for hardware product : the security evaluations practice DCIS/SASTI/CESTI 1 Abstract «What are you doing in ITSEFs?» Testing, Security

More information

Soft Decision Error Correction for Compact Memory-Based PUFs using a Single Enrollment

Soft Decision Error Correction for Compact Memory-Based PUFs using a Single Enrollment Soft Decision Error Correction for Compact Memory-Based PUFs using a Single Enrollment Vincent van der Leest 1, Bart Preneel 2, and Erik van der Sluis 1 1 Intrinsic-ID, Eindhoven, The Netherlands http://www.intrinsic-id.com

More information

Computer Hardware Requirements for Real-Time Applications

Computer Hardware Requirements for Real-Time Applications Lecture (4) Computer Hardware Requirements for Real-Time Applications Prof. Kasim M. Al-Aubidy Computer Engineering Department Philadelphia University Summer Semester, 2011 Real-Time Systems, Prof. Kasim

More information

Supporting Document Guidance. Security Architecture requirements (ADV_ARC) for smart cards and similar devices. April 2012. Version 2.

Supporting Document Guidance. Security Architecture requirements (ADV_ARC) for smart cards and similar devices. April 2012. Version 2. Supporting Document Guidance Security Architecture requirements (ADV_ARC) for smart cards and similar devices April 2012 Version 2.0 CCDB-2012-04-003 Foreword This is a supporting document, intended to

More information

Professor John McCanny CBE FRS FREng

Professor John McCanny CBE FRS FREng Foundation for Science and Technology-debate How can UK intellectual property be better protected from cyber theft". Professor John McCanny CBE FRS FREng Research Challenges Everyday we create 2.5 quintillion

More information

Bluegiga WF121 Wi-Fi Module. Embedded Wi-Fi modules. for affordable connectivity

Bluegiga WF121 Wi-Fi Module. Embedded Wi-Fi modules. for affordable connectivity Embedded Wi-Fi modules for affordable connectivity Bluegiga WF121 Wi-Fi Module WF121 is a standalone programmable Wi-Fi module with integrated TCP/IP s tack. It is an ideal product for embedded applications

More information

PUFs: Myth, Fact or Busted? A Security Evaluation of Physically Unclonable Functions (PUFs) Cast in Silicon

PUFs: Myth, Fact or Busted? A Security Evaluation of Physically Unclonable Functions (PUFs) Cast in Silicon PUFs: Myth, Fact or Busted? A Security Evaluation of Physically Unclonable Functions (PUFs) Cast in Silicon Extended Version Stefan Katzenbeisser 1, Ünal Kocabaş 1, Vladimir Rožić 3, Ahmad-Reza Sadeghi

More information

Cryptographic Rights Management of FPGA Intellectual Property Cores

Cryptographic Rights Management of FPGA Intellectual Property Cores Cryptographic Rights Management of FPGA Intellectual Property Cores Tom Kean Algotronix Ltd. PO Box 23116 Edinburgh EH8 8YB United Kingdom tom@algotronix.com ABSTRACT As the capacity of FPGA s increases

More information

VON BRAUN LABS. Issue #1 WE PROVIDE COMPLETE SOLUTIONS ULTRA LOW POWER STATE MACHINE SOLUTIONS. State Machine Technology. about our technologies

VON BRAUN LABS. Issue #1 WE PROVIDE COMPLETE SOLUTIONS ULTRA LOW POWER STATE MACHINE SOLUTIONS. State Machine Technology. about our technologies WWW.VONBRAUNLABS.COM Issue #1 VON BRAUN LABS WE PROVIDE COMPLETE SOLUTIONS ULTRA LOW POWER STATE MACHINE SOLUTIONS State Machine Technology IoT Solutions Learn more about our technologies OUR LABS Highly

More information

CoProcessor Design for Crypto- Applications using Hyperelliptic Curve Cryptography

CoProcessor Design for Crypto- Applications using Hyperelliptic Curve Cryptography CoProcessor Design for Crypto- Applications using Hyperelliptic Curve Cryptography 28. Februar 2008 Alexander Klimm, Oliver Sander, Jürgen Becker Institut für Technik der Informationsverarbeitung Sylvain

More information

Intelligent Home Automation and Security System

Intelligent Home Automation and Security System Intelligent Home Automation and Security System Ms. Radhamani N Department of Electronics and communication, VVIET, Mysore, India ABSTRACT: In todays scenario safer home security is required, As the technology

More information

Hardware Security for Trustworthy C2X Applications Marko Wolf

Hardware Security for Trustworthy C2X Applications Marko Wolf Hardware Security for Trustworthy C2X Applications Marko Wolf C2C-CC/CAMP Harmonization Workshop, Wolfsburg, Germany, 15.3.2012 Outline 1. Three General Reasons for Automotive Hardware Security Modules

More information

Introduction to Microcontroller World. XMC TM Microcontrollers March 2016

Introduction to Microcontroller World. XMC TM Microcontrollers March 2016 Introduction to Microcontroller World XMC TM Microcontrollers March 2016 Agenda 1 2 3 4 5 6 7 What is a Microcontroller Co Processor On Chip Memories Communication Peripherals Analog Peripherals Timers

More information

Today. Important From Last Time. Old Joke. Computer Security. Embedded Security. Trusted Computing Base

Today. Important From Last Time. Old Joke. Computer Security. Embedded Security. Trusted Computing Base Important From Last Time A system is safety critical when its failure may result in injuries or deaths Verification and validation can dominate overall development effort Today Embedded system security

More information

International Journal of Engineering Research & Management Technology

International Journal of Engineering Research & Management Technology International Journal of Engineering Research & Management Technology March- 2015 Volume 2, Issue-2 Radio Frequency Identification Security System Mr. Shailendra Kumar Assistant Professor Department of

More information

RADSAGA Resubmission. First meeting. Steffen MUELLER Alexander KOELPIN. Institute for Electronics Engineering (LTE) University of Erlangen-Nuremberg

RADSAGA Resubmission. First meeting. Steffen MUELLER Alexander KOELPIN. Institute for Electronics Engineering (LTE) University of Erlangen-Nuremberg RADSAGA Resubmission First meeting Steffen MUELLER Alexander KOELPIN Institute for Electronics Engineering (LTE) University of Erlangen-Nuremberg Outline 1. Introducing LTE 2. RadHard activities 3. LTE

More information

Trends and Challenges in IT Security. itec08, Darmstadt, 6th Nov. 2008

Trends and Challenges in IT Security. itec08, Darmstadt, 6th Nov. 2008 Trends and Challenges in IT Security Claudia Eckert Fraunhofer Institute for Secure Information Technology SIT Darmstadt, Germany, Darmstadt, 6th Nov. 2008 Outline 1. Internet of smart Things and Services

More information

A Cryptographically Secure On-chip Firewall for Memory Address Space Control

A Cryptographically Secure On-chip Firewall for Memory Address Space Control A Cryptographically Secure On-chip Firewall for Memory Address Space Control Roberto Rivoir Director of Security Development Rambus France IoT & Security Innovation Day Sophia Antipolis, France 26 November

More information

End-to-End Security in Wireless Sensor Networks (WSNs) Talk by Claudio Anliker Supervised by Dr. Corinna Schmitt CSG@IFI, University of Zurich

End-to-End Security in Wireless Sensor Networks (WSNs) Talk by Claudio Anliker Supervised by Dr. Corinna Schmitt CSG@IFI, University of Zurich End-to-End Security in Wireless Sensor (WSNs) Talk by Supervised by Dr. Corinna Schmitt CSG@IFI, University of Zurich Content 1. Motivation 2. Security Issues and Principles 3. Internet-of-Things and Wireless

More information

Security Challenges in the Cloud

Security Challenges in the Cloud Security Challenges in the Cloud Claudia Eckert Fraunhofer Research Institution for Applied and Integrated Security (AISEC) Chair for IT Security, TU München 7.2. Darmstadt, Conference of the e-finance

More information

RFID based Bill Generation and Payment through Mobile

RFID based Bill Generation and Payment through Mobile RFID based Bill Generation and Payment through Mobile 1 Swati R.Zope, 2 Prof. Maruti Limkar 1 EXTC Department, Mumbai University Terna college of Engineering,India Abstract Emerging electronic commerce

More information

Towards Analysis of Various Protection Techniques. Brecht Wyseur, KULeuven December 15 th 2008, Paris

Towards Analysis of Various Protection Techniques. Brecht Wyseur, KULeuven December 15 th 2008, Paris Towards Analysis of Various Protection Techniques Brecht Wyseur, KULeuven December 15 th 2008, Paris WP3 WP2 Overview Software protection techniques Crypto guards Obfuscation techniques Fuzzing (analysis

More information

Advanced Authentication

Advanced Authentication White Paper Advanced Authentication Introduction In this paper: Introduction 1 User Authentication 2 Device Authentication 3 Message Authentication 4 Advanced Authentication 5 Advanced Authentication is

More information

Wireless Microcontrollers for Environment Management, Asset Tracking and Consumer. October 2009

Wireless Microcontrollers for Environment Management, Asset Tracking and Consumer. October 2009 Wireless Microcontrollers for Environment Management, Asset Tracking and Consumer October 2009 Jennic highlights Jennic is a fabless semiconductor company providing Wireless Microcontrollers to high-growth

More information

Security in Vehicle Networks

Security in Vehicle Networks Security in Vehicle Networks Armin Happel, Christof Ebert Stuttgart, 17. March 2015 V1.1 2015-04-28 Introduction Vector Consulting Services supports clients worldwide in improving their product development

More information

Lightweight and Secure PUF Key Storage Using Limits of Machine Learning

Lightweight and Secure PUF Key Storage Using Limits of Machine Learning Lightweight and Secure PUF Key Storage Using Limits of Machine Learning Meng-Day (Mandel) Yu 1, David M Raïhi 1, Richard Sowell 1, Srinivas Devadas 2 1 Verayo, Inc., San Jose, CA, USA 2 MIT, Cambridge,

More information

ADVANCED IC REVERSE ENGINEERING TECHNIQUES: IN DEPTH ANALYSIS OF A MODERN SMART CARD. Olivier THOMAS Blackhat USA 2015

ADVANCED IC REVERSE ENGINEERING TECHNIQUES: IN DEPTH ANALYSIS OF A MODERN SMART CARD. Olivier THOMAS Blackhat USA 2015 ADVANCED IC REVERSE ENGINEERING TECHNIQUES: IN DEPTH ANALYSIS OF A MODERN SMART CARD Olivier THOMAS Blackhat USA 2015 About Texplained Texplained [Technology Explained] refers

More information

SECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES

SECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES SECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES Contents Introduction... 3 DRM Threat Model... 3 DRM Flow... 4 DRM Assets... 5 Threat Model... 5 Protection of

More information

Secure Cloud Storage and Computing Using Reconfigurable Hardware

Secure Cloud Storage and Computing Using Reconfigurable Hardware Secure Cloud Storage and Computing Using Reconfigurable Hardware Victor Costan, Brandon Cho, Srini Devadas Motivation Computing is more cost-efficient in public clouds but what about security? Cloud Applications

More information

Problems of Security in Ad Hoc Sensor Network

Problems of Security in Ad Hoc Sensor Network Problems of Security in Ad Hoc Sensor Network Petr Hanáček * hanacek@fit.vutbr.cz Abstract: The paper deals with a problem of secure communication between autonomous agents that form an ad hoc sensor wireless

More information

Bus Data Acquisition and Remote Monitoring System Using Gsm & Can

Bus Data Acquisition and Remote Monitoring System Using Gsm & Can IOSR Journal of Electrical and Electronics Engineering (IOSR-JEEE) e-issn: 2278-1676,p-ISSN: 2320-3331, Volume 8, Issue 3 (Nov. - Dec. 2013), PP 88-92 Bus Data Acquisition and Remote Monitoring System

More information

IMPROVISED SECURITY PROTOCOL USING NEAR FIELD COMMUNICATION IN SMART CARDS

IMPROVISED SECURITY PROTOCOL USING NEAR FIELD COMMUNICATION IN SMART CARDS IMPROVISED SECURITY PROTOCOL USING NEAR FIELD COMMUNICATION IN SMART CARDS Mythily V.K 1, Jesvin Veancy B 2 1 Student, ME. Embedded System Technologies, Easwari Engineering College, Ramapuram, Anna University,

More information

90nm e-page Flash for Machine to Machine Applications

90nm e-page Flash for Machine to Machine Applications 90nm e-page Flash for Machine to Machine Applications François Maugain, Jean Devin Microcontrollers, Memories & Secure MCUs Group 90nm e-page Flash for M2M applications Outline M2M Market Cycling Endurance

More information

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT Part I Contents Part I Introduction to Information Security Definition of Crypto Cryptographic Objectives Security Threats and Attacks The process Security Security Services Cryptography Cryptography (code

More information

SHE Secure Hardware Extension

SHE Secure Hardware Extension SHE Secure Hardware Extension Data Security for Automotive Embedded Systems Workshop on Cryptography and Embedded Security Embedded World @ Nuremberg, February 2012 Content Data Security - What does it

More information

T. and A. Schroeder Associate Professor

T. and A. Schroeder Associate Professor Secure Hardware in the Nano Era: Some New Directions Swarup Bhunia T. and A. Schroeder Associate Professor Electrical Engineering and Computer Science March ISQED 2015 1 SoC Security Issues & Protection

More information

How to Increase the Security of Digital Rights Management Systems without Affecting Consumer s Security

How to Increase the Security of Digital Rights Management Systems without Affecting Consumer s Security How to Increase the Security of Digital Rights Management Systems without Affecting Consumer s Security 4FriendsOnly.com Internet Technologies AG PD Dr.-Ing. habil. Jürgen Nützel, CEO, JN@4FO.de 4FriendsOnly.com

More information

Figure 1.Block diagram of inventory management system using Proximity sensors.

Figure 1.Block diagram of inventory management system using Proximity sensors. Volume 1, Special Issue, March 2015 Impact Factor: 1036, Science Central Value: 2654 Inventory Management System Using Proximity ensors 1)Jyoti KMuluk 2)Pallavi H Shinde3) Shashank VShinde 4)Prof VRYadav

More information

Connected things in the IoT world challenge your security! Wim van der Steeg

Connected things in the IoT world challenge your security! Wim van der Steeg Connected things in the IoT world challenge your security! Wim van der Steeg What is network security about? 2 November 206 3 November 206 IoT = process loops cross-harvesting data 0 0 0 0 0 0 0 0 0 0

More information

What is Industrie 4.0 and how will it create the new growth?

What is Industrie 4.0 and how will it create the new growth? What is Industrie 4.0 and how will it create the new growth? Prof. Dr.-Ing. Reiner Anderl Computer Integrated Design (Datenverarbeitung in der Konstruktion, DiK) Fachbereich Maschinenbau Technische Universität

More information

Network Security in Building Networks

Network Security in Building Networks Network Security in Building Networks Prof. Dr. (TU NN) Norbert Pohlmann Institute for Internet Security - if(is) Westphalian University of Applied Sciences Gelsenkirchen, Germany www.if-is.net Content

More information