CAREER: Hardware/Software Codesign for Secure Embedded Systems: Methods and Education

职业：安全嵌入式系统的硬件/软件协同设计：方法和教育

• 批准号: 0644070
• 负责人: Patrick Schaumont
• 金额: $ 40万
• 依托单位: Virginia Polytechnic Institute and State University
• 依托单位国家: 美国
• 项目类别: Continuing Grant
• 财政年份: 2007
• 资助国家: 美国
• 起止时间: 2007-01-15 至 2012-12-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0644070&HistoricalAwards=false
• 关键词: CAREER; Hardware; Software; Codesign; Secure

Patrick SchaumontVirginia Polytechnic Institute and State UniversityCAREER: Hardware/Software Codesign for Secure Embedded Systems: Methods and Education0644070Panel ID: 070111AbstractThe implementation of a secure cipher within the embedded electronics of a smart-card can have a large number of weak points, which are unrelated to the cryptographic strength of that cipher. Side-channel information leaks may disclose internal secrets through the cipher's power consumption, execution time, and other physical implementation effects. Affecting hardware as well as software, these leaks show that a secure embedded system is no stronger than its weakest link.This project creates a systematic design approach that iteratively partitions an embedded system into a security-critical and a non-critical part. The partitioning goes across the boundaries of hardware and software and is guided by side-channel estimators. The partitioned components are then safely integrated using secure hardware-software interfaces. The result is a flexible yet secure system design, that combines the flexibility of software with the robustness of hardware.The project's intellectual merit is a design methodology for secure embedded system design. The methodology complements a traditional embedded design approach that focuses on performance and design-cost but not on security and side-channel information leaks.The project trains computer engineers at the undergraduate level in hardware/software codesign, and at the graduate level in secure embedded systems design. The training software from this course forms the basis of the secure design flow, and it is freely distributed on CD-ROM. The software is serving other academic institutions that establish similar undergraduate courses. The secure methodology enables collaboration between embedded system designers and cryptographers, and helps them to build embedded systems that are less prone to attacks and fraud.

Patrick SchaumontVirginia理工学院和州立大学职业：安全嵌入式系统的硬件/软件协同设计：方法和教育摘要在智能卡的嵌入式电子设备中实现安全密码可能存在大量的弱点，这些弱点与该密码的加密强度无关。侧信道信息泄露可能会通过密码的功耗、执行时间和其他物理实现效果泄露内部秘密。这些漏洞不仅影响硬件，也影响软件，表明一个安全的嵌入式系统并不比它最薄弱的环节更强大。这个项目创建了一个系统的设计方法，迭代地将嵌入式系统划分为安全关键部分和非关键部分。分割跨越硬件和软件的边界，并由旁信道估计器指导。然后使用安全的硬件软件接口安全地集成分区组件。其结果是一个灵活而安全的系统设计，结合了软件的灵活性和硬件的健壮性。该方案的智力优势在于为安全嵌入式系统的设计提供了一种设计方法。该方法是传统嵌入式设计方法的补充，传统嵌入式设计方法关注性能和设计成本，而不关注安全性和侧信道信息泄漏。该项目培训计算机工程师在硬件/软件协同设计的本科水平，并在安全嵌入式系统设计的研究生水平。本课程的培训软件构成了安全设计流程的基础，并以光盘形式免费分发。该软件正在为其他开设类似本科课程的学术机构提供服务。安全方法支持嵌入式系统设计人员和密码学家之间的协作，并帮助他们构建不容易受到攻击和欺诈的嵌入式系统。