Skip to main content
Go to the home page of the European Commission (opens in new window)
English English
CORDIS - EU research results
CORDIS

Hardware-assisted Adaptive Cross-Layer Security for Computing Systems

Project description

Sustainable security for computing systems

Recent attacks have used software to exploit hardware vulnerabilities to steal sensitive information, bypass protection mechanisms or even compromise the entire computer system. These so-called cross-layer vulnerabilities include well-known attacks such as Spectre, Meltdown and Foreshadow. They affect a wide range of computing platforms, from low-end devices to server systems of different architectures and vendors, such as Intel, AMD and ARM. Importantly, they refute traditional threat models focused mainly on software-only vulnerabilities. Existing solutions such as software patching or specific hardware changes are ad hoc, expensive or only effective against certain attacks. The EU-funded HYDRANOS project plans to develop dedicated configurable designs for the identified important security-relevant hardware components. These components will enable the computing platform to adapt to changing threat models.

Objective

Today's computing systems are facing an unprecedented security threat posed by recent attacks that use software to exploit hardware vulnerabilities, as shown by attacks like Spectre, Meltdown, Foreshadow, and follow-ups - affecting a wide range of computing platforms and manufacturers, including Intel, AMD, and ARM. These cross-layer attacks reach far beyond exploiting microarchitectural vulnerabilities and allow unprivileged software to exploit a variety of hardware design and implementation flaws, as we demonstrated in the world's largest System-on-Chip (SoC) security competition that we have been conducting with Intel since 2018. This adversarial paradigm shift sidesteps decades of security research that assumed a layered architecture where hardware is flawless and trustworthy. Existing solutions, such as software patching or specific hardware changes are ad-hoc, expensive, or only mitigate specific known attacks. Particularly, patching hardware after fabrication is very limited or impossible.

This proposal, HYDRANOS, envisions hardware-assisted adaptive security, a radically different approach to enable flexible security for future computing systems. We aim to design, prototype, and evaluate dedicated configurable hardware inside the SoC design to enable post-fabrication reconfiguration of key security-relevant hardware primitives to mitigate new attack vectors. Moreover, we provide an evaluation framework that includes novel hardware fuzzing techniques to significantly improve existing hardware-vulnerability detection methods at design time.

HYDRANOS is a game changer for trustworthy computing, allows to fundamentally and flexibly tackle todays and future cross-layer attacks on security-critical systems, and provides novel research to pave the way towards future-proof security. We will showcase our results on open-source hardware widely supported by academia and industry and provide it to the research community, allowing open verification by third-parties.

Fields of science (EuroSciVoc)

CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: The European Science Vocabulary.

You need to log in or register to use this function

Keywords

Project’s keywords as indicated by the project coordinator. Not to be confused with the EuroSciVoc taxonomy (Fields of science)

Programme(s)

Multi-annual funding programmes that define the EU’s priorities for research and innovation.

Topic(s)

Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.

Funding Scheme

Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.

HORIZON-ERC - HORIZON ERC Grants

See all projects funded under this funding scheme

Call for proposal

Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.

(opens in new window) ERC-2021-ADG

See all projects funded under this call

Host institution

TECHNISCHE UNIVERSITAT DARMSTADT
Net EU contribution

Net EU financial contribution. The sum of money that the participant receives, deducted by the EU contribution to its linked third party. It considers the distribution of the EU financial contribution between direct beneficiaries of the project and other types of participants, like third-party participants.

€ 2 485 281,00
Address
KAROLINENPLATZ 5
64289 DARMSTADT
Germany

See on map

Region
Hessen Darmstadt Darmstadt, Kreisfreie Stadt
Activity type
Higher or Secondary Education Establishments
Links
Total cost

The total costs incurred by this organisation to participate in the project, including direct and indirect costs. This amount is a subset of the overall project budget.

€ 2 485 281,00

Beneficiaries (1)

My booklet 0 0