Project description DEENESFRITPL Trusted life cycle for secure devices based on open-source hardware The EU-funded ORSHIN project aims to build connected OSH devices, such as (I)IoT ones, taking advantage of unprecedented opportunities provided by open-source hardware. The project will specify a novel and dependable methodology to develop, maintain and decommission OSH devices which we call trusted life cycle. The project will research new formal verification models and tools to protect OSH devices from critical threats such as side-channel and fault injection vulnerabilities. ORSHIN will investigate novel security testing procedures for OSH devices, including hardware-assisted firmware testing and silicon-level auditing techniques. The ORSHIN team will develop novel and robust protocols pivoting on OSH blocks to provide essential and beyond-essential security and privacy guarantees for inter-device and intra-device communication. The ORSHIN outcomes will be demonstrated with prototypes involving actual OSH devices. Show the project objective Hide the project objective Objective It is common wisdom that security is only as strong as the weakest link in a chain. However, identifying the chain and its weak links is a huge challenge, even more so for open-source hardware aimed at the Internet of Things (IoT), industrial IoT and critical infrastructure. Most of these devices operate in constrained environments, with limited energy budgets and routinely lack essential security and privacy guarantees. The primary goal of the ORSHIN project is to create a generic and holistic methodology, which we call the ‘trusted life cycle’ to develop and manage connected devices based on open-source hardware. We identified a chain of six essential phases: Design, Implementation, Evaluation, Installation, Maintenance, and Retirement. The life cycle will specify how to translate abstract security goals (e.g. build a secure IoT product) into security policies for the phases, and further into concrete security requirements for the building blocks of the product (e.g. use 128-bit keys).Using this holistic view, ORSHIN will address critical links, corresponding to three important expected outcomes mentioned in the call, to reduce the security threats associated with open-source connected devices:1. We will propose new models of security properties in order to extend formal verification to the secure, open-source hardware realm.2. To enable effective security audits of open-source hardware and embedded software, we will develop practical, fast, and hardware-augmented testing techniques.3. We will create secure and privacy-preserving protocols for intra-device and inter-device communication to provide secure communication and authentication methods for connected devices.These ambitious objectives, leading to open-source demonstrators at TRL4, are proposed by an international consortium with complementary experience, consisting of four high-tech SME’s in collaboration with two excellent academic partners and one important European semiconductor company. Fields of science natural sciencescomputer and information sciencesinternetinternet of thingsnatural sciencescomputer and information sciencessoftwarenatural sciencesphysical scienceselectromagnetism and electronicssemiconductivity Programme(s) HORIZON.2.3 - Civil Security for Society Main Programme HORIZON.2.3.3 - Cybersecurity Topic(s) HORIZON-CL3-2021-CS-01-02 - Improved security in open-source and open-specification hardware for connected devices Call for proposal HORIZON-CL3-2021-CS-01 See other projects for this call Funding Scheme HORIZON-AG - HORIZON Action Grant Budget-Based Coordinator TECHNIKON FORSCHUNGS- UND PLANUNGSGESELLSCHAFT MBH Net EU contribution € 360 625,00 Address Burgplatz 3a 9500 Villach Austria See on map SME The organization defined itself as SME (small and medium-sized enterprise) at the time the Grant Agreement was signed. Yes Region Südösterreich Kärnten Klagenfurt-Villach Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Website Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Other funding € 0,00 Participants (6) Sort alphabetically Sort by Net EU contribution Expand all Collapse all KATHOLIEKE UNIVERSITEIT LEUVEN Belgium Net EU contribution € 792 750,00 Address Oude markt 13 3000 Leuven See on map Region Vlaams Gewest Prov. Vlaams-Brabant Arr. Leuven Activity type Higher or Secondary Education Establishments Links Contact the organisation Opens in new window Website Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Other funding € 0,00 EURECOM GIE France Net EU contribution € 459 250,00 Address Route des chappes 450 campus sophia antipolis 06410 Biot See on map Region Provence-Alpes-Côte d’Azur Provence-Alpes-Côte d’Azur Alpes-Maritimes Activity type Higher or Secondary Education Establishments Links Contact the organisation Opens in new window Website Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Other funding € 0,00 NXP SEMICONDUCTORS GERMANY GMBH Germany Net EU contribution € 725 000,00 Address Troplowitzstrasse 20 22529 Hamburg See on map Region Hamburg Hamburg Hamburg Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Other funding € 0,00 SECURITY PATTERN SRL Italy Net EU contribution € 531 250,00 Address Via boccaccio 58 25080 Mazzano See on map SME The organization defined itself as SME (small and medium-sized enterprise) at the time the Grant Agreement was signed. Yes Region Nord-Ovest Lombardia Brescia Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Other funding € 0,00 TEXPLAINED France Net EU contribution € 400 000,00 Address 1 traverse des brucs - arep center 06560 Valbonne See on map SME The organization defined itself as SME (small and medium-sized enterprise) at the time the Grant Agreement was signed. Yes Region Provence-Alpes-Côte d’Azur Provence-Alpes-Côte d’Azur Alpes-Maritimes Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Other funding € 0,00 TROPIC SQUARE S.R.O Czechia Net EU contribution € 545 625,00 Address Kundratka 2359/17a 18000 Prague See on map SME The organization defined itself as SME (small and medium-sized enterprise) at the time the Grant Agreement was signed. Yes Region Česko Praha Hlavní město Praha Activity type Private for-profit entities (excluding Higher or Secondary Education Establishments) Links Contact the organisation Opens in new window Participation in EU R&I programmes Opens in new window HORIZON collaboration network Opens in new window Other funding € 0,00
