Open-source ReSilient Hardware and software for Internet of thiNgs

Projektinformationen

ORSHIN

ID Finanzhilfevereinbarung: 101070008

DOI

10.3030/101070008

Projekt abgeschlossen

EK-Unterschriftsdatum 20 Juni 2022

Startdatum 1 Oktober 2022

Enddatum 30 September 2025

Finanziert unter

Civil Security for Society

Gesamtkosten

€ 3 814 500,00

EU-Beitrag

€ 3 814 500,00

3 814 500,00

Koordiniert durch

TECHNIKON FORSCHUNGS- UND PLANUNGSGESELLSCHAFT MBH
Austria

CORDIS bietet Links zu öffentlichen Ergebnissen und Veröffentlichungen von HORIZONT-Projekten.

Links zu Ergebnissen und Veröffentlichungen von RP7-Projekten sowie Links zu einigen Typen spezifischer Ergebnisse wie Datensätzen und Software werden dynamisch von OpenAIRE abgerufen.

Leistungen

Report about security requirements

This report explains how abstract high-level security requirements are handled in the trusted life cycle and how they are broken down into more concrete procedural requirements for the life cycle phases, and into low-level security requirements for the components.

Models for formal verification

This deliverable is a report describing how to verify the security of software running on the RISC-V processor from D3.1 and describing models for formal verification of open-source cryptographic hardware accelerators against physical attacks as used in D3.2. There will be an interim version provided for the review in M18.

Report about essential and beyond-essential s&p guarantees for intra-device communication in restricted environments

This report is the output of T5.3 and T5.4 and shows how to design and implement protocols to provide essential and beyond-essential security and privacy guarantees for intra-device communication taking advantage of open-source hardware. There will be an interim version provided for the review in M18.

Report about trusted life cycle design methodology for OSH

The deliverable provides the description of the methodology for composing open-source components. We envision a trusted life cycle of the device composed of several phases. The report will formalize these phases and identify the interaction and feedback of the design and production process up to the device decommissioning. The report provides the guidelines for the secure composition of building blocks. The guidelines help to achieve a secure result leveraging the security features of each component.

Report on security audit and testing

This report will describe the design of hardware/firmware hybrid security testing mechanism and the advanced security testing of mixed source firmware programs. There will be an interim version provided for the review in M18.

Project quality plan

The project quality plan (the project handbook) constitutes a set of project templates and explains the project management, review and internal quality control process, as well as other organizational topics such as meeting organization.

Report about essential and beyond-essential s&p guarantees for inter-device communication in restricted environments

This report is the output of T5.1 and T5.2 and describes how to design and implement protocols to provide essential and beyond-essential security and privacy guarantees for device to device communication taking advantage of open-source hardware. There will be an interim version provided for the review in M18.

Prototype of automatic security pre-silicon SW testing

This deliverable will consist into a research prototype of the hardware firmware hybrid security testing mechanism that is compatible with mixed open-source/closed-source firmware programs.

WP3, WP4, WP5 Demonstrator platform

Final project delivery, report and user guide how to reuse the delivery artefacts, reproduce the results for executable examples, final evaluation of project and suggestions for future work will be part of the report. The deliverable will be accompanied by a confidential appendix including sensitive information.

RISC-V processor with countermeasures against microarchitectural attacks

This deliverable is an open-source implementation of a RISC-V processor with countermeasures against microarchitectural attacks.

Hardware implementations of cryptographic building blocks with formally verifiable protection against physical attacks

This deliverable are open-source hardware implementations of cryptographic building blocks with formally verifiable protection against physical attacks.

Intra-device and inter-device secure communication prototypes

This deliverable provides prototypes (i.e., implementations) of secure intra-device and inter-device communication protocols. The prototypes will be used in WP6’s demonstrators.

Veröffentlichungen

An in-depth security evaluation of the Nintendo DSi gaming console

Veröffentlicht in: 2024, ISBN 978-3-031-54409-5
Herausgeber: Springer, Cham
DOI: 10.1007/978-3-031-54409-5_2

EmuOCPP: Effective and Scalable OCPP Security and Privacy Testing

Autoren: Soumaya Boussaha, Victor Fresno-Gomez, Thomas Barber, Daniele Antonioli
Veröffentlicht in: 2025, ISBN 978-1-939133-49-6
Herausgeber: USENIX

Architectural Mimicry: Innovative Instructions to Efficiently Address Control-Flow Leakage in Data-Oblivious Programs

Autoren: Hans Winderix, Marton Bognar, Job Noorman, Lesly-Ann Daniel, Frank Piessens
Veröffentlicht in: 2024 IEEE Symposium on Security and Privacy (SP), 2024
Herausgeber: IEEE
DOI: 10.1109/SP54263.2024.00047

BLUFFS: Bluetooth Forward and Future Secrecy Attacks and Defenses

Veröffentlicht in: CCS '23: Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023
DOI: 10.1145/3576915.3623066

MicroProfiler: Principled Side-Channel Mitigation through Microarchitectural Profiling

Autoren: Bognar, Marton; Winderix, Hans; Van Bulck, Jo; Piessens, Frank
Veröffentlicht in: 2023 IEEE 8th European Symposium on Security and Privacy (EuroS&P), 2023
DOI: 10.1109/eurosp57164.2023.00045

CTRAPS: CTAP Client Impersonation and API Confusion on FIDO2

Veröffentlicht in: IEEE Euro S&P, 2025
Herausgeber: IEEE Euro S&P
DOI: 10.48550/ARXIV.2412.02349

SimProcess: High Fidelity Simulation of Noisy ICS Physical Processes

Autoren: Denis Donadel, Gabriele Crestanello, Giulio Morandini, Daniele Antonioli, Mauro Conti and Massimo Merro
Veröffentlicht in: 2025
DOI: 10.48550/ARXIV.2505.22638

Bluetooth Security Testing with BlueToolkit: a Large-Scale Automotive Case Study

Autoren: V. Zubkov, T. Sacchetti, D. Antonioli, M. Strohmeier
Veröffentlicht in: 2025, ISBN 978-1-939133-50-2
Herausgeber: 19th USENIX WOOT Conference on Offensive Technologies

Design, implementation and validation of NSCP: a New Secure Channel Protocol for hardened IoT

Autoren: Alberto Battistello, Guido Bertoni, Vittorio Zaccaria, Joan Bushi
Veröffentlicht in: DATE 2025, 2025
Herausgeber: DATE 2025

Efficient attack-surface exploration for electromagnetic fault injection

Autoren: Carta, Daniele Antonio Emanuele; Zaccaria, Vittorio; Molteni, Maria Chiara; Quagliarella, Gabriele
Veröffentlicht in: Constructive Side-Channel Analysis and Secure Design, 2023, ISBN 978-3-031-29497-6
Herausgeber: Springer, Cham
DOI: 10.5281/zenodo.7820870

Partial Key Overwrite Attacks in Microcontrollers: a Survey

Autoren: Pcy Sluys, Benedikt Gierlichs
Veröffentlicht in: CASCADE 2025, 2025
Herausgeber: CASCADE

JWT Back to the future On the (ab)use of JWTs in IoT transactions

Veröffentlicht in: 2025
Herausgeber: Zenodo
DOI: 10.5281/ZENODO.17206208

Libra: Architectural Support For Principled, Secure And Efficient Balanced Execution On High-End Processors

Autoren: Hans Winderix, Marton Bognar, Lesly-Ann Daniel, Frank Piessens
Veröffentlicht in: Proceedings of the 2024 on ACM SIGSAC Conference on Computer and Communications Security, 2025
Herausgeber: ACM
DOI: 10.1145/3658644.3690319

ProSpeCT: Provably Secure Speculation for the Constant-Time Policy

Veröffentlicht in: Usenix Security 2023, 2023
Herausgeber: Usenix
DOI: 10.48550/ARXIV.2302.12108

Wait a Cycle: Eroding Cryptographic Trust in Low-End TEEs via Timing Side Channels

Veröffentlicht in: 2025
DOI: 10.5281/ZENODO.16674672

Low-Cost First-Order Secure Boolean Masking in Glitchy Hardware

Autoren: S V Dilip Kumar; Josep Balasch; Benedikt Gierlichs; Ingrid Verbauwhede
Veröffentlicht in: 2023 Design, Automation & Test in Europe Conference & Exhibition (DATE), 2023, ISSN 1558-1101
Herausgeber: IEEE Explore
DOI: 10.23919/date56975.2023.10136920

Hardware Cost Evaluation in Systems Security

Autoren: Jesse De Meulemeester, Quinten Norga, Frank Piessens, Ingrid Verbauwhede, Marton Bognar
Veröffentlicht in: 2025
Herausgeber: ACM

Intellectual property exposure: subverting and securing intellectual property encapsulation in texas instruments microcontrollers

Veröffentlicht in: 2025
Herausgeber: Usenix
DOI: 10.5555/3698900.3699021

Duplication-Based Fault Tolerance for RISC-V Embedded Software

Autoren: Volodymyr Bezsmertnyi, Jean-Michel Cioranesco, Thomas Eisenbarth
Veröffentlicht in: Lecture Notes in Computer Science, Computer Security – ESORICS 2024, 2024
Herausgeber: Springer Nature Switzerland
DOI: 10.1007/978-3-031-70903-6_5

Lightweight Countermeasures Against Original Linear Code Extraction Attacks on a RISC-V Core

Autoren: Gousselot, Théophile; Thomas, Olivier; Dutertre, Jean-Max; Potin, Olivier; Rigaud, Jean-Baptiste
Veröffentlicht in: 2023 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), 2023
DOI: 10.1109/host55118.2023.10133316

openIPE: An Extensible Memory Isolation Framework for Microcontrollers

Veröffentlicht in: 2025
DOI: 10.5281/ZENODO.16674390

CheckOCPP: Automatic OCPP Packet Dissection and Compliance Check

Veröffentlicht in: IEEE European Symposium on Security and Privacy, 2025
Herausgeber: IEEE
DOI: 10.5281/ZENODO.15780183

E-Spoofer: Attacking and Defending Xiaomi Electric Scooter Ecosystem

Autoren: Marco Casagrande; Riccardo Cestaro; Eleonora Losiouk; Mauro Conti; Daniele Antonioli
Veröffentlicht in: Proceedings of the 16th ACM Conference on Security and Privacy in Wireless and Mobile Networks, 2023
DOI: 10.5281/zenodo.8004604

AttackDefense Framework (ADF): Enhancing IoT Devices and Lifecycles Threat Modeling

Autoren: Tommaso Sacchetti, Marton Bognar, Jesse De Meulemeester, Benedikt Gierlichs, Frank Piessens, Volodymyr Bezsmertnyi, Maria Chiara Molteni, Stefano Cristalli, Arianna Gringiani, Olivier Thomas, Daniele Antonioli
Veröffentlicht in: ACM Transactions on Embedded Computing Systems, 2024, ISSN 1539-9087
Herausgeber: Association for Computing Machinery (ACM)
DOI: 10.1145/3698396

IEEE Electron Device Letters

Autoren: P. Saraza-Canflanca; F. Fodor; J. Diaz-Fortuny; B. Gierlichs; R. Degraeve; B. Kaczer; I. Verbauwhede; E. Bury
Veröffentlicht in: IEEE Electron Device Letters, 2024, ISSN 0741-3106
Herausgeber: Institute of Electrical and Electronics Engineers
DOI: 10.1109/led.2024.3369860

Time Sharing - A Novel Approach to Low-Latency Masking

Autoren: Dilip Kumar S. V., Siemen Dhooghe, Josep Balasch, Benedikt Gierlichs, Ingrid Verbauwhede
Veröffentlicht in: IACR Transactions on Cryptographic Hardware and Embedded Systems, Ausgabe 2024, 2024, ISSN 2569-2925
Herausgeber: Universitatsbibliothek der Ruhr-Universitat Bochum
DOI: 10.46586/tches.v2024.i3.249-272

Higher-Order Time Sharing Masking

Autoren: Dilip Kumar S. V., Siemen Dhooghe, Josep Balasch, Benedikt Gierlichs, Ingrid Verbauwhede
Veröffentlicht in: IACR Transactions on Cryptographic Hardware and Embedded Systems, Ausgabe 2025, 2025, ISSN 2569-2925
Herausgeber: Universitatsbibliothek der Ruhr-Universitat Bochum
DOI: 10.46586/TCHES.V2025.I2.235-267

Low-Cost First-Order Secure Boolean Masking in Glitchy Hardware

Autoren: S. V. Dilip Kumar, Josep Balasch, Benedikt Gierlichs, Ingrid Verbauwhede
Veröffentlicht in: IEEE Transactions on Information Forensics and Security, Ausgabe 20, 2025, ISSN 1556-6013
Herausgeber: Institute of Electrical and Electronics Engineers (IEEE)
DOI: 10.1109/TIFS.2025.3541442

Suche nach OpenAIRE-Daten ...

Leistungen

Veröffentlichungen

Diese Seite teilen Diese Seite in sozialen Netzwerken teilen

Herunterladen Den Inhalt der Seite herunterladen