SecExec

The Internet of Things (IoT) allows the interconnection of several embedded devices that manipulate data of different types and perform critical tasks. This environment promises to be a source of great benefits to people lives but it definitely brings new requirements to their effective implementation. Among them, security, safety and privacy have emerged as new and critical dimensions of the design of embedded systems. Therefore, finding solutions to this pressing social issue is mandatory. Despite the importance of empowering IoT with strong security, the paradigm shift brought with this new technology poses a challenging problem for the design of security mechanisms: while the devices need to be kept small and low-cost, the huge amount and potentially sensitive nature of the data collected and transported by these devices will have significant privacy implications. At the same time, any practical security solution must take into account the constrained resources and limited tamper-resistance of a typical IoT device. In this context, the present research project proposes a co-design approach (cryptographic software making use of architectural support in the hardware) for the protection of embedded devices operating under IoT environments. The objective is to design and implement lightweight cryptographic schemes for IoT devices and other embedded platforms, integrating them with architecture-provided instruction-level side-channel resistance. The combination of hardware and software resources should be validated both by formal analysis of the running software and experimental evaluation of the architecture features.