SIPP - Secure IoT Processor Platform with Remote Attestation

As the world becomes ever more connected, the vast number of Internet of things (IoT) devices necessitates the use of smart, autonomous machine-to-machine communications; however, this poses serious security and privacy issues as we will no longer have direct control over with what or whom our devices communicate. Counterfeit, hacked, or cloned devices acting on a network can have significant consequences: for individuals through the leakage of confidential and personal information, in terms of monetary costs (for e.g. the loss of access to web services - Mirai attack on Dyn took down Twitter, Spotify, Reddit); or for critical national infrastructure, through the loss of control of safety-critical industrial and cyber-physical IoT systems.

In addition, IoT devices are often low-cost, low power devices that are restricted in both memory and computing power. A major challenge is how to address the need for security in such resource-constrained devices. As companies race to get IoT devices to market, many do not consider security or, all too often, security is an afterthought. As such, a common theme in all realms of IoT is the need for dependability and security.

The SIPP project aims to rethink how security is built into IoT processor platforms. Firstly, the architectural fundamentals of a processor design need to be re-engineered to assure the security of individual on-chip components. This has become increasingly evident with the recent Spectre and Meltdown attacks. On the upper layer of systems-on-chip (SoCs), hardware authentication of chip sub-systems and the entire chip is crucial to detect malicious hardware modification. Then, at the systems layer (i.e., multiple chips on a common printed circuit board), innovative approaches for remote attestation will be investigated to determine the integrity at board level. Finally, the security achieved at all hierarchical layers will be assessed by investigating physical-level vulnerabilities to ensure there is no physical leakage of the secrets on which each layer relies.

The proposed project brings together the core partners of the NCSC/EPSRC-funded Research Institute in Secure Hardware and Embedded Systems (RISE), that is, Queen's University Belfast and the Universities of Cambridge, Bristol and Birmingham, with the leading academics in the field of hardware security and security architecture design from the National University of Singapore and Nanyang Technological University, to develop a novel secure IoT processor platform with remote attestation implemented on the RISC-V architecture.

The overall goal of the SiPP project is to develop a novel IoT processor platform that has strong effective security mechanisms built-in at the design stage to ensure that the platform itself is tamper-proof and secure against Meltdown and Spectre-type micro-architectural attacks and other forms of side-channel attacks, with an additional layer of security offered through remote attestation capability. Hence, the provision of security assurances to IoT devices, acts as an enabling layer for IoT applications and analytics, which when in full deployment will result in significant societal impact through, for example, more intelligent food production, energy consumption, traffic congestion/collision avoidance and remote healthcare applications.

In terms of direct economic impact, the project partners, Arm, Ericsson, Soitec and the UK National Cyber Security Centre (NCSC) will be the first users and beneficiaries of the research outputs, but further beneficiaries will naturally ensue. Ericsson is one of the leading providers of ICT solutions to service providers. They currently have a particular focus on IoT and promote the view that IoT security must be built in from the beginning. Their vision is to have end-to-end secure IoT devices and services, and hence are interested in all of the WPs in the proposed project. The project is also of significant interest to NCSC as it fits with their philosophy of 'secure by default' design. Soitec is a world leader in the design of innovative semiconductor materials, and offer solutions for improving the performance and energy-efficiency of integrated circuits (ICs). Hence they are particularly interested in the proposed research on security- and energy-aware design approaches. The collaboration with Arm Research, the world's leading provider of processor IP used in the IoT and mobile space, offers the opportunity to interact with countless real-world consumers of processor technologies in IoT products.

The RISE ISAB which includes hardware manufacturers, product designers and user communities also offers potential routes to exploitation. Also, the RISE business development manager's role involves establishing forums to facilitate research and industry engagement and can also help to facilitate new industry partnerships during the lifetime of the SIPP project.

The project will also enrich the skills pool both in the UK and Singapore with uniquely skilled researchers in hardware security, and more specifically in the areas of secure IoT processor design, PUF design, attestation approaches, and physical attack vulnerabilities. In addition, experiences and insights developed in the project will be reflected back into the teaching curriculum of Masters courses in Cyber Security at respective institutions.