This paper presents a definition of a secure system and design principles, which help govern security policies within an embedded system. By understanding a secure system, a common system on chip (SoC) architecture is evaluated and their vulnerabilities explored. This effort helped define requirements for a framework for a secure and isolated SoC architecture for users to develop in. Throughout this paper, a SoC architecture framework for isolated domains has been proposed and its robustness verified against different attack scenarios. To support different levels of criticality and complexity in developing user applications, three computing domains were proposed: security and safety critical (SSC) domain, high performance (HP) domain, and sandbox domain. These domains allow for complex applications to be realized with varying levels of security. Isolation between different computing domains is established using consumer off the shelf (COTS) techniques and architectural components provided by the Zynq Ultrascale+ (ZU+) multiprocessor SoC (MPSoC). To the best of our knowledge, this is the first work that implements a secure system design on the ZU+ platform. There have been many other implementations in hardware security to mitigate certain attack scenarios such as side channel attacks, temporal attacks, hardware trojans, etc. However, our work is different than others, as it establishes the framework for isolated computing domains for secure applications and also verifies system security by attacking one domain from the others.

Supervisory Control and Data Acquisition (SCADA) systems are utilized extensively in critical power grid infrastructures. Modern SCADA systems have been proven to be susceptible to cyber-security attacks and require improved security primitives in order to prevent unwanted influence from an adversarial party. One section of weakness in the SCADA system is the integrity of field level sensors providing essential data for control decisions at a master station. In this paper we propose a lightweight hardware scheme providing inferred authentication for SCADA sensors by combining an analog to digital converter and a permutation generator as a single integrated circuit. Through this method we encode critical sensor data at the time of sensing, so that unencoded data is never stored in memory, increasing the difficulty of software attacks. We show through experimentation how our design stops both software and hardware false data injection attacks occurring at the field level of SCADA systems.

Embedded memory are important components in system-on-chip, which may be crippled by aging and wear faults or Hardware Trojan attacks to compromise run-time security. The current built-in self-test and pre-silicon verification lack efficiency and flexibility to solve this problem. To this end, we address such vulnerabilities by proposing a run-time memory security detecting framework in this paper. The solution builds mainly upon a centralized security detection controller for partially reconfigurable inspection content, and a static memory wrapper to handle access conflicts and buffering testing cells. We show that a field programmable gate array prototype of the proposed framework can pursue 16 memory faults and 3 types Hardware Trojans detection with one reconfigurable partition, whereas saves 12.7% area and 2.9% power overhead compared to a static implementation. This architecture has more scalable capability with little impact on the memory accessing throughput of the original chip system in run-time detection.

With the global transition to the IPv6 (Internet Protocol version 6), IP (Internet Protocol) validation efficiency and IPv6 support from the aspect of network programming are gaining more importance. As global computer networks grow in the era of IoT (Internet of Things), IP address validation is an inevitable process for assuring strong network privacy and security. The complexity of IP validation has been increased due to the rather drastic change in the memory architecture needed for storing IPv6 addresses. Low-level programming languages like C/C++ are a great choice for handling memory spaces and working with simple devices connected in an IoT (Internet of Things) network. This paper analyzes some user-defined and open-source implementations of IP validation codes in Boost. Asio and POCO C++ networking libraries, as well as the IP security support provided for general networking purposes and IoT. Considering a couple of sample codes, the paper gives a conclusion on whether these C++ implementations answer the needs for flexibility and security of the upcoming era of IPv6 addressed computers.

The spread of the Internet of Things (IoT) and cloud services leads to a request for secure communication between devices, known as zero-trust security. The authors have been developing CYber PHysical Overlay Network over Internet Communication (CYPHONIC) to realize secure end-to-end communication among devices. A device requires installing the client program into the devices to realize secure communication over our overlay network. However, some devices refuse additional installation of external programs due to the limitation of system and hardware resources or the effect on system reliability. We proposed new technology, a CYPHONIC adapter, to support these devices. Currently, the CYPHONIC adapter supports only IPv4 virtual addresses and needs to be compatible with general devices that use IPv6. This paper proposes the dual-stack CYPHONIC adapter supporting IPv4/IPv6 virtual addresses for general devices. The prototype implementation shows that the general device can communicate over our overlay network using both IP versions through the proposed CYPHONIC adapter.

IoT technology is finding new applications every day and everywhere in our daily lives. With that, come new use cases with new challenges in terms of device and data security. One of such challenges arises from the fact that many IoT devices/nodes are no longer being deployed on owners' premises, but rather on public or private property other than the owner's. With potential physical access to the IoT node, adversaries can launch many attacks that circumvent conventional protection methods. In this paper, we propose Secure SoC (SecSoC), a secure system-on-chip architecture that mitigates such attacks. This include logical memory dump attacks, bus snooping attacks, and compromised operating systems. SecSoC relies on two main mechanisms, (1) providing security extensions to the compute engine that runs the user application without changing its instruction set, (2) adding a security management unit (SMU) that provide HW security primitives for encryption, hashing, random number generators, and secrets store (keys, certificates, etc.). SecSoC ensures that no secret or sensitive data can leave the SoC IC in plaintext. SecSoC is being implemented in Bluespec System V erilog. The experimental results will reveal the area, power, and cycle time overhead of these security extensions. Overall performance (total execution time) will also be evaluated using IoT benchmarks.

The latest generation of IoT systems incorporate machine learning (ML) technologies on edge devices. This introduces new engineering challenges to bring ML onto resource-constrained hardware, and complications for ensuring system security and privacy. Existing research prescribes iterative processes for machine learning enabled IoT products to ease development and increase product success. However, these processes mostly focus on existing practices used in other generic software development areas and are not specialized for the purpose of machine learning or IoT devices. This research seeks to characterize engineering processes and security practices for ML-enabled IoT systems through the lens of the engineering lifecycle. We collected data from practitioners through a survey (N=25) and interviews (N=4). We found that security processes and engineering methods vary by company. Respondents emphasized the engineering cost of security analysis and threat modeling, and trade-offs with business needs. Engineers reduce their security investment if it is not an explicit requirement. The threats of IP theft and reverse engineering were a consistent concern among practitioners when deploying ML for IoT devices. Based on our findings, we recommend further research into understanding engineering cost, compliance, and security trade-offs.

"Security first" is the most concerned issue of Linux administrators. Security refers to the integrity of data. The authentication security and integrity of data are higher than the privacy security of data. Firewall is used to realize the function of access control under Linux. It is divided into hardware or software firewall. No matter in which network, the firewall must work at the edge of the network. Our task is to define how the firewall works. This is the firewall's policies and rules, so that it can detect the IP and data in and out of the network. At present, there are three or four layers of firewalls on the market, which are called network layer firewalls, and seven layers of firewalls, which are actually the gateway of the agent layer. But for the seven layer firewall, no matter what your source port or target port, source address or target address is, it will check all your things. Therefore, the seven layer firewall is more secure, but it brings lower efficiency. Therefore, the usual firewall schemes on the market are a combination of the two. And because we all need to access from the port controlled by the firewall, the work efficiency of the firewall has become the most important control of how much data users can access. This paper introduces two types of firewalls iptables and TCP\_Wrappers. What are the differences between the use policies, rules and structures of the two firewalls? This is the problem to be discussed in this paper.

In the context of the Internet of Things (IoT), lightweight block ciphers are of vital importance. Due to the nature of the devices involved, traditional security solutions can add overhead and perhaps inhibit the application's objective due to resource limits. Lightweight cryptography is a novel suite of ciphers that aims to provide hardware-constrained devices with a high level of security while maintaining a low physical cost and high performance. In this paper, we are going to evaluate the performance of some of the recently proposed lightweight block ciphers (GIFT-COFB, Romulus, and TinyJAMBU) on the Arduino Due. We analyze data on each algorithm's performance using four metrics: average encryption and decryption execution time; throughput; power consumption; and memory utilization. Among our chosen ciphers, we find that TinyJAMBU and GIFT-COFB are excellent choices for resource-constrained IoT devices.

In this paper, two lightweight cryptography methods were introduced and developed on hardware. The PRESENT lightweight block cipher, and the DM-PRESENT lightweight hash function were implemented on Intel FPGA. The PRESENT core with 64-bit block data and 80-bit data key consumes 2,945 logic element, 1,824 registers, and 273,408 memory bits. Meanwhile, the DM-PRESENT core with 64-bit input and 80-bit key consumes 2,336 logic element, 1,380 registers, and 273,408 memory bits. The PRESENT core with 128-bit key and DM-PRESENT based on this core were also implemented. These cores were simulated for functional verification and embedded in NIOS II for implementation possibility on hardware. They consumed less logic resources and power consumption compared with conventional cryptography methods.

This paper explores high throughput architectures for the substitution modules, which are an integral component of encryption algorithms. The security algorithms chosen belong to the category of lightweight crypto-primitives suitable for pervasive computing. The focus of this work is on the implementation of encryption algorithms on hardware platforms to improve speed and facilitate optimization in the area and power consumption of the design. In this work, the architecture for the encryption algorithms' substitution box (S-box) is modified using switching circuits (i.e., MUX-based) along with a logic generator and included in the overall cipher design. The modified architectures exhibit high throughput and consume less energy in comparison to the state-of-the-art designs. The percentage increase in throughput or maximum frequency differs according to the chosen algorithms discussed elaborately in this paper. The evaluation of various metrics specific to the design are executed at RFID-specific frequency so that they can be deployed in an IoT environment. The designs are mainly simulated and compared on Nexys4 DDR FPGA platform, along with a few other FPGAs, to meet similar design and implementation environments for a fair comparison. The application of the proposed S-box modification is explored for the healthcare scenario with promising results.

In recent years, the use of the Internet of Things (IoT) has increased rapidly in different areas. Due to many IoT applications, many limitations have emerged such as power consumption and limited resources. The security of connected devices is becoming more and more a primary need for the reliability of systems. Among other things, power consumption remains an essential constraint with a major impact on the quality of the encryption system. For these, several lightweight cryptography algorithms were proposed and developed. The PRESENT algorithm is one of the lightweight block cipher algorithms that has been proposed for a highly restrictive application. In this paper, we have proposed an efficient hardware serial architecture that uses 16 bits for data path encryption. It uses fewer FPGA resources and achieves higher throughput compared to other existing hardware applications.

With the inception of the Spectre attack in 2018, microarchitecture mitigation strategies propose secure cache hi-erarchies that do not leak the speculative state. Among many mitigation strategies, MuonTrap, proposes an efficient, secure cache hierarchy that provides speculative attack resiliency with minimum performance slowdown. Hardware prefetchers play a significant role in improving application performance by fetching and bringing data and instructions into caches before time. To prevent hardware prefetchers from leaking information about the speculative blocks brought into the cache, MuonTrap trains and triggers hardware prefetchers on the committed instruction streams, eliminating speculative state leakage. We find that on-commit prefetching can lead to significant performance slowdown as high as 20.46 % (primarily because of prefetch timeliness issues), making hardware prefetchers less effective. We propose Speculative yet Secure Prefetching (SpecPref), enhancements on top of the MuonTrap hierarchy that allows prefetching both on-commit and speculatively. We focus on improving the performance slowdown with the state-of-the-art hardware prefetchers without compromising the security guarantee provided by the MuonTrap implementation and provide an average performance slowdown of 1.17%.

Safety-critical systems require resiliency against both cyberattacks and environmental faults. Researches have shown that microkernels can isolate components and limit the capabilities of would-be attackers by confining the attack in the component that it is initiated in. This limits the propagation of faults to sensitive components in the system. Nonetheless, the isolation mechanism in microkernels is not fully investigated for its resiliency against hardware faults. This paper investigates whether microkernels provide protection against hardware faults and, if so, to what extent quantitatively. This work is part of an effort in establishing an overlap between security and reliability with the goal of maximizing both while minimizing their impact on performance. In this work, transient faults are emulated on the seL4 microkernel and Linux kernel using debugger-induced bit flips across random timestamps in benchmark applications. Results show differences in the frequency and final outcome of fault to error manifestation in the seL4 environment compared to the Linux environment, including a reduction in silent data corruptions.

True Random Number Generator (TRNG) is an important hardware security primitive for system security. TRNGs are capable of providing random bits for initialization vectors in encryption engines, for padding and nonces in authentication protocols and for seeds to pseudo random number generators (PRNG). A TRNG needs to meet the same statistical quality standards as a physical unclonable function (PUF) with regard to randomness and uniqueness, and therefore one can envision a unified architecture for both functions. In this paper, we investigate a FPGA implementation of a TRNG using the Shift-register Reconvergent-Fanout (SiRF) PUF. The SiRF PUF measures path delays as a source of entropy within a engineered logic gate netlist. The delays are measured at high precision using a time-to-digital converter, and then processed into a random bitstring using a series of linear-time mathematical operations. The SiRF PUF algorithm that is used for key generation is reused for the TRNG, with simplifications that improve the bit generation rate of the algorithm. This enables the TRNG to leverage both fixed PUF-based entropy and random noise sources, and makes the TRNG resilient to temperature-voltage attacks. TRNG bitstrings generated from a programmable logic implementation of the SiRF PUF-TRNG on a set of FPGAs are evaluated using statistical testing tools.

Physical Unclonable Functions (PUFs) are the secured hardware primitives to authenticate Integrated Circuits (ICs) from various unauthorized attacks. The secured key generation mechanism through PUFs is based on random Process Variations (PVs) inherited by the CMOS transistors. In this paper, we proposed a chaotic-based challenge generation mechanism to feed the arbiter PUFs. The chaotic property is introduced to increase the non-linearity in the arbitration mechanism thereby the uncertainty of the keys is attained. The chaotic sequences are easy to generate, difficult to intercept, and have the additional advantage of being in a large number Challenge-Response Pair (CRP) generation. The proposed design has a significant advantage in key generation with improved uniqueness and diffuseness of 47.33%, and 50.02% respectively. Moreover, the enhancement in the reliability of 96.14% and 95.13% range from −40C to 125C with 10% fluctuations in supply voltage states that it has prominent security assistance to the Internet of Things (IoT) enabled devices against malicious attacks.

Recent years have witnessed a surge in ransomware attacks. Especially, many a new variant of ransomware has continued to emerge, employing more advanced techniques distributing the payload while avoiding detection. This renders the traditional static ransomware detection mechanism ineffective. In this paper, we present our Hardware Anomaly Realtime Detection - Lightweight (HARD-Lite) framework that employs semi-supervised machine learning method to detect ransomware using low-level hardware information. By using an LSTM network with a weighted majority voting ensemble and exponential moving average, we are able to take into consideration the temporal aspect of hardware-level information formed as time series in order to detect deviation in system behavior, thereby increasing the detection accuracy whilst reducing the number of false positives. Testing against various ransomware across multiple families, HARD-Lite has demonstrated remarkable effectiveness, detecting all cases tested successfully. What's more, with a hierarchical design that distributing the classifier from the user machine that is under monitoring to a server machine, Hard-Lite enables good scalability as well.

Recommenders are central in many applications today. The most effective recommendation schemes, such as those based on collaborative filtering (CF), exploit similarities between user profiles to make recommendations, but potentially expose private data. Federated learning and decentralized learning systems address this by letting the data stay on user's machines to preserve privacy: each user performs the training on local data and only the model parameters are shared. However, sharing the model parameters across the network may still yield privacy breaches. In this paper, we present Rex, the first enclave-based decentralized CF recommender. Rex exploits Trusted execution environments (TEE), such as Intel software guard extensions (SGX), that provide shielded environments within the processor to improve convergence while preserving privacy. Firstly, Rex enables raw data sharing, which ultimately speeds up convergence and reduces the network load. Secondly, Rex fully preserves privacy. We analyze the impact of raw data sharing in both deep neural network (DNN) and matrix factorization (MF) recommenders and showcase the benefits of trusted environments in a full-fledged implementation of Rex. Our experimental results demonstrate that through raw data sharing, Rex significantly decreases the training time by 18.3 x and the network load by 2 orders of magnitude over standard decentralized approaches that share only parameters, while fully protecting privacy by leveraging trustworthy hardware enclaves with very little overhead.

Large capacity, fast-paced, diversified and high-value data are becoming a hotbed of data processing and research. Privacy security protection based on data life cycle is a method to protect privacy. It is used to protect the confidentiality, integrity and availability of personal data and prevent unauthorized access or use. The main advantage of using this method is that it can fully control all aspects related to the information system and its users. With the opening of the cloud, attackers use the cloud to recalculate and analyze big data that may infringe on others' privacy. Privacy protection based on data life cycle is a means of privacy protection based on the whole process of data production, collection, storage and use. This approach involves all stages from the creation of personal information by individuals (e.g. by filling out forms online or at work) to destruction after use for the intended purpose (e.g. deleting records). Privacy security based on the data life cycle ensures that any personal information collected is used only for the purpose of initial collection and destroyed as soon as possible.

This paper designs a network security protection system based on artificial intelligence technology from two aspects of hardware and software. The system can simultaneously collect Internet public data and secret-related data inside the unit, and encrypt it through the TCM chip solidified in the hardware to ensure that only designated machines can read secret-related materials. The data edge-cloud collaborative acquisition architecture based on chip encryption can realize the cross-network transmission of confidential data. At the same time, this paper proposes an edge-cloud collaborative information security protection method for industrial control systems by combining end-address hopping and load balancing algorithms. Finally, using WinCC, Unity3D, MySQL and other development environments comprehensively, the feasibility and effectiveness of the system are verified by experiments.

Efficient large-scale biometric identification is a challenging open problem in biometrics today. Adding biometric information protection by cryptographic techniques increases the computational workload even further. Therefore, this paper proposes an efficient and improved use of coefficient packing for homomorphically protected biometric templates, allowing for the evaluation of multiple biometric comparisons at the cost of one. In combination with feature dimensionality reduction, the proposed technique facilitates a quadratic computational workload reduction for biometric identification, while long-term protection of the sensitive biometric data is maintained throughout the system. In previous works on using coefficient packing, only a linear speed-up was reported. In an experimental evaluation on a public face database, efficient identification in the encrypted domain is achieved on off-the-shelf hardware with no loss in recognition performance. In particular, the proposed improved use of coefficient packing allows for a computational workload reduction down to 1.6% of a conventional homomorphically protected identification system without improved packing.

Web-based technologies are evolving day by day and becoming more interactive and secure. Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) is one of the security features that help detect automated bots on the Web. Earlier captcha was complex designed text-based, but some optical recognition-based algorithms can be used to crack it. That is why now the captcha system is image-based. But after the arrival of strong image recognition algorithms, image-based captchas can also be cracked nowadays. In this paper, we propose a new captcha system that can be used to differentiate real humans and bots on the Web. We use advanced deep layers with pre-trained machine learning models for captchas authentication using a facial recognition system.

Chaos is an interesting phenomenon for nonlinear systems that emerges due to its complex and unpredictable behavior. With the escalated use of low-powered edge-compute devices, data security at the edge develops the need for security in communication. The characteristic that Chaos synchronizes over time for two different chaotic systems with their own unique initial conditions, is the base for chaos implementation in communication. This paper proposes an encryption architecture suitable for communication of on-chip sensors to provide a POC (proof of concept) with security encrypted on the same chip using different chaotic equations. In communication, encryption is achieved with the help of microcontrollers or software implementations that use more power and have complex hardware implementation. The small IoT devices are expected to be operated on low power and constrained with size. At the same time, these devices are highly vulnerable to security threats, which elevates the need to have low power/size hardware-based security. Since the discovery of chaotic equations, they have been used in various encryption applications. The goal of this research is to take the chaotic implementation to the CMOS level with the sensors on the same chip. The hardware co-simulation is demonstrated on an FPGA board for Chua encryption/decryption architecture. The hardware utilization for Lorenz, SprottD, and Chua on FPGA is achieved with Xilinx System Generation (XSG) toolbox which reveals that Lorenz’s utilization is 9% lesser than Chua’s.

Traditional side-channel attacks have shortcomings such as low efficiency, extremely difficult collection and injection of fault information in real environments, and poor applicability of attacks. The cache timing attack proposed in recent years is a new type of side-channel attack method. This attack method uses the difference in the reading speed of the computer CPU cache to enable the attacker to obtain the confidential information during the execution of the algorithm. The attack efficiency is high, and the cost is relatively low. little. Present algorithm is a lightweight block cipher proposed in 2007. The algorithm has excellent hardware implementation and concise round function design. On this basis, scholars at home and abroad have carried out different side-channel attacks on it, such as differential attacks., multiple differential chain attacks, algebraic attacks, etc. At present, there is no published research on the Cache timing attack against the Present algorithm at home and abroad. In this paper, the output value of the S box in the first and second rounds of the encryption process is obtained through the combination of the Cache timing attack and the side-channel Trojan horse, and Combined with the key recovery algorithm, the master key of the algorithm is finally recovered.

In recent decennium, hardware security has gained a lot of attention due to different types of attacks being launched, such as IP theft, reverse engineering, counterfeiting, etc. The critical testing infrastructure incorporated into ICs is very popular among attackers to mount side-channel attacks. The IEEE standard 1687 (IJTAG) is one such testing infrastructure that is the focus of attackers these days. To secure access to the IJTAG network, various techniques based on Locking SIB (LSIB) have been proposed. One such very effective technique makes use of Security Linear Feedback Shift Register (SLFSR) along with LSIB. The SLFSR obfuscates the scan chain information from the attacker and hence makes the brute-force attack against LSIB ineffective.In this work, it is shown that the SLFSR based Locking SIB is vulnerable to side-channel attacks. A power analysis attack along with known-plaintext attack is used to determine the IJTAG network structure. First, the known-plaintext attack is used to retrieve the SLFSR design information. This information is further used along with power analysis attack to determine the exact length of the scan chain which in turn breaks the whole security scheme. Further, a countermeasure is proposed to prevent the aforementioned hybrid attack.