ISG Smart Card and IoT Security Centre

  • Home
  • People
  • Research
    • Research Areas
      • Security in Payment Systems
      • Secure Application Execution
    • Research Projects
    • Research Papers
    • Research Equipment
    • Other Publications
      • Books
      • Downloadable resources
    • Smart Card and IoT Security Centre Summer Projects
  • Teaching
    • MSc Projects and Material
    • Customised Courses
  • Partners
    • Founding Members
    • Members
    • Supporters
    • Valued Past Members
  • Events
    • ISG Open Day 2019
    • SCC Open Day 2017
    • SCC Open Day 2015
    • SCC Open Day 2014
    • ISG Open Day 2016
    • ESORICS 2013
  • News
  • Open Positions
    • PhD Projects

Secure Application Execution

You are here:Home » Research » Research Areas » Secure Application Execution

Embedded devices have permeated into our daily lives, and day-to-day mundane tasks involve a number of embedded systems. These include smart cards, sensors in vehicles and industrial automation systems. Satisfying the requirements for trusted, reliable and secure embedded devices is more vital than ever before. On this front, we have identified the following active research directions.

 

 

 

Pre-Deployment Protection

This research thread examines how power consumption can be used to verify the integrity of control flow jumps, and instructions before the Integrated Circuit (IC) is integrated into security-critical environments. For example, we have worked on these proposals to identify hardware Trojans and counterfeit products.

  • Control Flow Verification – The building block involves profiling of the individual instructions executed in a microprocessor. We have profiled a microprocessor (e.g. ATMega163), from its power consumption, using Hidden Markov Models (HMM), Principal Component Analysis (PCA) and Linear Discriminant Analysis (LDA). Following from that we have defined the concept of basic blocks with only one entry point and one exit point. Measuring the power consumption when an application is executing allows us to obtain an accurate depiction of what instructions are executed by the microprocessor and verify the control flow jumps.
  • Verifying Integrity of Executed Instructions – We have devised a method that enables a device to verify the integrity of executed instructions. This requires the verifying device to record the power consumption of the processor executing an application. Then the executed instructions are matched against a pre-constructed set of templates. The extracted information together with the pre-computed signatures is then used to verify the integrity of the software component using an RSA signature screening algorithm.

 

Runtime Protection

This research thread involves the protection of runtime program data, instruction interpretation and control flow at runtime, and is composed of three steps:

  • The protection of runtime data is achieved through the introduction of two parallel (program and integrity) stacks which keep verified references of the instructions to be executed. This method is implemented and tested in an FPGA platform implementing a microprocessor.
  • The verified instruction interpretation is also tested on the aforementioned FPGA platform and this is achieved through the concepts of basic blocks and the use of cryptographic algorithms.
  • Finally, the control flow verification is performed through parallel references to current and next executed instructions.
Smart Card and IoT Security Centre

Research Projects

  • FutureTPM: Jan. 2018 – Dec. 2020
  • DICE (Data Improved Customer Experience): (Sept 2016-Sept 2019)
  • SHAWN: (Jan 2014-Jun 2016)
  • UK Cards Association: (Dec 2012-Dec 2016)
  • Visa International: (Sept 2015-Sept 2016)
  • Transport for London
  • ITSO

Latest News

  • Upcoming: Smart Card Centre and IoT Security Open Day 2019
  • ISG SCC Workshop 2018
  • Responsible Disclosure: XiongMai uc-httpd 1.0.0 – Buffer Overflow
  • SCC Affiliated Visiting Researcher Award: European Emerging Forensic Scientist 2018
  • PhD Studentship in IoT Threat Modelling

Patent and Commercialisation

Prof Konstantinos Markantonakis, Dr Raja Naeem Akram and Mr James Tapsell, worked successfully into the creation of a patent as a “Technique to record an event and its impact on the data during the lifetime of a data – specific to individual entities represented in the data.” The implementation helps in serving General Data Protection Regulation (GDPR) rights: Right to Access, Right to Forget, and Right to Rectification (with evidence).

RHUL has invested in further business analysis around the commercialisation opportunities of the technique developed at SCC. Furthermore, it has invested in building a commercial grade implementation of an MVP, in order to provide the stepping stone for commercialising the aforementioned patent.

Video

Royal Holloway University of London
Contact Us

Smart Card and IoT Security Centre
Information Security Group,
Royal Holloway, University London, Egham,
Surrey,
TW20 0EX, UK

maps and directions
back up
© Copyright 2019 ISG Smart Card and IoT Security Centre