Mr Sean Kelly holds a BSc in Computer Science (QMC, London 1986) and an MPhil in Computer Speech Processing (Cambridge, 1987). His research interests include fault detection and fault tolerance in software. He was responsible for the software in the world’s first electronic passport (Malaysia, 1998) and the associated GMPC I.D. card, (Malaysia, 2001). He was member of the team at NatWest Bank that defined and developed the first implementation of Multos (1998). Sean was a member of ITSO’s technical and security committees for over 10 years and maintains an ongoing interest in standards, being an active participant of ISO/IEC SC17-WG8 UK Panel – Contactless cards. He continues to be involved with commercial implementations of EMV and JavaCard operating systems while working part time on his research with supervisor Professor Keith Mayes.
Sean describes his research:
My research looks at the effects of execution errors in microcontrollers and software defences that can detect them. To date I have been deliberately inducing errors in micro-controllers as they execute. This has involved the development of new test boards to enable me to accurately control the timing of the error stimulus and to recover the device’s erroneous state. The aim is to identify the error states, test defence algorithms, and in time lead to the creation of techniques to characterise these errors and measure the efficacy/efficiency of defences.
Defensive code incurs costs in terms of execution speed, code volume and development time, while real world applications involve a compromise between these poorly understood competing constraints. This research stems from real life experience of security reviews over many years and from occasional inconsistent direction from reviewers. By characterising error behaviour I hope to make it possible to make better informed decisions regarding appropriate defences thereby enhancing the security of devices. This research becomes ever more relevant as more and more aspects of everyday life become reliant upon the precise behaviour of micro-controllers. It is no longer the exclusive concern of the smartcard and the security world as the IoT revolution places micro-controllers in more and more everyday objects.