VE-VIDES explores trustworthy design and verification flow for IoT security
Article By : Nitin Dahad
VE-VIDES will look at identifying a novel IP design and verification flow that will ensure trustworthiness, especially in security-critical electronic systems in IoT.
Infineon Technologies is coordinating a joint research project between industry and academia to develop a holistic security concept for the internet of things (IoT). The project will look at identifying a novel intellectual property (IP) design and verification flow that will ensure trustworthiness, especially in security-critical electronic systems.
The project, “Design methods and hardware/software co-verification for the unique identifiability of electronic components”(VE-VIDES) involves twelve partners and is supported by the German Federal Ministry of Education and Research (BMBF), as part of its funding for “Trustworthy Electronics (ZEUS)”. The VE-VIDES goal is to systematically identify potential security gaps in the design phase and to use automatically generated, trustworthy mechanisms to protect electronic systems against attack. It focuses on assuring the trustworthiness of the system hardware and takes into account the direct interfaces to trustworthy software/firmware components.
The premise of the project is that it is necessary to plan for and secure the trustworthiness of a system and for all subcomponents during design at the architecture level. VE-VIDES is therefore researching trustworthy development and verification processes which give electronic systems verifiable and, whenever possible, quantifiable protection against attacks. The design methods, tool chains and test suites emerging from this alliance project will give a solid foundation to future development tools for trustworthy electronics and will thus contribute to the technical and technological sovereignty of Germany and Europe.
The essential attack scenarios for electronic systems are:
- Attacks via the internet (hacking) in which intentionally integrated backdoors and trojans or accidentally overlooked vulnerabilities are exploited in order to change the target system’s functionality or steal data stored within the system
- Electronic, optical or physical attacks on integrated circuits in order to steal intellectual property or illegally read out or modify data
The leading institution for cataloguing cyber-security vulnerabilities, CVE-MITRE, expects a potential 43 percent reduction in overall system vulnerability when vulnerabilities in trustworthiness are eliminated at the hardware level. System-level approaches, including access restrictions and redundancy, currently help protect against attacks and reduce security risks. VE-VIDES applies a holistic security concept here to improve the development processes for trustworthy electronics systems and their integration along global value chains. The concept employs an innovative IP design and verification flow to ensure the trustworthiness of security-critical electronics systems in particular.
VE-VIDES follows an application-oriented approach, bringing together companies from important industry sectors such as automotive and industry 4.0 with supplier, development and research partners.
Infineon’s Djones Lettnin, head of the alliance project, commented, “We rely on electronic systems in almost every aspect of our lives and our work. These systems make our lives easier, safer and greener. We need trustworthy electronics if we want to really be able to rely on them. In VE-VIDES our focus is on securing the trustworthiness of system hardware while taking the direct interfaces to trustworthy firmware and software components into account.”
The participating partners in VI-VIDES are:
- CARIAD SE
- Fraunhofer Institute for Integrated Circuits IIS, engineering of adaptive systems EAS division
- Infineon Technologies AG
- IMMS Institut für Mikroelektronik- und Mechatronik-Systeme gemeinnützige GmbH
- OFFIS e.V. – Institute for Information Technology,
- OneSpin, a Siemens company,
- Robert Bosch GmbH,
- Siemens AG
- Synopsys GmbH
- Chemnitz University of Technology
- Ulm University
- X-FAB Global Services GmbH
This article was originally published on Embedded.
Nitin Dahad is a correspondent for EE Times, EE Times Europe and also Editor-in-Chief of embedded.com. With 35 years in the electronics industry, he’s had many different roles: from engineer to journalist, and from entrepreneur to startup mentor and government advisor. He was part of the startup team that launched 32-bit microprocessor company ARC International in the US in the late 1990s and took it public, and co-founder of The Chilli, which influenced much of the tech startup scene in the early 2000s. He’s also worked with many of the big names—including National Semiconductor, GEC Plessey Semiconductors, Dialog Semiconductor and Marconi Instruments.
