The implementation of a secure cipher within the embedded electronics of a smart-card can have a large number of weak points, which are unrelated to the cryptographic strength of that cipher. Side-channel information leaks may disclose internal secrets through the cipher's power consumption, execution time, and other physical implementation effects. Affecting hardware as well as software, these leaks show that a secure embedded system is no stronger than its weakest link. This project creates a systematic design approach that iteratively partitions an embedded system into a security-critical and a non-critical part. The partitioning goes across the boundaries of hardware and software and is guided by side-channel estimators. The partitioned components are then safely integrated using secure hardware-software interfaces. The result is a flexible yet secure system design, that combines the flexibility of software with the robustness of hardware. The project's intellectual merit is a design methodology for secure embedded system design. The methodology complements a traditional embedded design approach that focuses on performance and design-cost but not on security and side-channel information leaks. The project trains computer engineers at the undergraduate level in hardware/software codesign, and at the graduate level in secure embedded systems design. The training software from this course forms the basis of the secure design flow, and it is freely distributed on CD-ROM. The software is serving other academic institutions that establish similar undergraduate courses. The secure methodology enables collaboration between embedded system designers and cryptographers, and helps them to build embedded systems that are less prone to attacks and fraud.
CAREER: Hardware/Software Codesign for Secure Embedded Systems: Methods and Education