Powered by OpenAIRE graph
Found an issue? Give us feedback

NXP (Germany)

34 Projects, page 1 of 7
  • Funder: European Commission Project Code: 101070008
    Overall Budget: 3,814,500 EURFunder Contribution: 3,814,500 EUR

    It is common wisdom that security is only as strong as the weakest link in a chain. However, identifying the chain and its weak links is a huge challenge, even more so for open-source hardware aimed at the Internet of Things (IoT), industrial IoT and critical infrastructure. Most of these devices operate in constrained environments, with limited energy budgets and routinely lack essential security and privacy guarantees. The primary goal of the ORSHIN project is to create a generic and holistic methodology, which we call the ‘trusted life cycle’ to develop and manage connected devices based on open-source hardware. We identified a chain of six essential phases: Design, Implementation, Evaluation, Installation, Maintenance, and Retirement. The life cycle will specify how to translate abstract security goals (e.g., build a secure IoT product) into security policies for the phases, and further into concrete security requirements for the building blocks of the product (e.g., use 128-bit keys). Using this holistic view, ORSHIN will address critical links, corresponding to three important expected outcomes mentioned in the call, to reduce the security threats associated with open-source connected devices: 1. We will propose new models of security properties in order to extend formal verification to the secure, open-source hardware realm. 2. To enable effective security audits of open-source hardware and embedded software, we will develop practical, fast, and hardware-augmented testing techniques. 3. We will create secure and privacy-preserving protocols for intra-device and inter-device communication to provide secure communication and authentication methods for connected devices. These ambitious objectives, leading to open-source demonstrators at TRL4, are proposed by an international consortium with complementary experience, consisting of four high-tech SME’s in collaboration with two excellent academic partners and one important European semiconductor company.

    more_vert
  • Funder: European Commission Project Code: 731591
    Overall Budget: 3,528,640 EURFunder Contribution: 3,478,750 EUR

    Implementing cryptography on embedded devices is an ongoing challenge: every year new implementation flaws are discovered and new attack paths are being used by real life adversaries. Whilst cryptography can guarantee many security properties, it crucially depends on the ability to keep the used keys secret even in face of determined adversaries. Over the last two decades a new type of adversary has emerged, able to obtain, from the cryptographic implementation, side channel leakage such as recording of response times, power or EM signals, etc. To account for such adversaries, sophisticated security certification and evaluation methods (Common Criteria, EMVCo, FIPS…) have been established to give users assurance that security claims have withstood independent evaluation and testing. Recently the reliability of these evaluations has come into the spotlight: the Taiwanese citizen card proved to be insecure, and Snowden’s revelations about NSA's tampering with FIPS standards eroded public confidence. REASSURE will (1) improve the efficiency and quality of all aspects of certification using a novel, structured detect-map-exploit approach that will also improve the comparability of independently conducted evaluations, (2) cater for emerging areas such as the IoT by automating leakage assessment practices in order to allow resistance assessment without immediate access to a testing lab, (3) deliver tools to stakeholders, such as reference data sets and an open-source leakage simulator based on instruction-level profiles for a processor relevant for the IoT, (4) improve existing standards by actively pushing the novel results to standardization bodies. REASSURE's consortium is ideal to tackle such ambitious tasks. It features two major circuits manufacturers (NXP, IDEMIA), a highly respected side channel testing lab (Riscure), an engaged governmental representative (ANSSI), and two of the most prominent research institutions in this field (UCL, University of Bristol).

    more_vert
  • Funder: European Commission Project Code: 258754
    more_vert
  • Funder: European Commission Project Code: 713843
    Overall Budget: 998,342 EURFunder Contribution: 998,342 EUR

    The project "Safe and COnnected aUtomation in road Transport" (SCOUT) aims at identifying pathways for an accelerated proliferation of safe and connected high-degree automated driving in Europe, taking into account user needs and expectations, technical and non-technical gaps and risks, viable business models as well as international cooperation and competition. The analysis will start from a thorough consideration of the concerns and expectations from the perspectives of users, suppliers of the technology and experiences from projects and field tests. Alternative strategies for the implementation of automated driving will then be developed, under due consideration of different innovation cycles in the related industries (automotive, telecom, infrastructure, services) and the pending challenges regarding framework conditions (legal, testing & validation, safety & security). With regard to the perceived use cases for connected automation in road transport, technical und non-technical gaps and risks for the implementation will be identified, assessed and ranked. In parallel, sustainable business models will be identified with particular emphasis on the role of digitization, connectivity and data-driven business cases. Advice for policies and regulatory frameworks for safe and connected automation will then be derived on the basis of the aforementioned analyses with the support of a network of relevant stakeholders, and subsumed into a common roadmap aiming to implement the formulated vision for "Safe and connected automation in 2030". The results will be communicated to and discussed with policymakers, stakeholders and the general public at a multitude of opportunities. International trends and results of European funded projects will be closely monitored and reflected in the strategy development process.

    more_vert
  • Funder: European Commission Project Code: 101225859
    Overall Budget: 6,484,720 EURFunder Contribution: 6,484,720 EUR

    The FOCAL project will deliver a unified framework to achieve practical E2E functional composition of PQC in edge networked environments. Functional composition will be accommodated under a cross-layering paradigm mapping requirements of existing PQC cryptosystems and further improving them through appropriate methodologies and mechanisms via considering device, software, networking and communication properties. Consequently, FOCAL will act as a cornerstone on achieving the first practical and programmable composition of PQC across the full E2E path between a given datacenter orchestrating cloud services to an edge deployment. This will be achieved through (i) crypto-agility via hardware reconfigurability , (ii) exploitation of communication channel properties on the edge, (iii) network instrumentation and orchestration via advanced software-defined technologies, (iv) enhanced PQC key generation, encapsulation and storage underpinned by hardware acceleration schemes, (v) lightweight synthesis of distributed Trusted Execution Environments (TEEs) amongst edge devices, and (vi) awareness of application-level interoperability requirements inferred through Machine Learning (ML)-driven edge device learning. The envisaged technical directions will be dictated by non-technical activities encapsulated within the FOCAL framework assessing metrics associated to measuring the transition of such edge-oriented ecosystems into PQC and on improving existing standards and policies through lessons learned. Thus, contributing significantly towards the EU objectives and guidelines as outlined in the EU Commission Recommendation on Post-Quantum Cryptography.

    more_vert
  • chevron_left
  • 1
  • 2
  • 3
  • 4
  • 5
  • chevron_right

Do the share buttons not appear? Please make sure, any blocking addon is disabled, and then reload the page.

Content report
No reports available
Funder report
No option selected
arrow_drop_down

Do you wish to download a CSV file? Note that this process may take a while.

There was an error in csv downloading. Please try again later.