Our society is continuously demanding more and more intelligent devices, along with network infrastructures and distributed services that make our daily lives more comfortably. However, the frantic adoption of Internet of Things (IoT) technologies has led to widespread implementations without a deep analysis about security matters. This project encompasses the complete design of a platform, so-called SPIRS platform, which integrates a hardware dedicated Root of Trust (RoT) and a processor core with the capability of offering a full suite of security services. Furthermore, the SPIRS platform will be able to leverage this capability to support privacy-respectful attestation mechanisms and enable trusted communication channels across 5G infrastructures. RoT is implemented in hardware with a dedicated circuitry to extract a unique digital identifier for the SPIRS platform during its entire lifetime. To build a complete solution, the project also features a Trusted Execution Environment (TEE), secure boot, and runtime integrity. Furthermore, resilience and privacy protection are major concerns in this project, and it endeavors to the design of a decentralized trust management framework targeted to minimize the impact of Single Point of Failure (SPOF) risks and achieve adequate security and privacy tradeoffs. To facilitate the tasks of validation and testing, SPIRS platform is conceived as an open platform that can easily integrate other building blocks and facilities upgrades. The project goes beyond the construction of the SPIRS platform and it provides solutions to integrate it in the deployment of cryptographic protocols and network infrastructures in a trustworthy way, leveraging the RoT provided by the platform. To validate SPIRS results, the project considers two different scenarios: Industry 4.0 and 5G Technologies.

TRISTAN’S overarching aim is to expand, mature and industrialize the European RISC-V ecosystem so that it is able to compete with existing commercial alternatives. This will be achieved by leveraging the Open-Source community to gain in productivity and quality. This goal will be achieved by defining a European strategy for RISC-V based designs including the creation of a repository of industrial quality building blocks to be used for SoC designs in different application domains (e.g. automotive, industrial, etc.). The TRISTAN approach is holistic, covering both electronic design automation tools (EDA) and the full software stack. The broad consortium will expose a large number of engineers to RISC-V technology, which will further encourage adoption. This ecosystem will ensure a European sovereign alternative to existing industrial players. The 3-year project fits in the strategy of the European Commission to support the digital transformation of all economic and societal sectors, and speed up the transition towards a green, climate neutral and digital Europe. This transformation includes the development of new semiconductor components, such as processors, as these are considered of key importance in retaining technological and digital sovereignty and build on significant prior investments in knowledge generation in this domain. Development strategies leveraging public research funding that exploit Open-Source have been shown to boost productivity, increase security, increase transparency, allow better interoperability, reduce cost to companies and consumers, and avoid vendor lock-ins. The TRISTAN consortium is composed of 46 partners from industry (both large industries as well as SMEs), research organizations, universities and RISC-V related industry associations, originating from Austria, Belgium, Finland, France, Germany, Israel, Italy, the Netherlands, Poland, Romania, Turkey and Switzerland.

For decades, processors evolution has focused on improving their performance. In recent years, attacks directly exploiting optimization mechanisms have emerged. They typically exploit flaws in caches, performance counters or speculation units and jeopardize the safety and security of processors in industrial systems. We can cite Spectre and Meltdown as well-known examples. The OpenHW approaches are now both an economic reality and an innovation opportunity for European actors in the field of processors architecture. The use of the open-source requires the design of secure processor cores, and therefore helps to make one more step towards greater independence in the field of cyber-security. The SECURE-V project offers an innovative open-source, secure and high-performance processor core based on the ISA RISC-V. The originality of the approach lies in the integration of a dynamic code transformation unit covering 4 of the 5 NIST functions of cybersecurity, via monitoring (identify, detect), obfuscation (protect), and dynamic adaptation (reacting) in particular. This dynamic management paves the way for online optimizations to improve the security and safety of the micro-architecture without revising the software or the silicon architecture of the chip. As we work at the micro-architecture level, the SECURE-V architecture will be the cornerstone of the security kernel of future products. The proposed innovative solution is built around three key ideas: 1) The dynamic code transformation unit is the core idea of this proposal. This unit will support on-the-fly modifications of the program instructions translation and decoding processes. These changes aim to provide security building blocks by either altering the processor pipeline datapath behavior or hiding the sensitive paths with data obfuscation. These two mechanisms are respectively possible using instructions operations rescheduling or with injections of additional operations into the pipeline. This unit will also allow the dynamic instrumentation of a code without modifying the original binary. 2) Advanced configurable memory management policies will add an additional level of obfuscation. We can cite for example alternatives to conventional caches such as scratchpads with dynamic management, dedicated memories (or TCM for Tightly Coupled Memory), partially reconfigurable caches in SRAM. New design and dynamic security-oriented cache management will also be investigated to avoid interference at this level or to supervise on demand information when identifying suspicious behaviors. Finally, as for the operations in the pipeline, we will also be able to insert (periodically or in a more controlled manner) access instructions to different memory areas aiming at different accesses activity to disrupt side-channel attacks. 3) In order to complete the approach and to control the dynamic changes in the behavior of the micro-architecture, a dynamic control block will be developed. By observing the state of the micro-architecture, this unit will determine when specific security properties are violated, denoting an abnormal behavior that may result from an attack or a sensitive context that needs to be secured. In reaction to the detected situation, it will trigger an adaptation event via the dynamic code transformation unit and/or the microarchitecture. The use of runtime verification, a lightweight formal method, to synthesize the monitors of security properties, will help to justify the confidence placed in this unit. The main results of the project are a prototype of a complete architecture, based on the RISC-V CVA6 core, implemented on a FPGA comprising the secure blocks designed during the project and an analysis of the security level reached by the proposals.

Title : Cyber Security for Cross Domain Reliable Dependable Automated Systems. Goal : SECREDAS aims to develop and validate multi-domain architecting methodologies, reference architectures & components for autonomous systems, combining high security and privacy protection while preserving functional-safety and operational performance.