SubsidieMeestersHardware-assisted Adaptive Cross-Layer Security for Computing Systems
HYDRANOS aims to revolutionize computing security by designing adaptable hardware within SoCs for post-fabrication reconfiguration to combat emerging cross-layer attacks.
Projectdetails
Introduction
Today's computing systems are facing an unprecedented security threat posed by recent attacks that use software to exploit hardware vulnerabilities, as shown by attacks like Spectre, Meltdown, Foreshadow, and follow-ups. These attacks affect a wide range of computing platforms and manufacturers, including Intel, AMD, and ARM.
Cross-Layer Attacks
These cross-layer attacks reach far beyond exploiting microarchitectural vulnerabilities and allow unprivileged software to exploit a variety of hardware design and implementation flaws. This was demonstrated in the world's largest System-on-Chip (SoC) security competition that we have been conducting with Intel since 2018.
Paradigm Shift in Security
This adversarial paradigm shift sidesteps decades of security research that assumed a layered architecture where hardware is flawless and trustworthy. Existing solutions, such as:
- Software patching
- Specific hardware changes
are ad-hoc, expensive, or only mitigate specific known attacks. Particularly, patching hardware after fabrication is very limited or impossible.
Proposal Overview
This proposal, HYDRANOS, envisions hardware-assisted adaptive security, a radically different approach to enable flexible security for future computing systems.
Project Goals
We aim to:
- Design, prototype, and evaluate dedicated configurable hardware inside the SoC design
- Enable post-fabrication reconfiguration of key security-relevant hardware primitives to mitigate new attack vectors
Moreover, we provide an evaluation framework that includes novel hardware fuzzing techniques to significantly improve existing hardware-vulnerability detection methods at design time.
Impact of HYDRANOS
HYDRANOS is a game changer for trustworthy computing. It allows us to fundamentally and flexibly tackle today’s and future cross-layer attacks on security-critical systems. Additionally, it provides novel research to pave the way towards future-proof security.
Community Engagement
We will showcase our results on open-source hardware widely supported by academia and industry and provide it to the research community, allowing open verification by third parties.
Financiële details & Tijdlijn
Financiële details
| Subsidiebedrag | € 2.485.281 |
| Totale projectbegroting | € 2.485.281 |
Tijdlijn
| Startdatum | 1-9-2022 |
| Einddatum | 31-8-2027 |
| Subsidiejaar | 2022 |
Partners & Locaties
Projectpartners
- TECHNISCHE UNIVERSITAT DARMSTADTpenvoerder
Land(en)
Vergelijkbare projecten binnen European Research Council
| Project | Regeling | Bedrag | Jaar | Actie |
|---|---|---|---|---|
Resilient and Sustainable Software SecurityThe RS³ project aims to enhance software security by developing resilient and sustainable countermeasures through innovative testing, secure compilers, attack mitigation, and hardware improvements. | ERC Consolid... | € 1.998.851 | 2023 | Details |
SecuStack: Securing the Leaky Hardware/Software BoundarySecuStack aims to eliminate side-channel leaks by developing precise hardware-level leakage models to create provably secure systems, enhancing data protection against emerging attacks. | ERC Starting... | € 1.500.000 | 2024 | Details |
Custom Cryptographic Solutions with Formal Security GuaranteesCryspen aims to transition ERC Circus's verified cryptographic research into a production-ready software stack, enhancing security for enterprises through formal verification and custom solutions. | ERC Proof of... | € 150.000 | 2022 | Details |
A Principled Plan to Prevent Transient Execution AttacksGhostbuster aims to automatically detect and mitigate advanced transient execution attacks by analyzing vulnerable code fragments and modeling attack conditions, enhancing security without crippling performance. | ERC Advanced... | € 2.499.995 | 2025 | Details |
Generation and Verification of Masking Countermeasures Against Side-Channel AttacksAMAskZONE aims to create a toolbox for generating and verifying secure cryptographic implementations on embedded devices, combining empirical testing and formal verification for practical security. | ERC Starting... | € 1.495.250 | 2023 | Details |
Resilient and Sustainable Software Security
The RS³ project aims to enhance software security by developing resilient and sustainable countermeasures through innovative testing, secure compilers, attack mitigation, and hardware improvements.
SecuStack: Securing the Leaky Hardware/Software Boundary
SecuStack aims to eliminate side-channel leaks by developing precise hardware-level leakage models to create provably secure systems, enhancing data protection against emerging attacks.
Custom Cryptographic Solutions with Formal Security Guarantees
Cryspen aims to transition ERC Circus's verified cryptographic research into a production-ready software stack, enhancing security for enterprises through formal verification and custom solutions.
A Principled Plan to Prevent Transient Execution Attacks
Ghostbuster aims to automatically detect and mitigate advanced transient execution attacks by analyzing vulnerable code fragments and modeling attack conditions, enhancing security without crippling performance.
Generation and Verification of Masking Countermeasures Against Side-Channel Attacks
AMAskZONE aims to create a toolbox for generating and verifying secure cryptographic implementations on embedded devices, combining empirical testing and formal verification for practical security.
Vergelijkbare projecten uit andere regelingen
| Project | Regeling | Bedrag | Jaar | Actie |
|---|---|---|---|---|
LightDrop: ONE-WAY SECURE DATA TRANSFERLightDrop ontwikkelt een veilige, eenrichtingsdataoverdracht via beeldscherm en camera, ter bescherming tegen cyberaanvallen op kritieke systemen. | Mkb-innovati... | € 147.000 | 2021 | Details |
Hybrid electronic-photonic architectures for brain-inspired computingHYBRAIN aims to develop a brain-inspired hybrid architecture combining integrated photonics and unconventional electronics for ultrafast, energy-efficient edge AI inference. | EIC Pathfinder | € 1.672.528 | 2022 | Details |
SecuriPiSecuriPi ontwikkelt een geavanceerd multi-factor authenticatiesysteem om digitale weerbaarheid tegen cyberdreigingen te versterken. | Mkb-innovati... | € 20.000 | 2024 | Details |
LightDrop: ONE-WAY SECURE DATA TRANSFER
LightDrop ontwikkelt een veilige, eenrichtingsdataoverdracht via beeldscherm en camera, ter bescherming tegen cyberaanvallen op kritieke systemen.
Hybrid electronic-photonic architectures for brain-inspired computing
HYBRAIN aims to develop a brain-inspired hybrid architecture combining integrated photonics and unconventional electronics for ultrafast, energy-efficient edge AI inference.
SecuriPi
SecuriPi ontwikkelt een geavanceerd multi-factor authenticatiesysteem om digitale weerbaarheid tegen cyberdreigingen te versterken.