COSIC’s new embedded systems security lab has it all

On March 1st 2018, the COSIC research group at KU Leuven officially opened its brand new embedded systems security lab. The opening was the culmination of a five-year upgrade project sponsored by a 400k EUR grant from the Hercules Foundation.

by ESAT (KU Leuven)

The need for embedded security

Embedded electronic devices are becoming mobile and interconnected. They are omnipresent, in our pockets, our homes, our vehicles, and even on or inside our bodies, monitoring and collecting data over their close environment. The Internet of Things (IoT) represents an ongoing revolution within the electronics landscape that envisions benefits for society in many sectors. Yet this migration is not without risks. Electronic devices need to operate in the field, to coexist with threats that come from their immediate environment, and to provide security guarantees while in physical reach of potential adversaries.

The security of embedded devices has emerged as a very active research topic since the late 1990s, when physical attacks were brought to the attention of the research community. Physical attacks are powerful techniques capable of extracting secret cryptographic keys or sensitive data from electronic devices. Two main families of attacks exist. Side-channel attacks exploit physical properties inherent to hardware circuits to gain information about their inner behavior. They are passive: the attacker monitors and analyses information leaked through physical channels during normal operation. Fault attacks on the other hand exploit transient malfunctions caused by direct tampering with circuits or their close environment. They are active: the attacker intentionally triggers errors in the hardware to disrupt the expected control and/or data flows in the system.

Evaluating the security of electronic circuits is a critical stage in the development of secure embedded solutions.

The discovery of physical attacks had a big impact on industry and triggered immediate research on mitigation strategies. Side-channel and fault attacks are nowadays acknowledged as a major threat for commercial applications. Consequently, evaluating the security of electronic circuits has become a critical stage in the development of secure embedded solutions. This demands the existence of specialized evaluation labs with expertise and capabilities to perform physical security assessments.

The role of an academic lab

The Computer Security and Industrial Cryptography (COSIC) group at KU Leuven performs research on the areas of information security, cryptography and privacy. Around 15 researchers are active in the Embedded Systems Security team headed by Prof. Ingrid Verbauwhede, dealing with the design and implementation of building blocks for security. This includes cryptographic algorithms and protocols, but also critical components such as random number generators or trusted computing primitives running on virtually any type of embedded platform: microcontrollers, RFID tags, FPGAs, ASICs, CPUs, etc.

The physical security of embedded designs is evaluated at the Embedded Systems Security Lab. The lab is used in the context of PhD research topics, in the context of Flemish and European H2020 projects and in direct collaboration with industrial partners. It contains all necessary equipment to test the robustness of implementations against a wide spectrum of physical attacks. The lab has been steadily growing for the past 15 years, consistently with advances in the research field. But the largest extension has taken place in the last 5 years, thanks to a 400k EUR project grant from the Hercules Foundation. This investment has allowed upgrading the lab infrastructure and equipment according to the current needs and future research activities of the group. The lab has moved to newer installations that feature, among others, separated research zones for students and PhD researchers. The latter can be configured as a highly-confidential area with strict access control for sensitive evaluations. Equipment to perform advanced attacks, representative of current advances in the field, has also been added to the lab portfolio. This includes, for instance, new workstations to perform localized side-channel and fault attacks.

Equipment to perform advanced attacks, representative of current advances in the field, are part of the lab portfolio.

The brand new Embedded Systems Security Lab at COSIC officially opened on March 1st. A full day event with more than 100 participants from industry and academia was organized to celebrate the occasion. The event kicked-off with a symposium on embedded system security, featuring 3 talks from experts in the field. In the afternoon, tours of the new lab were interleaved with a poster and demo session highlighting the research activities at COSIC. The event closed with a keynote by Prof. Bart Preneel and Prof. Ingrid Verbauwhede, followed by a reception.

For more information about the Embedded Systems Security Lab at COSIC, contact Dana Brouckmans.