The more that time progresses, the more we rely on electronics. This trend will continue and accelerate as the IoT delivers more and more benefits to our lives. Now, even our utilities are controlled by computing, and the input from humans will decrease further as we harness the power of AI. How long will it be until human drivers are banned from our roads for being dangerous?
That reliance on electronics has the potential to benefit humanity greatly, but it also creates a huge weakness. The more we rely on electronics, the more vulnerable we are if they fail. It is not just cybercriminals that wish to hack into systems, but state actors too. The US power grid has already been hacked by Russia in 2018 according to the US Cybersecurity and Infrastructure Security Agency. In April this year, President Biden unveiled a scheme to try shore up the US’ cyber defences.
There’s not too much we can do for systems already in place, except patch up vulnerabilities as they are found. However, we can do better to ensure systems are better protected in the first place. As ICs are the basic building block of our systems, designing them to be as secure as possible from the ground up is necessary to make the resulting systems as secure as possible. A new partnership has been launched to do just this and develop a holistic security concept for the Internet of Things. The "Design methods and hardware/software co-verification for the unique identifiability of electronic components" ( VE-VIDES) group consists of twelve partners from research, academia and industry. The project will be supported by the German Federal Ministry of Education and Research as part of its "Trustworthy Electronics (ZEUS)" plan.
The goal of the VE-VIDES project is to systematically identify potential security gaps in the design phase and to use automatically generated, trustworthy mechanisms to protect electronic systems against attack. Systems and subsytems are already somewhat secured at the architecture level. VE-VIDES will look at development and verification processes which give electronic systems verifiable and quantifiable protection against attacks. The design methods, tool chains and test suites developed through this alliance project will give a solid foundation to future development tools for trustworthy electronics.
VE-VIDES is intended to find new methods to protect ICs from hacking through intentionally integrated backdoors and trojans or where accidentally overlooked vulnerabilities are exploited, as well as electronic, optical or physical attacks on ICs in order to steal IP or illegally read out or modify data.
The twelve organisations involved in the project are CARIAD SE, Fraunhofer Institute for Integrated Circuits IIS, Division Engineering of Adaptive Systems EAS, Infineon Technologies AG, IMMS Institut für Mikroelektronik- und Mechatronik-Systeme gemeinnützige GmbH (IMMS GmbH), OFFIS e.V. - Institute for Information Technology, OneSpin, Robert Bosch GmbH, Siemens AG, Synopsys GmbH, Chemnitz University of Technology, Ulm University, and X-FAB Global Services GmbH. The project will be managed by edacentrum GmbH.
https://us-cert.cisa.gov/ncas/alerts/TA18-074A
PDF
