Secure Code Updates for Smart Embedded Devices based on PUFs

Code update is a very useful tool commonly used in low-end embedded devices to improve the existing functionalities or patch discovered bugs or vulnerabilities. If the update protocol itself is not secure, it will only bring new threats to embedded systems. Thus, a secure code update mechanism is required. However, existing solutions either rely on strong security assumptions, or result in considerable storage and computation consumption, which are not practical for resource-constrained embedded devices (e.g., in the context of Internet of Things). In this work, we propose to use intrinsic device characteristics (i.e., Physically Unclonable Functions or PUF) to design a practical and lightweight secure code update scheme. Our scheme can not only ensure the freshness, integrity, confidentiality and authenticity of code update, but also verify that the update is installed correctly on a specific device without any malicious software. Cloned or counterfeit devices can be excluded as the code update is bound to the unpredictable physical properties of underlying hardware. Legitimate devices in an untrustworthy software state can be restored by filling suspect memory with PUF-derived random numbers. After update installation, the initiator of the code update is able to obtain the verifiable software state from device, and the device can maintain a sustainable post-update secure check by enforcing a secure call sequence. To demonstrate the practicality and feasibility, we also implement the proposed scheme on a low-end MCU platform (TI MSP430) by using onboard SRAM and Flash resources

Enabling a Privacy-Preserving Synthesis of Representative Driving Cycles from Fleet Data using Data Aggregation

Driving cycles are of fundamental relevance in the design of vehicle components, in the optimization of control strategies for different drivetrain topologies and the identification of vehicle properties. Ideally, a high quantity of real fleet driving data including varying operation conditions is used to generate representative driving cycles that are the basis for further investigations. Traditionally, a specific testing fleet is employed to gather the driving data. Nevertheless, driving data can nowadays also be gathered from regular production cars, as they are already equipped with the required sensors. This approach would be more real-driving representative and cost efficient, but on the other side imposes new challenges. In particular, gathered driving data has to be handled efficiently and the privacy of individuals must be guaranteed. In this work, an approach to synthesize representative driving cycles using data aggregation is presented. It is shown that the approach is efficient and generates driving cycles with excellent quality when compared to classical approaches, thus acting as an enabler for privacy-preserving techniques.</p

Ageing mitigation techniques for SRAM memories

As CMOS technology scales down, ageing-induced negative-bias temperature instability (NBTI) becomes more pronounced. The impact of NBTI on memory elements of digital circuits is crucial, in particular, in static random-access memory (SRAM) as it is always subject to ageing for whatever value is stored in an SRAM cell. Moreover, the prolonged storage of the same bit patterns in an SRAM can cause asymmetric NBTI stress, which is manifested by the threshold voltage drifts of pMOS transistors. These long-term ageing threshold voltage drifts degrade the static noise margin (SNM) of SRAM as memory. The degradation in SNM due to asymmetric NBTI stress can lead to read stability issues and potentially cause failures. Furthermore, the impact of NBTI on SRAM is not only limited to its usage as a memory but also as a hardware security primitive, namely, SRAM physical unclonable function (SRAM-PUF). The random and unique start-up values (SUVs) of SRAM-PUF can be used as a cryptographic key. Nevertheless, asymmetric NBTI stress may cause errors in SUVs. As the error in the SUVs increases resulting in an increasing area overhead of error correction code (ECC) which is needed to generate an error-free cryptographic key. Following the aforementioned reliability issues, this chapter presents two case studies of ageing mitigation techniques for SRAM as memory and PUF, respectively

Challenges in the Development of a Thiol-Based Broad-Spectrum Inhibitor for Metallo-β-Lactamases

Pathogens, expressing metallo-β-lactamases (MBLs), become resistant against most β-lactam antibiotics. Besides the dragging search for new antibiotics, development of MBL inhibitors would be an alternative weapon against resistant bacterial pathogens. Inhibition of resistance enzymes could restore the antibacterial activity of β-lactams. Various approaches to MBL inhibitors are described; among others, the promising motif of a zinc coordinating thiol moiety is very popular. Nevertheless, since the first report of a thiol-based MBL inhibitor (thiomandelic acid) in 2001, no steps in development of thiol based MBL inhibitors were reported that go beyond clinical isolate testing. In this study, we report on the synthesis and biochemical characterization of thiol-based MBL inhibitors and highlight the challenges behind the development of thiol-based compounds, which exhibit good in vitro activity toward a broad spectrum of MBLs, selectivity against human off-targets, and reasonable activity against clinical isolates