3 research outputs found
A Survey on Trust Metrics for Autonomous Robotic Systems
This paper surveys the area of Trust Metrics related to security for
autonomous robotic systems. As the robotics industry undergoes a transformation
from programmed, task oriented, systems to Artificial Intelligence-enabled
learning, these autonomous systems become vulnerable to several security risks,
making a security assessment of these systems of critical importance.
Therefore, our focus is on a holistic approach for assessing system trust which
requires incorporating system, hardware, software, cognitive robustness, and
supplier level trust metrics into a unified model of trust. We set out to
determine if there were already trust metrics that defined such a holistic
system approach. While there are extensive writings related to various aspects
of robotic systems such as, risk management, safety, security assurance and so
on, each source only covered subsets of an overall system and did not
consistently incorporate the relevant costs in their metrics. This paper
attempts to put this prior work into perspective, and to show how it might be
extended to develop useful system-level trust metrics for evaluating complex
robotic (and other) systems
Designing a side channel resistant random number generator
Abstract. This paper describes the design of the random number generator (RNG) in the Caernarvon high assurance smart card operating system. Since it is used in the generation of cryptographic keys and other sensitive materials, the RNG has a number of stringent security requirements that the random bits must be of good quality i.e. the bits must not be predictable or biased. To this end, a number of standards such as the German AIS 31 mandate that true random bits be continuously tested before use in sensitive applications such as key generation. A key issue in implementing this standard is that such testing before use in key generation greatly increases the attack surface for side-channel attacks. For example, template attacks which can extract information about the random bits from even a single run provided we use the same bits at many different points in the computation. Because of these potential risks, the Caernarvon operating system uses pseudo random number generators which are initially seeded by externally generated high quality random bits, and then perturbed by bits from the true random number generator. We describe a PRNG design which yields high quality random bits while also ensuring that it is not susceptible to side-channel attacks and provide an informal argument about its effectiveness