18 research outputs found
An Innovative Strategy Based on Secure Element for Cyber–Physical Authentication in Safety-Critical Manufacturing Supply Chain
This research has been founded by the European Union’s Horizon 2020 Research and Innovation program under grant agreement No. 871518, a project named, A COmprehensive cyber-intelligence framework for resilient coLLABorative manufacturing Systems, COLLABS [55].The accurate tracking of every production step and related outcome in a supply chain is a stringent requirement in safety-critical sectors such as civil aviation. In such a framework, trusted traceability and accountability can be reliably and securely managed by means of blockchain-based solutions. Unfortunately, blockchain cannot guarantee the provenance and accuracy of the stored information. To overcome such a limitation, this paper proposes a secure solution to strongly rely on the tracking information of the physical assets in the supply chain. The proposed solution exploits Hardware Security Modules (HSMs) to provide required cryptographic primitives through a Near-Field Communication (NFC) connection. In our approach, each transfer of the assets is authenticated, verified, and recorded in the blockchain through the HSM. Transaction entries are signed, thus providing a guarantee of ownership and authenticity. The proposed infrastructure has been subject of an exhaustive security analysis and proved resilient against counterfeiting attempts, stakeholder repudiations, and misleading information.Horizon 2020 Framework Programme
871518 H202
Table-Free Seed Generation for Hardware Newton–Raphson Square Root and Inverse Square Root Implementations in IoT Devices
Consejeríaa de Economía y Conocimiento de la Junta de Andalucía y el Fondo Europeo de Desarrollo Regional (FEDER) bajo el proyecto B-TIC-588-UGR2
A compact model of the ZARC for circuit simulators in the frequency and time domains
Equivalent-circuit models containing fractional-order elements are often employed to make use of fractionalorder
calculus in the frequency and time domains in a variety of applications. Many of these circuits contain
constant-phase elements that appear in parallel with a resistor in a configuration called ZARC. But to avoid
fractional order derivatives and include it in circuit simulators, the ZARC itself can also be replaced by
equivalent circuit models that only contain integer order elements, such as resistors and capacitors. In this
article, a novel compact model is presented to substitute the ZARC by a multiple-RC network. This model is
valid for a continuous value of the order exponent and is applicable over a very wide range of frequencies,
making it useful in both the frequency and time domains. Since it uses only basic functions and operators, it
has been easily implemented as a subcircuit in circuit simulators. The validity of the model has been verified
and it has been compared with some previously proposed passive circuit models. The model has also been
discussed in relation to the initialization problem, which is an often overlooked challenge in fractional-order
circuits.Universidad de Granada/CBU
Dracon: An Open-Hardware Based Platform for Single-Chip Low-Cost Reconfigurable IoT Devices
The development of devices for the Internet of Things (IoT) requires the rapid prototyping
of different hardware configurations. In this paper, a modular hardware platform allowing to
prototype, test and even implement IoT appliances on low-cost reconfigurable devices is presented.
The proposed platform, named Dracon, includes a Z80-clone microprocessor, up to 64 KB of RAM,
and 256 inputs/outputs (I/Os). These I/Os can be used to connect additional co-processors within
the same FPGA, external co-processors, communications modules, sensors and actuators. Dracon also
includes as default peripherals a UART for programming and accessing the microprocessor, a Real
Time Clock, and an Interrupt Timer. The use of an 8-bit microprocessor allows the use of the internal
memory of the reconfigurable device as program memory, thereby, enabling the implementation of
a complete IoT device within a single low-cost chip. Indeed, results using a Spartan 7 FPGA show
that it is possible to implement Dracon with only 1515 6-input LUTs while operating at a maximum
frequency of 80 MHz, which results in a better trade-off in terms of area and performance than other
less powerful and less versatile alternatives in the literature. Moreover, the presented platform allows
the development of embedded software applications independently of the selected FPGA device,
enabling rapid prototyping and implementations on devices from different manufacturers.Junta de AndaluciaEuropean Commission B-TIC-588-UGR2
Fine-Grained Access Control with User Revocation in Smart Manufacturing
This research has been founded by the European Union’s Horizon 2020 Research and
Innovation program under grant agreement No. 871518, a project named COLLABS [19].Collaborative manufacturing is a key enabler of Industry 4.0 that requires secure data sharing among multiple parties. However, intercompany data-sharing raises important privacy and security concerns, particularly given intellectual property and business-sensitive information collected by many devices. In this paper, we propose a solution that combines four technologies to address these challenges: Attribute-Based Encryption for data access control, blockchain for data integrity and non-repudiation, Hardware Security Modules for authenticity, and the Interplanetary File System for data scalability. We also use OpenID for dynamic client identification and propose a new method for user revocation in Attribute-Based Encryption. Our evaluation shows that the solution can scale up to 2,000,000 clients while maintaining all security guarantees.European Union’s Horizon 2020, 87151
Integration of Hardware Security Modules and Permissioned Blockchain in Industrial IoT Networks
Hardware Security Modules (HSM) serve as a hardware based root of trust that offers physical
protection while adding a new security layer in the system architecture. When combined with decentralized
access technologies as Blockchain, HSM offers robustness and complete reliability enabling secured end-toend
mechanisms for authenticity, authorization and integrity. This work proposes an ef cient integration of
HSM and Blockchain technologies focusing on, mainly, public-key cryptography algorithms and standards,
that result crucial in order to achieve a successful combination of the mentioned technologies to improve the
overall security in Industrial IoT systems. To prove the suitability of the proposal and the interaction of an
IoT node and a Blockchain network using HSM a proof of concept is developed. Results of time performance
analysis of the prototype reveal how promising the combination of HSMs in Blockchain environments is.Infineon Technologies AGEuropean Union's Horizon 2020 Research and Innovation Program through the Cyber Security 4.0: Protecting the Industrial Internet of Things (C4IIoT) 833828FEDER/Junta de Andalucia-Consejeria de Transformacion Economica, Industria, Conocimiento y Universidades B-TIC-588-UGR2
Secure Sensor Prototype Using Hardware Security Modules and Trusted Execution Environments in a Blockchain Application: Wine Logistic Use Case
The security of Industrial Internet of Things (IIoT) systems is a challenge that needs to be
addressed immediately, as the increasing use of new communication paradigms and the abundant
use of sensors opens up new opportunities to compromise these types of systems. In this sense,
technologies such as Trusted Execution Environments (TEEs) and Hardware Security Modules
(HSMs) become crucial for adding new layers of security to IIoT systems, especially to edge nodes
that incorporate sensors and perform continuous measurements. These technologies, coupled with
new communication paradigms such as Blockchain, offer a high reliability, robustness and good
interoperability between them. This paper proposes the design of a secure sensor incorporating
the above mentioned technologies—HSMs and a TEE—in a hardware device based on a dual-core
architecture. Through this combination of technologies, one of the cores collects the data extracted by
the sensors and implements the security mechanisms to guarantee the integrity of these data, while
the remaining core is responsible for sending these data through the appropriate communication
protocol. This proposed approach fits into the Blockchain networks, which act as an Oracle. Finally,
to illustrate the application of this concept, a use case applied to wine logistics is described, where
this secure sensor is integrated into a Blockchain that collects data from the storage and transport of
barrels, and a performance evaluation of the implemented prototype is providedEuropean Union’s Horizon Europe research and innovation program through the funding project
“Cognitive edge-cloud with serverless computing” (EDGELESS) under grant agreement number
101092950FEDER/Junta de Andalucia-Consejeria de Transformacion
Economica, Industria, Conocimiento y Universidades under Project B-TIC-588-UGR2
Time- and Amplitude-Controlled Power Noise Generator against SPA Attacks for FPGA-Based IoT Devices
Power noise generation for masking power traces is a powerful countermeasure against
Simple Power Analysis (SPA), and it has also been used against Differential Power Analysis (DPA) or
Correlation Power Analysis (CPA) in the case of cryptographic circuits. This technique makes use of
power consumption generators as basic modules, which are usually based on ring oscillators when
implemented on FPGAs. These modules can be used to generate power noise and to also extract
digital signatures through the power side channel for Intellectual Property (IP) protection purposes.
In this paper, a new power consumption generator, named Xored High Consuming Module (XHCM),
is proposed. XHCM improves, when compared to others proposals in the literature, the amount of
current consumption per LUT when implemented on FPGAs. Experimental results show that these
modules can achieve current increments in the range from 2.4 mA (with only 16 LUTs on Artix-7
devices with a power consumption density of 0.75 mW/LUT when using a single HCM) to 11.1 mA
(with 67 LUTs when using 8 XHCMs, with a power consumption density of 0.83 mW/LUT). Moreover,
a version controlled by Pulse-Width Modulation (PWM) has been developed, named PWM-XHCM,
which is, as XHCM, suitable for power watermarking. In order to build countermeasures against
SPA attacks, a multi-level XHCM (ML-XHCM) is also presented, which is capable of generating
different power consumption levels with minimal area overhead (27 six-input LUTS for generating
16 different amplitude levels on Artix-7 devices). Finally, a randomized version, named RML-XHCM,
has also been developed using two True Random Number Generators (TRNGs) to generate current
consumption peaks with random amplitudes at random times. RML-XHCM requires less than
150 LUTs on Artix-7 devices. Taking into account these characteristics, two main contributions
have been carried out in this article: first, XHCM and PWM-XHCM provide an efficient power
consumption generator for extracting digital signatures through the power side channel, and on the
other hand, ML-XHCM and RML-XHCM are powerful tools for the protection of processing units
against SPA attacks in IoT devices implemented on FPGAs.Junta de AndaluciaEuropean Commission B-TIC-588-UGR2
Revisiting Multiple Ring Oscillator-Based True Random Generators to Achieve Compact Implementations on FPGAs for Cryptographic Applications
FEDER/Junta de Andalucía-Consejería de Transformación
Económica, Industria, Conocimiento y Universidades/Proyecto B-TIC-588-UGR2
Non-Intrusive Tank-Filling Sensor Based on Sound Resonance
Different types of fill-level measurement systems exist in the market, but most of them
imply some type of intrusion in the tank itself. In this paper, a reconfigurable system based on sound
resonance for measuring the fill-level of a tank from the exterior is presented. A relation between
sound resonance frequencies and the content of the tank has been found, especially as the tank
gets closer to being full. A prototype has been created using reconfigurable technologies combined
with wireless communications in order to control the system from an ad hoc application. With this
prototype, the fill-level of different tanks has been measured with good resolution, especially when
the tank is over half of its capacity