Research institute to tackle hardware security, cyber threats

　　The Centre for Secure Information Technologies (CSIT) at Queen's University Belfast has launched a new research institute whose goal is to improve hardware security and reduce vulnerability to cyber threats.

　　According to CSIT, the Research Institute in Secure Hardware and Embedded Systems (RISE), one of four cyber security institutes in the UK, will be a global hub for research and innovation in hardware security over the next five years.

　　Professor Maire O’Neill, a cryptography expert at Queen’s University, has been named director of RISE. She said: “RISE is in an excellent position to become the ‘go-to’ place for high quality hardware security research. A key aim is to bring together the hardware security community in the UK and build a strong network of national and international research partnerships.

　　“We will also work closely with leading UK-based industry partners and stakeholders, transforming research findings into products, services and business opportunities, which will benefit the UK economy.”

　　Funded by EPSRC and the National Cyber Security Centre (NCSC), RISE represents a ?5million investment. It will address cyber threats through four initial component projects, involving Queen’s University, the University of Cambridge, University of Bristol and University of Birmingham.

　　Dr Ian Levy, NCSC technical director, said: “I think that the inclusion of hardware-based security capabilities in commodity devices could be a game changer in our fight to reduce the harm of cyberattacks and so I’m really pleased to see a strong set of initial research projects.”

　　RISE will initially host four research projects, with involvement from academics at the universities of Bristol, Birmingham and Cambridge, as well as work by Prof O’Neill.

　　Birmingham’s project will be led by Professor Mark Ryan, who will be exploring user controlled hardware security. According to Prof O’Neill, this project will look at roots of trust. “Often, these are proprietary and closed,” she explained, “but some attacks have already found weaknesses. Prof Ryan’s work will look to make roots of trust more user friendly and to build demonstrators of how they can be used in a range of applications.”

　　Cambridge will be working on IOSec protection and memory safety. Professor Simon Moore, along with Drs Rob Watson and Theo Markettos, will be exploring interfaces such as USB-C. “These interfaces have proved vulnerable,” Prof O’Neill said, “so the team wants to go back to scratch to design interfaces which have security built in from the start.”

　　Dr Dan Page from Bristol is running the SCARV project – side channel hardened RISC-V platform. “This will look to create a more open, well evaluated platform with resistance to attack and which is more flexible to use,” Prof O’Neill continued.

　　Finally, Prof O’Neill will be working on side channel analysis and trojan detection, with a focus on EDA tools. “I’m looking to build a verification process that allows those not expert in security to find ways to improve their designs.

　　“We have seen that neural networks can be used to get past counter measures and access private keys. I’m going to look at ways to prevent this from happening in the future.”