Cyber-Physical Security

Cyber-Physical Security

Ein Bild einer Glühbirne mit Zahnrädern – ©

Cyber-Physical Security

Cyber-physical systems cover a variety of mobile and embedded devices that combine IT and physical mechanisms, such as RFIDs, Sensors, and Smartphones. These systems have become an integral part of our everyday lives. Moreover, embedded computer platforms like Smartphones (and even sensor nodes) are getting more and more powerful. Cyber-physical systems hold enormous potential for a wide range of applications, and they are enablers for many future technologies. At the same time, the growing popularity and widespread use of cyber-physical systems, along with the fact that they are increasingly employed to process and store sensitive, security-critical data, makes them attractive targets for all kinds of software (e.g. viruses and Trojans) or hardware (e.g. side channel) attacks. Traditional security measures and concepts have proved to be inadequate in practice.

Our research targets the security and privacy aspects of cyber-physical systems and their communication channels. In this context, we investigate hardware fingerprints such as Physically Unclonable Functions (PUFs) and radio fingerprints, which enable the unique identification of devices and can be integrated into cryptographic schemes and security protocols.

We developed a formal security model for PUFs that allows for a meaningful security analysis of security primitives taking advantage of physical properties, which are becoming increasingly important in the development of the next generation secure information systems.

Further, we developed a hardware-based attestation technique for checking the integrity of remote devices. Our scheme does not require complex security hardware and combines the principles of software-based attestation with PUFs. Due to the tamper-evidence property of the PUF, our scheme provides assurance of the integrity of the device’s hardware and software.

Moreover, we investigated logically reconfigurable PUFs (LR-PUFs), which can be dynamically reconfigured after deployment. LR-PUFs are required in a variety of PUF-based application. Examples include secure deletion and/or update of cryptographic secrets in PUF-based key storage and hardware-entangled cryptography, solutions to prevent downgrading of software, and recyclable wireless access tokens, which cannot be realized with conventional, typically static PUFs.

Related Projects

  • UNI­QUE (Foundations for Forgery-Resistant Security Hardware)