• Saltar a la navegación principal
  • Saltar al contenido principal
  • Saltar a la barra lateral principal
  • Saltar al pie de página
  • About SPIRS
    • Brief Info
    • Concept
    • Objetives
    • Use cases
    • Work Plan
  • Consortium
  • Resources
    • Deliverables
    • Material
  • Dissemination
    • Publications
    • Events
    • Videos
    • Leaflet
    • Newsletter archive
    • Blog
  • Contact
  • Private Area
SPIRS

SPIRS

SECURE PLATFORM FOR ICT SYSTEMS ROOTED AT THE SILICON MANUFACTURING PROCESS (SPIRS)

Home > About Spirs > Concept

Concept

Our society is continuously demanding more and more intelligent devices, along with network infrastructures and distributed services that make our daily lives more confortable. This revolution has also reached the industrial sector, transforming traditional factories into smart factories, with the objective of enhancing supply chain and manufacturing. However, the frantic adoption of Internet of Things (IoT) technologies in multiple application domains has led to widespread implementations without a deep analysis about the vulnerabilities that IoT devices are exposed to.

SPIRS addresses innovative approaches to provide security and data-privacy to future Information and Communications Technology (ICT) elements.

SPIRS encompasses the complete design of a platform, so-called SPIRS platform, which integrates a hardware dedicated Root of Trust (RoT) and a processor core with the capability of offering a full suite of security services. Furthermore, the SPIRS platform will be able to leverage this capability to support privacy-respectful attestation mechanisms and enable trusted communication channels across 5G infrastructures and the respective management domains.

RoT is implemented in hardware with a dedicated circuitry to extract a unique digital identifier for the SPIRS platform during its entire lifetime. A silicon CMOS Physical Unclonable Function (PUF) is used to derive the device’s identity, exploiting tiny variations in CMOS manufacturing process. The RoT also integrates attack resistant cryptographic hardware cores that incorporate countermeasures, so minimizing the vulnerability against side-channel (SCA) and fault injection (FA) attacks, and increasing the performance of the approach in terms of timing and power consumption. The security of the core is reinforced with the implementation of a mutual authentication scheme between the RoT and the embedded software. To build a complete solution, the project also features a Trusted Execution Environment (TEE), secure boot, and runtime integrity. Furthermore, resilience and privacy protection are major concerns in this project, and it endeavours to the design of a decentralized trust management framework targeted to minimize the impact of Single Point of Failure (SPOF) risks and achieve adequate security and privacy trade-offs. To facilitate the tasks of validation and testing, the SPIRS platform is conceived as an open platform that can easily integrate other IP modules and facilitates upgrades.

The SPIRS project goes beyond the construction of the SPIRS platform and it provides solutions to integrate it in the deployment of cryptographic protocols and network infrastructures in a trustworthy way, leveraging the RoT provided by the platform. This includes the implementation of chains of trust using the physical identity, also known as trust anchor, derived from the PUF suitable for remote and direct anonymous attestation, and its integration with network orchestration mechanisms endorsing security and privacy protection in edge and cloud infrastructures. The SPIRS project will extend existing open-source network orchestration frameworks to demonstrate the applicability of these trust anchors and attestation procedures in the development of IoT network gateways building a Trusted Network Edge Device (TNED). In addition, the ambition of the project is to ease the design of secure and privacy-friendly IoT architectures by developing a hardware design integration framework. This framework will bring flexibility to the design of the SPIRS architecture, will automate its validation and participate to the continuum of the chain of trust from the hardware up to the network.

SPIRS platform can be integrated in applications and services for multiple sectors. To validate this, the project plans to demonstrate its results considering two different scenarios: Industry 4.0 and 5G networking.

Share this page

Barra lateral principal

About Spirs
  • Brief Info
  • Concept
  • Objetives
  • Use cases
  • Work Plan
Latest News
  • SPIRS Newsletter 1 (available in Resources/Material)
  • SPIRS Whitepaper: use cases (available in Resources/Material)
  • David Arroyo (CSIC) participated in the CEN/CLC #JTC13 ‘Cybersecurity and Data Protection’ WG and 14th #Plenary meeting, promoted by UNE – Asociación Española de Normalización (Nov 9-10, 2022)
  • SPIRS Annual Meeting hosted by CSIC-ITEFI (October 24-25, Madrid)
  • Invited talk «Tales of a failure: seeking for bitflips in the wild»

Footer

Newsletter subscription



    European Union flag

    The SPIRS Project has received funding from the European Union’s Horizon 2020 research and innovation programme under the Grant Agreement Nº 952622.

    Follow us

    (C) 2023. SPIRS | Privacy Policy | Cookie Policy

    We are using cookies to give you the best experience on our website.

    You can find out more about which cookies we are using or switch them off in settings.

    Privacy Overview
    SPIRS

    This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

    Strictly Necessary Cookies

    Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

    If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.

    Cookie Policy

    More information about our Cookie Policy