The main goal of SPIRS is to establish chains of trust rooted in the silicon manufacturing process for ICT systems, and apply them in improving the supply chain for networked infrastructures.
To achieve this main objective, SPIRS has to handle the following specific objectives:
Objective 1. Design of a platform with a tamper-proof silicon RoT that:
- Derives its cryptographic identity (device’s secret key) from
manufacturing variation measured by a PUF. - Incorporates crypto hardware modules with DPA and FA protection.
- Generates a Trust Flag if all internal blocks are operating properly and
no attacks are detected.
Objective 2. Design of a TEE using the silicon RoT:
- To provide a secure boot process in either a local or remote client
setting. - To ensure runtime integrity of executed files.
- To provide the client with an attestation to its state that can be
compared against a manufacturer list of trustworthy states. - Token generation from privacy-friendly credentials, on the grounds of
data minimality and assurance by TEE. - Deployment of privacy respectful audit trails to identify security
threats and monitor performance.
Objective 3. Integration of the platform into network infrastructures using the silicon RoT:
- To extend the attestation mechanisms in order to support remote
attestation. - To integrate the attestation procedures with network orchestration,
operation and management. - To provide a set of (virtualized) network functions supporting the
extended security model enabled by the above. - Leverage PUFs and Distributed Ledger Technologies (DLTs) for security
monitoring in SDLC.
Objective 4. Implementation of the platform:
- Design a secure IoT hardware platform generation framework with RoT
capabilities. - Using a processor core with an open-source hardware Instruction Set
Architecture (ISA) based on established reduced instruction set
computer (RISC) principles. - Evaluating its performance on programmable devices (FPGAs).
- Evaluating its performance on ASICs using a nanometer technology.
- Leverage PUFs and DLTs for security monitoring in HDLC.
Objective 5. Evaluation of the platform in different scenarios:
- Data minimization and privacy respectful Authentication, Authorization
and Audit (AAA). - Extended network gateway supporting enhanced security and privacy
in IoT device connections. - Industry 4.0.
- 5G Communication Infrastructure and management systems.