Munich, Germany – Coordinated by Infineon Technologies AG, the research project ” Design methods and hardware/software co-verification for the unique identifiability of electronic components” ( VE-VIDES) has begun operations. Twelve partners from the research and academic sectors as well as from electronics and end user industries are working together to develop a holistic security concept for the Internet of Things. The VE-VIDES goal is to already systematically identify potential security gaps in the design phase and to use automatically generated, trustworthy mechanisms to protect electronic systems against attack. The German Federal Ministry of Education and Research is supporting the project as part of its funding measure “Trustworthy Electronics (ZEUS).
“We rely on electronic systems in almost every aspect of our lives and our work. These systems make our lives easier, safer and greener. We need trustworthy electronics if we want to really be able to rely on them,” says Infineon’s Djones Lettnin, head of the alliance project. “In VE-VIDES our focus is on securing the trustworthiness of system hardware while taking the direct interfaces to trustworthy firmware and software components into account.”
It is already necessary to plan for and secure the trustworthiness of a system and for all subcomponents during design at the architecture level. VE-VIDES is therefore researching trustworthy development and verification processes which give electronic systems verifiable and, whenever possible, quantifiable protection against attacks. The design methods, tool chains and test suites emerging from this alliance project will give a solid foundation to future development tools for trustworthy electronics and will thus contribute to the technical and technological sovereignty of Germany and Europe.
The essential attack scenarios for electronic systems are:
- Attacks via the internet (hacking) in which intentionally integrated backdoors and trojans or accidentally overlooked vulnerabilities are exploited in order to change the target system’s functionality or steal data stored within the system
- Electronic, optical or physical attacks on integrated circuits in order to steal intellectual property or illegally read out or modify data
The leading institution for cataloging cyber-security vulnerabilities, CVE-MITRE, expects a potential 43 percent reduction in overall system vulnerability when vulnerabilities in trustworthiness are already eliminated at the hardware level 2. System-level approaches, including access restrictions and redundancy, currently help protect against attacks and reduce security risks. VE-VIDES applies a holistic security concept here to improve the development processes for trustworthy electronics systems and their integration along global value chains. The concept employs an innovative IP design and verification flow to ensure the trustworthiness of security-critical electronics systems in particular.
VE-VIDES follows an application-oriented approach, bringing together companies from important industry sectors such as Automotive and Industry 4.0 with supplier, development and research partners.
1 Project label 16ME0243K through 16ME0254
2 F. Farahmandi et al. “System-on-Chip Security: Validation and Verification”, Springer Nature, 2020