Secure Devices in the Age of IoT and Edge-Computing

Modern sen­sors and actors are con­nec­ted to collect valu­able data or to car­ry out actions. Para­digms such as auto­no­mous dri­ving, smart cities or indus­try 4.0 are rea­li­zed on the basis of the data. Howe­ver, the IoT devices make them attrac­ti­ve tar­gets for attacks. Sin­ce cri­ti­cal infra­st­ruc­tures (power plants, power grids, water sup­ply, …), air­planes, cars, etc. are con­trol­led on the basis of sen­sor values, the con­se­quen­ces of a suc­cess­ful attack can be seve­re. This is par­ti­cu­lar­ly cri­ti­cal as many sen­sors are instal­led in the field and are only weak­ly pro­tec­ted against phy­si­cal attacks. For this rea­son, mani­pu­la­ti­ons of the end devices must be detec­ted at all times and the embed­ded soft­ware must be pro­tec­ted. — PHYSEC Inte­gri­ty sol­ves the­se problem. 

PHYSEC INTEGRITY VERIFICATION The com­pre­hen­si­ve solu­ti­on for the detec­tion of unaut­ho­ri­zed acces­ses and mani­pu­la­ti­ons The com­pre­hen­si­ve solu­ti­on for the detec­tion of unaut­ho­ri­zed acces­ses and manipulations 

Slide PHYSEC extends your secu­ri­ty solu­ti­on to the ent­i­re sys­tem level. While con­ven­tio­nal methods can only pro­tect indi­vi­du­al chips or PCBs, PHYSEC pro­tects the sys­tem as a who­le. PHYSEC extends your secu­ri­ty solu­ti­on to the ent­i­re sys­tem level. While con­ven­tio­nal methods can only pro­tect indi­vi­du­al chips or PCBs, PHYSEC pro­tects the sys­tem as a whole. 

Pro­tec­tion against phy­si­cal attacks
through indi­vi­du­al device fingerprints.

Redu­ced sys­tem cos­ts due to reduced 
requi­re­ments for other components.

Pro­tec­tion against IP theft through the
device bin­ding of the software.


Enclosure-PUF – Innovative System-level Security

The Enclo­sure PUF is desi­gned as a Tam­per Pro­of (detec­tion and respon­se) to pro­tect soft­ware from hard­ware tam­pe­ring. The tech­no­lo­gy detects even the smal­lest chan­ges in the phy­sics of the pro­tec­ted object, even if they occur off­line. Sin­ce an Inter­net con­nec­tion is not requi­red, auto­no­mous devices can also be pro­tec­ted in the field. Sin­ce the tech­no­lo­gy is fun­da­men­tal to sus­tainab­le digi­tiz­a­ti­on, it has alrea­dy recei­ved several awards, inclu­ding the Ger­man IT Secu­ri­ty Award in 2018.

! Nice to know !

A uni­que fin­ger­print of phy­si­cal objects can be crea­ted with the help of elec­tro­ma­gne­tic waves. If the fin­ger­print is then che­cked against an initi­al pat­tern, chan­ges in the object’s con­di­ti­on can be deduced.

Slide 1.
The phy­si­cal feed­back of an object to EM waves is a uni­que pro­per­ty. 2.
This respon­se is mea­su­red and trans­for­med into digi­tal data. 3.
We obtain a uni­que fin­ger­print of the object insi­de its spe­ci­fic envi­ron­ment. 4.
From the­re, we deri­ve a secret key cor­re­la­ted to the phy­si­cal pro­per­ties of the object.

PHYSEC Remote Assessment – Intelligentes Real-time Monitoring

With Mana­ged Vir­tu­al Pro­of of Rea­li­ty (VPoR) we offer the Enclo­sure-PUF as online moni­to­ring and remo­te moni­to­ring in real time. Our modu­lar solu­ti­on is con­nec­ted to exis­ting manage­ment sys­tems via stan­dard inter­faces. The auto­ma­ted record­ing enab­les per­son­nel, time and cost savings.

Innovation

  • Com­bi­na­ti­on of elec­tro­ma­gne­tic mea­su­re­ment methods with cryp­to­gra­phic protocols
  • Detects phy­si­cal chan­ges in the envi­ron­ment (cur­r­ent­ly from 10 cm3 bis 50 m3)
  • Uni­que fin­ger­prints and cryp­to­gra­phic keys from the environment
  • Con­nec­tion of OT and IT
  • patent pen­ding

Added value

  • Lifecy­cle secu­ri­ty: Pro­tects against mani­pu­la­ti­on during dis­tri­bu­ti­on and operation
  • End users can veri­fy the ori­gi­na­li­ty and inte­gri­ty of their systems
  • Pro­tec­tion of local data and embed­ded software
  • Real-time detec­tion of hard­ware mani­pu­la­ti­ons and initia­ti­on of countermeasures

benefits

  • Auto­ma­ted Moni­to­ring Solution
  • Desi­gned as an online (mana­ged) as well as off­line solution
  • Easy retro­fit­ting of exis­ting systems
  • App­li­ca­ti­on-spe­ci­fic adap­t­ati­on and para­me­teriz­a­ti­on possible

Technical details were presented at the the hardwear.io conference 2019:

Applications for the Evaluation of Physical Integrity

IT Systems

  • Edge Com­pu­ting
  • Hard­ware Secu­ri­ty Module
  • VPN Boxes
  • Cloud Ser­ver
  • ATMs
  • Net­work Peri­phe­ry (Rou­ter, Switches, …)

OT Systems

  • Machi­ne Con­trol­ling Modules
  • KRITIS Sys­tems
  • Power Plants Con­trol­ling Systems
  • Base Sta­ti­ons
  • Smart Meter
  • Char­ging Sta­ti­ons for Electric Cars

Logistics

  • Chain of Custody
  • Con­tai­ners
  • Car­go Holds
  • Sto­rages / Silos
  • Safes
  • Bar­rels

! Nice to know !

Arti­fi­cial neural net­works (ANN) account for a lar­ge part of the cur­rent suc­cess of cer­tain AI app­li­ca­ti­ons. They make it pos­si­ble to learn from expe­ri­ence, i.e. data, and to deri­ve a gene­ral rule from a lar­ge num­ber of indi­vi­du­al cases and app­ly it to future cases. They thus not only pro­vi­de the basis for machi­ne lear­ning, but also the rea­son for ground­brea­king achie­ve­ments in the field of arti­fi­cial intelligence.
Advers­a­ri­al examp­les repre­sent a new and par­ti­cu­lar­ly dan­ge­rous class of atta­ckers in the con­text of ANN and sen­sor tech­no­lo­gy. Here, neural net­works are decei­ved by imper­cep­ti­b­ly alte­ring indi­vi­du­al data. — Fur­ther infor­ma­ti­on about the cri­ti­ca­li­ty of the atta­cker class can be found here.

personal consultation

We as PHYSEC ans­wer your questions.
You can talk direct­ly to our executives.

Dr. Chris­ti­an Zen­ger, CEO
Email: christian.zenger@physec.de

Dr. Hei­ko Koep­ke, CFO
Email: heiko.koepke@physec.de