EPSRC logo

Details of Grant 

EPSRC Reference: EP/Y030168/1
Title: Chameleon: Dynamic Device-Unique Confidentiality and Fingerprinting
Principal Investigator: Howells, Professor G
Other Investigators:
Shepherd, Dr C Alsusa, Dr E
Researcher Co-Investigators:
Project Partners:
NASA JPL
Department: Computer Sci and Electronic Engineering
Organisation: University of Essex
Scheme: Standard Research - NR1
Starts: 01 January 2024 Ends: 31 December 2025 Value (£): 783,319
EPSRC Research Topic Classifications:
Networks & Distributed Systems
EPSRC Industrial Sector Classifications:
Information Technologies
Related Grants:
Panel History:  
Summary on Grant Application Form
The focus of this proposal is to directly address the requirements of the stakeholder use cases presented within the sandpit for protecting devices' intellectual property (IP) and communicating with co-located devices. The prevalence of connected devices-including for remote surveillance and in hostile environments-requires deploying vast amounts of proprietary code and data. This IP is a highly attractive target for adversaries in the field, who may seize devices and perform forensic analysis [1-3]. Ultimately, this limits the devices that can be deployed in mission scenarios to those of lower value with fewer capabilities. Existing solutions to protecting code and data under execution have significant issues. Trusted execution environments, e.g. ARM TrustZone and Intel SGX, have been subjected to myriad attacks that undermine their claimed security guarantees [4-7]. Work continues to show how operating system controls and hardware modules, e.g. Trusted Platform Module (TPM), and physically unclonable functions (PUFs), can be compromised [8-11]. Purely cryptographic solutions, e.g. homomorphic encryption, do not protect code confidentiality and impose performance penalties making them unsuitable for constrained devices.

In our view, this problem requires a radical shift through a hardware-software co-design approach that preserves confidentiality by design. At the heart of this problem, modern processor designs are inherently insecure by design. CPU pipelines, cache hierarchies, register contents, and the associated data and instructions remain exposed in the clear. To address this, our project aims to provide continuous encryption of device assets by combining contextual factors and instruction set randomisation (ISR), linking the execution platform to its deployment environment. Hence, adapting to its environment analogous to a chameleon. A Chameleon platform will always store its code and data in encrypted form in its memory units, and decrypted only when necessary by the CPU's functional units; results are re-encrypted back into memory units for future use. Uniquely, the platform derives ISR cryptographic keys from easily obtainable contextual attributes which are infeasible for attackers to replicate (e.g. inherent noise characteristics of hardware sensors). If a platform is removed from its deployed environment, a new key will be generated, preventing the decryption of its IP. Relying on long-term static keys is avoided, which have been a single point of failure in existing systems. We envisage Chameleon finding use in high-value devices in high-risk environments where physical threats are reasonable, e.g. unmanned aerial vehicles; fixed monitoring devices, e.g. cameras and sensors; and actuators in industrial Internet of Things (IIoT) and critical national infrastructure.
Key Findings
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
Potential use in non-academic contexts
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
Impacts
Description This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
Summary
Date Materialised
Sectors submitted by the Researcher
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
Project URL:  
Further Information:  
Organisation Website: http://www.sx.ac.uk