IEEE Computer Symposium – Miami, July 2019

Wolfe Centre

We are delighted to welcome another new guest blogger to contribute to the RISE blog for August 2019. Shichao Yu is a PhD student at Queen’s University Belfast, working in the world class research centre – The Centre for Secure Information Technology (CSIT). Thank you Shichao!

Welcome to Miami – Summer is coming!

Hi, I am Shichao, I am typing this blog shortly after the closing remarks of IEEE Computer Society Annual Symposium on VLSI in Miami, which is excellent and provided me an amazing conference experience. This was my first time in Miami, and this is the first conference I have attend with a poster paper. I travelled from Belfast to Miami, from north to south, feeling like I flew into the summer from winter when I just arrived there. If I choose rainy day as the mark of the climate in Belfast, then Miami’s symbol must be sunshine.

ISVLSI 2019 @ Miami

ISVLSI is an IEEE computer society annual symposium with a history over three decades. It explores emerging trends, novel ideas and basic concepts covering a broad range of VLSI-related topics, which also include new technologies and burgeoning application areas, such as hardware security, and artificial intelligence.

This year’s ISVLSI was held at Florida International University in Wolfe University Center.

What impressed me is that more than 25% of submissions this year related to system design and security (SDS), and the submission number occupies the first in all categories. I can see that the security direction is receiving increasing attention from researchers all over the world.

“Can you trust your machine learning system?”

For Hardware Security, the papers presented in this year’s security session mainly focused on logic obfuscation, side channel susceptibility mitigation, secure zone design on NoC (Network on Chip) and Hardware Trojan. The System Design and Security group covers four sub-sessions in three days and two related special session: “Botnet of Things: Hardware Insecurity in the IoT Era” and “Secure, Smart, Connected Devices for Emergent Applications”, which talk about IoT devices and it’s security problems.

In addition, an enlightening keynote “Can you trust your machine learning system?” presented by Professor Sandip Kundu on the second day really attracted me. This presentation showed the potential security issues of machine learning (ML) and deep learning (DL) at this stage and details the possible attack methods. As the Chinese idiom goes, virtue is one foot tall, the devil ten. It always takes constant vigilance to secure new technologies. (That scares me too Shichao!)

Poster Session

The poster session was held in the afternoon of the first day. We had a big ballroom to hang all 30 posters and 4 research demonstrations. The session last nearly two hours, which is much more than the scheduled time, with continuous technical discussions and social communication.

The paper I presented on my poster was “An Improved Automatic Hardware Trojan Generation Platform”, which is a new method to generate Hardware Trojans (HTs) using a highly configurable generation platform based on transition probability. (WOW :O – great stuff Shichao! \0/)

I always enjoy the discussion with other researchers. But, as I work in hardware security, I really hope that I had explained my poster clearly to some researchers who work in software side.

Until Next Time Miami 🙂

Three days ISVLSI went by too quickly and it was super busy. My record is slightly broken, but the great keynotes and presentations are unforgettable. Miami Beach is also beautiful and relaxing.

In the evening of the last day, I took a photo when blue hour made Miami Beach a little tranquil, and said goodbye to this beautiful city. (Good you got to check out the sandy beaches 🙂 BTW where is our present?? 😀 )

Miami Beach front @ dusk

RISE @ ETSI Security Week 2019

Nice Promenade

Nice to be in Nice

That is an obvious and cheap play on words for the popular South of France destination and a joke I made back in 2016 during the European Championships, but one worth re-cycling for a new audience…

RISE was invited to speak at ETSI Security week, (last week) and we gave an update on hardware security, including the latest R&D from the RISE researchers.

I have to honest with you readers, I can think of worse places to be sent away on business in late June than Nice. If there is any consolation for the readers, we were cooped up in a conference room that was just about underground, with questionable Air-Con and far away from the beaches of the French resort.

ETSI HQ


EDSI @ ETSI Security Week

ETSI stands for the European Telecommunications Standards Institute and is a not-for-profit, and one of only three bodies officially recognized by the EU as a European Standards Organization. Essentially, the Standards people. The ETSI HQ is a short drive from Nice, in Sophia Antipolis.

Tucked away in some very picturesque French hills, Sophia Antipolis, the ‘French Silicon Valley’, is celebrating its fiftieth anniversary this year.

ETSI host multiple events each year and Security Week hosts a couple of hundred people across 5 days, each year in late June. ETSI was established in 1992 and this Security Week was number 13. The great and the good from all over the globe were on site to debate and discuss all things policy related, AI, 5G, IoT and cryptography. To give you an idea of the calibre of people there, two introductions were, “The 3GPP Godfather” and “the Godfather of 3G”; both experts in their field.

RISE gave an update on each of the 8 projects that are now in-life, focusing on hardware security, more specifically on the threat of hardware Trojans and Side-channel attacks and I am delighted to report than we had interest from some major global brands about collaboration moving forward. This can only be good news for UK (and wider afield) consumers.

Les Standards > Les Algorithms (ETSI & IoT)

Earlier this year, ETIS announced a new Technical Specification (TS) for Cyber Security in Consumer IoT – TS 103 645 to be precise, the first globally applicable industry standard for consumer IoT security. This industry standard builds on the Code of Practice from DCMS, but has been designed to work for European and wider global needs. The standard is set to inform, at home and abroad, the development of regulation and industry-led certification schemes. For businesses with an international supply chain and customer base, the standard provides an avenue to pursue a harmonised approach to implementing good security practice for their products. This TS will move to become a European Standard, telecommunications series (EN) and legislation is also looming on the horizon in the UK.

Days 4 & 5 (RISE spoke on Day 5)

What does the ‘S’ stand for in IoT?

This is a good idea. I remember being at CES in 2014 & 2015. In 2014, IoT had just become mainstream, one of the new hype technologies at CES that year, but nobody was talking about security. Thankfully, 12 months later, industry was more aware of the threat landscape about ‘everything being connected’, therefore vulnerable to a range of cyber-attacks, not least botnets. However, industry wanted to promote self-regulation, which still made me concerned for the future of IoT and consumer adoption.

As consumers, we still have the choice to buy a smart gadget, or not. My preference is to avoid smart gadgets where possible. And it isn’t just the security aspects that concern me, privacy is another major aspect around the IoT, not to mention technological obsolescence. 

Fast forward to 2019, here we are with international standards and legislation imminent in the UK around basic consumer IoT security measures. The community is working together to bring more secure IoT products and services to market, meaning the things we use and need, will be secure by design.

Good job ETSI and et al (DCMS, NCSC and the State of California).

Regards from the RISE (EDSI) Rookie

RISE Spring School

RISE hosted a Spring School at  WYNG Gardens, Trinity Hall, University of Cambridge, on 28-29 March 2018.

The final programme of speakers and videos of their presentations are now available here.

Launch of RISE – November 2017

A £5m multi-university Research Institute to improve hardware security and reduce vulnerability to cyber threats has been launched at the Centre for Secure Information Technologies (CSIT), Queen’s University Belfast.

Funded by the Engineering and Physical Sciences Research Council (EPSRC) and the National Cyber Security Centre (NCSC), the Research Institute in Secure Hardware and Embedded Systems

RISE

(RISE) is one of four cyber security institutes in the UK and will be a global hub for research and innovation in hardware security over the next five years.

Cyber threats

RISE will tackle the global problem of cyber threats through four initial component projects, which will be led by UK research partners from Queen’s University, the University of Cambridge, University of Bristol and University of Birmingham. An advisory board will also be created to allow member companies and stakeholders to engage with the research and to inform future funding calls around the Institute’s research challenges.

Following a competitive call by EPSRC and NCSC in March 2017 for a new research institute in Hardware Security, Professor Maire O’Neill, a leading cryptography expert at Queen’s University, was selected as Director. Based at CSIT, Professor O’Neill will work towards increasing the nation’s academic capability in all fields of hardware security.

CSIT, an Academic Centre of Excellence in Cyber Security Research, is based at Queen’s University’s Institute of Electronics, Communications and Information Technology (ECIT), located in the Northern Ireland Science Park. In 2015, CSIT received a Queen’s Anniversary Prize for strengthening global cyber security and protecting the online activity of billions of internet users around the world.

Internet of Things

The Internet of Things has led to increased demand for hardware security research and innovation with growing security needs in embedded and networking devices, as well as in cloud services. An increase in the use of smart devices means that there are now many new attack methods and surfaces for criminals and hackers to exploit. Recent attacks against personal computers, mobile devices, smart meters, home automation devices and network-connected cars have posed serious security and privacy issues.

Counterfeit devices are also an issue, which could lead to cloned hardware and further attack surfaces for hackers.

Commenting on the announcement, Professor O’Neill said: “There is huge demand for hardware security research and innovation. As CSIT is renowned for its high-quality research in this field, and its emphasis on commercialisation of research, we are delighted to host RISE.

“RISE is in an excellent position to become the go-to place for high quality hardware security research. A key aim is to bring together the hardware security community in the UK and build a strong network of national and international research partnerships.

“We will also work closely with leading UK-based industry partners and stakeholders, transforming research findings into products, services and business opportunities, which will benefit the UK economy.”

Professor Philip Nelson, Chief Executive of EPSRC, said: “The new Research Institute will increase our understanding of hardware security technology, leading to pioneering new approaches and fostering collaboration between leading researchers, the National Cyber Security Centre and industry partners to make the UK a more resilient nation.”

Game changer

Dr Ian Levy, NCSC Technical Director, said: “I’m delighted to see the formation of our latest Research Institute, RISE, concentrating on the potential of new hardware security technologies.

“I think that the inclusion of hardware-based security capabilities in commodity devices could be a game changer in our fight to reduce the harm of cyberattacks and so I’m really pleased to see a strong set of initial research projects.”