Welcome to Embedded Computing Security (ECS) Lab at San Francisco State University. We work on novel design techniques and methodologies for securing hardware and embedded systems. We develop novel designs and architectures for the improvement of hardware-based random functions that meet the desired requirements of new embedded system security needs. In other words, we are developing advanced methods of improving security of hardware, making sure hardware is secure from the beginning. Our solutions can be used to provide physical objects security in a variety of different applications such as the Internet of Things (IoT). We also apply Machine Learning (ML) techniques to ensure security and trustworthiness of integrated circuits (ICs) and systems in which they are deployed by hardware security primitive. Please visit our “Research” and “Publication” list to get a sense of research that we are involved in ECS Lab.
- Hardware-Intrinsic Security
Hardware-Intrinsic Security deals with secure secret key storage. By generating the secret keys from the intrinsic properties of the silicon, e.g., from intrinsic physical unclonable functions (PUFs) and true random number generations (TRNGs), no permanent secret key storage is required anymore and the key is only present in the device for a minimal amount of time. On the other hand, the field of Hardware Intrinsic Security is extension to hardware-based security primitives (PUFs and TRNGs).
PUFs can derive secrets from the complex physical characteristics of ICs rather than storing the secrets in digital memories. PUFs can significantly increase physical security by generating volatile secrets (keys) that only exist in a digital form when an IC is powered on and operating. TRNGs are important security primitive used in a variety of applications including cryptographic algorithms, statistics, communication systems, simulations, etc. It is critical that a TRNG be able to produce outputs consisting of fully unpredictable and unbiased bits in a cost-effective manner. In general, these hardware security primitives should provide low-cost and efficient trustworthiness of the physical hardware platforms. One should note that while these primitives can provide advantages to ICs, there are properties and details of the design that need to be considered (e.g. power usage, overhead, heat).
- Internet of Things (IoT) and Cyber-Physical Systems (CPS) Security
IoT is the ability of everyday devices to connect and transfer data to each other, is already carving out a place in the consumer market. Both CPS and IoT play an increasingly important role in critical application of our everyday life such as medical, banking, govermental, infrastructure, home use, smart grid, etc. With the exponential growth and adoption of IoT components, there are fundamental and enormous security concerns and risks associated with the interaction of potentially unsecure devices. The problem with this fundamental desire for greater interconnectivity of digital lives is that the expansion of IoT and CPS will broaden the potential attack surface for cyber-criminals and hackers. Due to the increasing sophistication of these malicious individuals, new methods of authentication need to be developed in order to establish safe and secure communication or exchange of sensitive data over the IoT. Proactive and coordinated efforts are needed to strengthen security and reliance for CPS and IoT.
- Machine Learning (ML) in Enhanced Hardware Security
Machine learning algorithms use computational methods to “learn” information directly from data without relying on a predetermined equation as a model. Machine learning is so pervasive today that you probably use it dozens of times a day without knowing it. The ML techniques are enhanced and promising methods for hardware security. They can provide strong predictive modeling and anomaly detection in order to secure hardware and embedded devices. In fact, ML techniques ensure security and trustworthiness of integrated circuits (ICs) and systems.
- Embedded System Design Security
An embedded system is a dedicated computer system designed for a specific function. Security has always been an afterthought in computer systems design, particularly in the design of the type of embedded systems found in large scale infrastructure. Security must be a first-class design objective from the start. Therefore, improving the design of secure embedded systems which are the backbone of many of our critical infrastructure systems including transportation, energy, manufacturing, etc. is a serious need.
Graduate and Undergraduate Students:
- Shubhankar Samar Pataskar (Grad)
- Juan C. Angeles Acuna
- Jerin Johnson (Grad)
- Dylan Wright
- Rohan Panda (Grad)
- QuangMinh Ho
- Anugayathiri (Anu) Pugazhenthi (Grad)
- Sreetama Chowdhury, Mission San Jose High School, 2018
- Selena Sun, Carlmont High School, 2018
- John Chandy, University of Connecticut
- Nima Karimian, San Jose State University
- Hamid Mahmoodi, San Francisco State University
- Domenic Forte, University of Florida
- Mehran Mozaffari Kermani, University of South Florida
- Stefan Katzenbeisser, Technische Universität Darmstadt