We are living in the Digital Age. Every day we interact with a multitude of electronic devices which are increasingly pervasive, mobile, and highly integrated. As Moore’s law continues to hold true, mobile and embedded systems will become even more highly integrated, computationally powerful, and inter-connected, which in turn will enable many new application scenarios. In particular, we are seeing the emergence of converged solutions that combine personal mobile devices (e.g. smartphones) with the many embedded systems we interact with on a daily basis. Furthermore, these converged solutions are leveraging the cloud to enable new services and business models.
While the benefits to society are enormously valuable, this trend also introduces substantial security risks. Mobile phones today store/process security-critical and privacy-sensitive data and will soon manage all aspects of an individual’s digital life. Similarly, tiny embedded controllers will control automobiles, homes, industry, and most other parts of our physical lives. To continue reaping productivity gains, we must mitigate these risks by dramatically increasing the trustworthiness of devices that form the bedrock of this connected world.
Today, we have launched the Intel Collaborative Research Institute for Secure Computing (ICRI-SC) @ TU-Darmstadt to address this urgent need. TU-Darmstadt is a top university in Germany and a major player in the EU for security research. The Center for Advanced Security Research Darmstadt (CASED) is the entity within TU-Darmstadt where security research is concentrated. The Institute will bring together thought leaders from Intel and CASED to conduct research and deliver early prototypes that demonstrate how to advance the trustworthiness (safety, dependability, reliability) of our mobile and embedded systems.
The Institute will focus on 3 research themes in the context of Mobile & Embedded systems:
- Novel Usage Models will be systematically explored in order to investigate the threat landscape and develop security architectures and requirements that deliver enhanced trustworthiness across a range of market segments. The initial focus will be on the automotive sector, exploring Car-to-Device applications that integrate mobile devices such as smartphones with in-vehicle systems in order to deliver converged solutions that enable improvements in driver and occupant comfort and safety.
- Secure System Software will focus on increasing the resilience of systems to today’s sophisticated malware. The emphasis will be on behavioural approaches such as control-flow integrity enforcement which will have an important role in moving beyond traditional signature-based anti-malware defences.
- Hardware Security Primitives will be investigated which enable security solutions to be extended to resource-constrained mobile/embedded devices, with focus on lightweight crypto building blocks, privacy preserving protocols and cost-effective HW trust anchors.
Only an integrated end-to-end approach, which is cognizant of the technologies from the resource-constrained embedded controller right up to the cloud-based server, is capable of delivering the safer mobile and embedded world we depend on. This is an ambitious as well as exciting research agenda. I eagerly look forward to the ICRI-SC making a significant and lasting impact towards “safer mobile & embedded computing”.