In the US, computer scientists have developed a tool that allows hardware designers and system builders to test the security of Internet of Things (IoT) embedded devices within smart grid technology as well as medical equipment and cellphones, according to public sector IT website GCN.
Researchers at the Jacobs School of Engineering, University of California in San Diego (UCSD), believe it is a first for the field to be able to check embedded computer systems built around microcontrollers for security breaches.
Jonathan Valamehr, a postdoctoral researcher in the Department of Computer Science and Engineering at UCSD, said: “Engineers traditionally design devices to be fast and use as little power as possible and often, they don’t design them with security in mind.”
The tool is based on the team’s research on Gate-level Information Flow Tracking, or GLIFT, which tags and then tracks critical pieces through hardware’s security system.
Researchers say the tool can detect security-specific properties within a hardware system, such as ensuring that a cryptographic key does not leak outside a chip’s cryptographic core.
And in some types of hardware where you can determine a device’s cryptographic key based on the amount of time it takes to encrypt information, the tool can detect these timing channels that can compromise a device’s security.
Valamehr, Ryan Kastner, a professor of computer science at UCSD, and Ph.D. candidate Jason Oberg started a company named Tortuga Logic to commercialise the technology.
The firm was recently awarded a US$150,000 grant from the National Science Foundation to further their research.