Embedded systems are now exposed to evolving cyber security concerns that threaten even the simplest of attack surfaces. These systems must employ various secure boot and anti-tamper methodologies to protect against malicious code modification and loss of intellectual property/technology. Safety critical systems are typically deployed as field loadable via robust proprietary methodologies which implement fundamental artifact integrity checks. Ensuring authenticity and integrity in environments where cyber security risks exist is mandatory. Also, confidentiality of all artifacts should be maintained. For this project, consider an embedded system that has a hardware backed secure boot with both digital signatures and confidentiality, an ethernet connection with a simple memory peek/poke protocol implemented, and with an FPGA firmware-controlled lock box. The primary goal of this project is to create a secure embedded architecture that communicates to the outside world with a simple ethernet protocol. After establishing the user environment with a secure boot, cyber monitoring software will be developed that will detect and isolate cyber attacks. If the monitor detects specified attacks (criteria defined by the students), the software will direct the FPGA firmware to open the lock box to reward the attacker. Students evaluated the latest NIST quantum-resistant cryptographic algorithms to create the secure boot process. In particular, the secure load and boot functionality previously developed for the Xilinx board was extended.

Our team collaborated with Electrical and Computer Engineering 12 on this project.