Chair:
Basel Halak, University of Southampton, GB

The security of the internet of things is one of the major challenges facing both engineers and researcher alike. This technology has led to billions of low power devices to become entrenched in our lives. Reports state that currently 15 billion IoT devices are currently deployed, and deployment is expected to reach 50 billion by the year 2020. This massive deployment of devices has led to significant security concerns. Various attacks have shown weaknesses in IoT infrastructure, with a swarm of light bulbs potentially leaving a city in darkness, rogue devices attacking infrastructure to attacks in critical infrastructure.

This tutorial a combined effort of four leading international universities in the field of hardware-based IoT security, it aims to disseminate the latest research results and state-pf the art-techniques in this field DATE community.

The tutorial will be highly beneficial for both experienced researchers and students considering delving into this topic.

The tutorial has the following objectives;

1. To describe the security challenges of internet of things devices
2. To explain the basics of attestation techniques for IoT devices
3. To explain the principles of lightweight authentications techniques
4. To explain the design principles of Physically Unclonable Functions
5. To Describe open research problems in the area of designing hardware-security schemes for IoT applications.

Speaker:
Gang Qu, Univ. of Maryland, College Park, US

In many embedded systems and the Internet of Things (IoT) applications, resources like CPU, memory, and battery power are limited that they cannot afford the classic cryptographic security solutions. Meanwhile, the security requirement on these systems/devices is not as high as the traditional secure systems. In this talk, we use authentication as an example to demonstrate how hardware and physical characteristics can help to build lightweight security primitives such as authentication protocols. More specifically, we will report our recent work that utilizes the traditional CMOS, the emerging RRAM technologies, and voltage over scaling (VoS) technique for user and device authentication as well as GPS spoofing detection. These practical approaches are promising alternatives for the classical crypto-based authentication protocols for the embedded and IoT devices in the smart world.

Speaker:
Yier Jin, The University of Central Florida, US

In recent years we have seen a rise in popularity of networked devices. As a consequence, a need to ensure secure and reliable operation of these devices has also risen.

Device attestation is a promising solution to the operational demands of embedded devices, especially those widely used in Internet of Things (IoT) and Cyber-Physical System (CPS).

In this tutorial, we summarize the basics of device attestation. We then present a summary of attestation approaches by classifying them based on their functionality and reliability guarantees they provide to networked devices. Lastly, we discuss the limitations

and potential issues current mechanisms exhibit and propose new research directions.

Speaker:
Basel Halak, University of Southampton, GB

Physically Unclonable Functions (PUFs) exploit the intrinsic manufacturing process variations to generate a unique signature for each silicon chip; this technology allows building lightweight cryptographic primitive suitable for resource-constrained IoT devices. The first part of this tutorial provides a comprehensive overview on the design principles of physically unclonable functions and their main evaluation metrics. The second part explains why we need the PUF technology and how to use it to build robust defense mechanisms against emerging security threats facing IoT technologies, in this context, we give specific examples that includes; secure cryptographic keys generation/storage, authentication protocols, and low cost secure sensors. The final part of this tutorial outlines the outstanding security challenges facing PUF technology and their potential countermeasures, including mathematical modelling attacks using machine-learning algorithms, side channel attacks and physical cloning attacks. The tutorial concludes with a summary of learned lessons and directions for the future

Speaker:
Maire O'Neill, Queen's University Belfast, GB

A Physical unclonable function (PUF) is a security primitive which enables the extraction of a digital identifier from electronic devices, based on the inherent silicon variation between devices which occurs during the manufacturing process. Many PUF implementations for ASICs and FPGAs have been proposed to date. However, on FPGA they often offer insufficient uniqueness and reliability, and consume excessive FPGA resources. This talk will focus on how to design efficient, lightweight and scalable PUF identification (ID) generator circuits specifically for FPGAs that offer compact designs, high uniqueness and good reliability. It will also discuss the challenges in designing challenge-response PUF circuits on FPGAs, including their vulnerability to machine-learning attacks. This talk will focus on how to design efficient, lightweight and scalable PUF identification (ID) generator circuits specifically for FPGAs that offer compact designs, high uniqueness and good reliability. It will also discuss the challenges in designing challenge-response PUF circuits on FPGAs, including their vulnerability to machine-learning attacks.