ESPRESSO

Smart Sensors

Measure and process data in critical infrastructures

Industrial Applications

Require authenticity, integrity, and confidentiality of data

Internet of Things

Devising Smart Functionalities

Project Goal

Smart sensors, which besides measuring sensor data also process the measured information, are already used in various application scenarios, e.g., in industrial production processes, in smart-home systems, and also in critical infrastructures. Both, industrial applications as well as private applications require that processed data and control signals are protected against unauthorized access and manipulation. It is important to protect the authenticity, integrity, and confidentiality of the measured sensor data as well as the data used to control actuators by means of cryptographic mechanisms, in order to protect sensitive personal information, to protect intellectual property such as configuration parameters, and to prevent damage and harm due to unauthorized manipulations and configurations. The objective of ESPRESSO is to research security technologies for an integration of smart sensors into the Internet of Things (IoT). Thereby the focus is on three core areas of research:

The first area of research are technologies for securely storing and managing key material. In this context, we use novel approaches with respect to existing hardware security modules in order to address the need of IoT applications for high scalability with respect to backend-systems. The novel approaches are going to be implemented and evaluated based on a prototype using smartcard technology.

Smart sensors have a long duration of life and work in non-secured environments, which allow conducting side-channel attacks such as power analysis and fault attacks. In order to achieve security in such settings, we are researching efficient implementations of post-quantum cryptography for IoT applications including side- channel resistance. These technologies are going to be implemented as prototypes in hardware and software in order to analyze in particular the side-channel resistance.

In the context of the research on platform security, we analyze the security of IoT systems across bounds of devices. Thereby, we in particular also consider software side-channel attacks that are highly relevant for control devices, like smart phones. The goal is to create awareness about the attacks and to research corresponding countermeasures.

Project Goal

This project is enabled by: