IoT gateway protection against software and communication threats – TrustGW

In the TrustGW project, we consider a generic architecture composed of two processors (baseband and application) and an FPGA component. The hypervisors allow us to virtualize these resources and allocate them to the different virtual machines. The application processor is used to run Linux-like systems and applications that process data locally from the IoT nodes. These applications are typically
developed in a high-level language such as C/C++. However, in order to accelerate some processing (typically machine learning algorithms or processing of video streams), part of the calculations can be deported to the FPGA. Different approaches can be adopted for the development of these applications but the tendency is to use High-Level Synthesis type approaches for which the application is developed in a high-level language (e.g. in C). From a source code, these approaches automatically generate a hardware circuit that implements all or part of the algorithm.

Challenge C1 consists in proposing a trusted gateway architecture. For this, the extension of the RISC-V processor instruction set is targeted in order to adapt its architecture to the application needs and the considered threats. In the framework of challenge C1, we are mainly interested in securing the baseband processor in order to propose countermeasures against attacks on communications.

Challenge C2 is part of the virtualization of network functions (NFV) and/or Edge Computing type applications with, as a particularity, the deployment of partitioned and secured virtual machines on a heterogeneous and dynamically reconfigurable architecture. In this context, it is necessary to share certain resources, reconfigurable or not, between the virtual machines in a secure manner. The Ker-ONE hypervisor, allowing to manage reconfigurable software and hardware resources, is proposed to provide flexible and secure mechanisms to protect and trust the execution domains. This approach relies on an open-source solution allowing its audit.

Challenge C3 concerns the security of applications running on the application processor. We wish to protect ourselves against attacks exploiting vulnerabilities present in these applications. It is a question of guaranteeing confidentiality and integrity properties in order to offer a trusted environment to the various execution domains. Indeed, a large number of software attacks exist and the available countermeasures remain insufficient for heterogeneous software-hardware architectures. It is therefore essential to offer high-performance hardware protection solutions that cover a wide range of software threats.

The TrustGW project addresses a growing challenge in the field of IoT infrastructures by proposing a heterogeneous, generic and secure gateway architecture that can host several isolated execution domains accessing shared resources. The proposed approach aims at establishing a chain of trust from the protection of the communication link to the protection of applications. The developments made will be open-source in order to guarantee their audit and facilitate their transfer to private actors.

Coming soon.

Coming soon.

In the age of the Internet of Things, embedded communicating systems are becoming massively widespread in critical infrastructures. They contribute to a better control and optimization of these infrastructures to increase their efficiency, cost and use, but also to meet societal challenges. Unfortunately, they also contribute to the increase of the global attack surface of information systems, which represents an unprecedented threat.

It is therefore essential to guarantee the best level of protection for such systems that handle sensitive or secret data. Indeed, because of their connectivity, they are subject to numerous software and hardware threats. In the context of the TrustGW project, the system under consideration is composed of objects connected to a gateway, which in turn is connected to one or more calculation servers. According to an ENISA report, 43% of processing related to the Internet of Things will be carried out at the gateway level by 2021. The connected objects (IoT nodes) transmit and receive data from the gateway. Each node potentially communicates with a different waveform (e.g. LoRaWan and Bluetooth). Indeed, the multiplication of waveforms limits the generalization of a single waveform for all communications within this type of infrastructure. The gateway must therefore be able to support different waveforms in a dynamic way.

The gateway architecture, which is at the heart of the project, is heterogeneous (software-hardware), composed of a baseband processor (BBP), an application processor (GPP) and hardware accelerators implemented on an FPGA. The latter are deployed dynamically according to the acceleration needs of the applications at a given time. The dynamic reconfiguration allows to specialize the gateway during execution. The FPGA resources are virtualized in order to have a uniform view from the applications' point of view. This type of architecture makes it possible to reach the required performance levels while respecting the power constraints essential to the targeted domain. The gateway embeds several virtual machines in order to be able to deploy the services of the different execution domains that it hosts in a partitioned manner. These virtual machines share certain computing resources (processor and FPGA) and memory resources for reasons of infrastructure cost, maintenance and standardization of the architectures implemented. Nevertheless, some resources must be exclusive according to the services available within an execution domain. Hypervisors are used to deploy virtual machines and ensure their isolation.

The TrustGW project therefore aims to develop a dynamically reconfigurable heterogeneous software-hardware gateway architecture that can be trusted. The implementation of such an architecture guaranteeing confidentiality, integrity, availability and authentication properties is original. In the framework of the TrustGW project, three main scientific challenges are addressed:
- To design a heterogeneous software-hardware gateway architecture that is trusted and dynamically reconfigurable;
- To propose a trusted hypervisor that allows the deployment of virtual machines on a heterogeneous software-hardware architecture with resource virtualization;
- Guarantee the security of applications within virtual machines.