Secure and sovereign: Open-source processor designs boosted by new HEP project delivering free verification tools
Security chips are essential for many providers of electronic devices, from small personal devices to automobiles. They perform cryptographic operations and are intended to prevent manipulations, malfunctions or accidents. These chips should be open, flexibly adaptable and, as far as possible, mathematically proven to be secure. For global value chains with numerous actors, the supply of such cost-efficient components represents a great challenge. Open source processors offer a versatile alternative, as long as their security can be guaranteed via circuit design tools.
Trustworthiness and security are important in electronics. Their importance increases the more areas of everyday life are influenced by digitization and automation - such as driving a car or working in the smart home office. But how can these requirements be fulfilled when the individual components come from different manufacturers along a global value chain?
In order to find answers to this, the German Federal Ministry of Education and Research (BMBF) launched the “Trustworthy Electronics (ZEUS)” funding initiative. By researching, developing and using trustworthy electronics, a contribution is made to technical sovereignty in Germany and Europe. To support this endeavor, a project consortium led by the Leibniz Institute for Innovative Microelectronics (IHP) is working on open source approaches for the design of computer chips: The HEP project (HEP- Hardening the value chain through open source, trustworthy EDA tools and processors) , which was officially launched on March 1, 2021, aims to implement essential parts of the value chain of security-relevant chips through open source technologies.
The next generation of hardware
The focus of the HEP project is on RISC-V processors. RISC-V is a new, open and free instruction set architecture, describing how the processor can be used. RISC-V is considered as a promising open source standard for many areas of application. The aim of the project is to develop a hardened, formally verified RISC-V processor that can accelerate cryptographic operations with special hardware structures.
The hardening of the chip aims to reduce the potential for physical attacks on the system as much as possible. The modifiability of a verified RISC-V processor will enable secure applications for the Internet of Things and, for example, to establish a new standard in the automotive industry. Therefore, the project will also develop and implement extensions for open-source circuit design tools - so-called EDA (Electronic Design Automation) tools - that integrate hardening measures into the circuits in an automated way. In addition, the project investigates how hardware Trojans can be added during design or production and which protective measures are possible against such attacks.
In the project, the Leibniz Institute for High Performance Microelectronics (IHP) focuses on the physical design of RISC-V processors. The aim of the cross-departmental research activities is the appropriate combination of design verification and selective hardening of the system in order to take "a big step towards the design automation of highly critical systems in the industrial environment", as Dr.-Ing. Markus Ulbricht, leader of the Fault Tolerant Computing group at IHP, explains.
Industrial Liaison Group pursues further development - also in small and medium-sized companies
The demonstrator that the project consortium is working on will subsequently be used in industrial practice. For this purpose, an industrial liaison group will be established, in which the project partners will pursue the industry-oriented further development of the results. In addition to expanding expertise in IT hardware for the automotive industry and in the Internet of Things, the HEP project also aims to support small and medium-sized enterprises: Open-source processors will not only make it easier to enter the market, but will also ensure diversified value creation and supply chains, to reduce dependencies and strengthen competitiveness.
The HEP project is led by the Leibniz Institute for High Performance Microelectronics (IHP). The project partners are:
• IAV GmbH Ingenieursgesellschaft Auto und Verkehr
• Elektrobit Automotive GmbH
• German Research Center for Artificial Intelligence GmbH (DFKI)
• Fraunhofer Institute for Secure Information Technology (SIT)
• RheinMain University of Applied Sciences, Research Area "Smart Systems for People and Technology" (SSMT)
• Ruhr University Bochum, Chair for Security Engineering
• Technical University of Berlin, Department Security in Telecommunications
Associated partners are CARIAD SE (A Volkswagen Group Company), HENSOLDT Cyber GmbH, Hyperstone GmbH, Robert Bosch GmbH and Swissbit Germany AG. The Federal Ministry of Education and Research (BMBF) is funding the HEP project with around 3.64 million euros over a period of three years.
Funding code: ME1ZEUS012
Wissenschaftlicher Ansprechpartner:
Dr. Norbert Herfurth