Master Projects for the Academic Year 2007/2008
1. Self-adaptive Security
Abstract: Reconfigurable, self-adaptive, systems require a new method for security management. Applications and communications means might adapt to different environmental conditions. Thus, also the security policies should be adapted to these new conditions. A framework for self-adaptive security has been developed and adaptation methods and algorithms have been partly defined and analyzed
2. Side channel attacks on complex processor and low cost side channle attacks, challenges and possibilities
Abstract: Although in theory side channel attacks are very dangerous for all electronic devices, they are considered nowadays to be a serious problem only for smart card world. This situation, in part is due to the fact that more complex device have usual additional weakness easier to be exploited: operating systems is one of the possible example. On the other side instead, side channel attacks on platform more complex then 8 bit micro controller are still not explored or very rarely explored: there are few works on attacking cryptographic algorithms implemented on FPGA or more recently an attack on a palm device, but they are just preliminary works. The purpose of this master thesis is explore the feasibility of mounting different side channel attacks on a standard 32 bit platform, highlighting what is already possible and what it is missing. Additionally, the student is required to explore all the requirements needed for a successful side channel attack and try to build up an attack workstation keeping the cost as low as possible, using the cheapest consumer electronic available on the market.
3. Providing Security to Embedded Devices Through Virtualization
Abstract: The useful definition is a technique for hiding the physical characteristics of computing resources from the way in which other systems, applications, or end users interact with those resources. This includes making a single physical resource (such as a server, an operating system, an application, or storage device) appear to function as multiple logical resources; or it can include making multiple physical resources (such as storage devices or servers) appear as a single logical resource. Platform virtualization involves the simulation of whole computers. Resource virtualization involves the simulation of combined, fragmented, or simplified resources. Virtualization of the operating system is becoming more and more used to enhance security in server machines. In fact, security is provided through separation of roles among the virtual machines that are running on the same phisical machine. Virtualization is also used to enhance security on clients by providing separated environments for critical (e.g., connections to e-banking websites) and non-critical applications. A further enhancement of client security is obtained by associating a Trusted Platform Module (TPM) to the secure virtual environment. A TPM offers facilities for secure generation of cryptographic keys, the ability to limit the use of keys (to either signing / verification or encryption / decryption), as well as a Hardware Random Number Generator. It also includes capabilities such as remote attestation, binding, and sealed storage. The TPM can be used to “sign” the secure virtual machine and to ensure that no-unauthourized application is able to modify it.
4. Possible implementations of security on RFID
Abstract: Radio Frequency Identification (RFID) systems are a common and useful tool in supply-chain management and retail inventory management. Embedded into labels in clothes, spines of library books, and license plates of cars, these tags deter theft; into retail goods boxes they expedite warehouse operations. Optical barcodes are similar in that they can identify the product the consumer wishes to buy, but dissimilar in that they cannot be read through materials and do not contain a small memory for an unique identifier (in certain cases). Radio Frequency Identification tags are inexpensive to produce (a few cents) and trivial to manufacture due to the simple design of their logic. They are more difficult to modify than optical barcodes. Due to these reasons low-cost RFID tags are forseen as the most probable bar codes substitution. But unfortunately, the simple logic design of these tags still rend them vulnerable to the variety of security risks like cloning, counterfeiting, spoofing, etc.
This thesis presents the state of the art of RFID technology, gives a detailed overview and analysis of security and privacy mechanisms and attacks applicable to low-cost RFID segment, presents simulated results of existing implementation, discusses open topics and questions of the research area and finally offers several security efficient proposals for resisting to different types of security attacks.
The scope of the thesis currently addresses the technology used for RFID tags and readers alone, without addressing the security of the backend software (i.e. middleware, backend database) component of RFID systems.
5. Simulating and Improving Self-adaptive Security
Abstract: Reconfigurable, self-adaptive, systems require a new method for security management. Applications and communications means might adapt to different environmental conditions. Thus, also the security policies should be adapted to these new conditions. To date a general scheme for self-adaptive security has been developed and adaptation methods and algorithms have been partly defined and analyzed. In this work a simulation environment for the self-adaptive security framework is being developed. Refinements to the framework, both coming from the simulation results and from new proposals, will also be provided.
6. Metrics to Evaluate Logic Styles Resistance against Side-Channel Attacks: Theoretical Analysis and Practical Implications
Abstract: Nowadays the need of speed in cipher and decipher operations is more important than in the past. This is due to the diffusion of real time applications that leverage on cryptography. Mobile phone and pay TV are possible examples of applications where time is one of the most important constraints. On the other side, so called Side Channel Attacks represent a big problem for computer science and embedded systems in particular. Software countermeasures were proposed in the past to face the problem, but although those protections increase the security of the device, they impact on performances. This thesis aims to extend an ISA of a 32 bit processor in order to speed up not only cipher and decipher, but also the protection phase, where countermeasures like masking and randomization are applied
HW/SW for Advanced Applications
7. A VHDL Implementation of ONU Auto-discovery Process of the IEEE 802.3ah MPCP Protocol
Abstract: Ethernet Passive Optical Network (EPON) is the concept of a Full-Services Access Network (FSAN) that sends all the services e.g. (internet, Video on Demand (VoD), voice, etc) to the customer over a single fiber optical access system. There are two main units in the EPON system:
1. The Optical Line Terminal (OLT) is fixed at the Central Office (CO).
2. The Optical Network Unit (ONU) is fixed at the user end.
The Multi-Point Control Protocol (MPCP) has been introduced in the EPON to support a timeslot allocation by the OLT. The MPCP has introduced the Auto-discovery mechanism to detect the new (uninitialized) ONU or when the system has been powered up.
An ONU Auto-discovery process using VHDL and following the IEEE 802.3ah standard has been implemented. Design improvements have been introduced in order to overcome the synchronization problem between the OLT and ONUs and the fixed discovery window size. The whole system has been simulated, implemented and tested using a FPGA board.
8. Micro-benchmarks for hardware performance counter validation
Abstract: Modern microprocessors provide so-called hardware performance counters, registers that count the number of events happening in the microarchitecture (e.g. cache misses or branch mispredictions). These counters are increasingly used by developers of operating systems, virtual machines, and compilers, to either capture profiling information driving online feedback-directed optimizations, or to measure and evaluate the benefit of their optimizations. Unfortunately the events counted by hardware performance counters are often inaccurately documented. This uncertainty about the meaning of measured event counts casts doubt on any use of that information. In this project you will develop micro-benchmarks (small pieces of code that "tickle" the processor in clearly defined ways) to validate performance counters. For example, the most trivial micro-benchmark, the "null" benchmark, consists of no code at all. Event counts (e.g. number of executed instructions, or cycles, or cache misses) are thus expected to be 0. A more interesting benchmark would consist of a sequence of simple arithmetic instructions, without any memory accesses or branches. Other benchmarks would cause specific memory reference patterns to cause an analytically determined number of L1 cache misses.
9. Implementation of an E-PON network node
Abstract: The entire landscape of current telecommunication networks is changing. Many of the large carriers are spending large amounts of money to restructure their networks, and introduce new services. The use and demand of broadband services for things like video on demand, interactive gaming and video conferencing has led to an increase in internet protocol (IP) data traffic and put pressure on carriers to upgrade their networks. Deployment of fiber optics is extending from the backbone to the wide-area network (WAN) and the metropolitan-area network (MAN) and will soon penetrate into the local loop. This includes advanced technologies such as dense wavelength division multiplexing, optical amplification, optical path routing, wavelength add drop multiplexer, and high speed switching. All these factors seem to point to an eventual widespread adoption of a new optical IP Ethernet architecture which combines the state of the art in fiber optics and Ethernet technologies. This is predicted to serve the needs of the customers for now and for plenty of time to come. PON today is present in commercial deployments with over 3 million lines deployed. Since the IEEE 802.3ah standard was approved, both equipment cost and optics cost has decreased by more than 50%. EPON equipment has a very broad manufacturing base also. The natural target for faster EPON is Asia -- particularly Japan, where EPON has taken hold. Last year Japanese carriers were mulling a switch to GPON and also considering the faster EPON grades coming up. U.S started with some E-PON deployments and pilot projects as long as some big companies and start-up are strongly betting in this technology. Otherwise Europe seems to wait for high speed services demand, delaying the investments on cabling and using the existing infrastructure as long as possible. This trend could change only if the fiber optic network infrastructure cost decreases. That comes possible not only by reducing the number of active opto-electronic components into the network (that is the main reason of PONS) but also by improving the network sharing efficiency, guaranteeing pay-as-you-grow upgrades and growing the number of subscribers that share an expensive network node. This is what this project wants to realize. Goals: - Design of an IEEE802.3ah protocol-based Network processor.
10. Automatic transformation of controller algorithms for fixed-point implementation
Abstract: The digital implementation of controller or signal processing algorithms often occurs in fixed-point representation. Floating-point processing platforms are increasingly available, but fixed-point DSPs still present advantages in terms of speed and cost. Moreover, algorithms implemented in a fixed-point representation are more readily ported to hardware. This project intends to analyse the transformation of a controller algorithm to a fixed-point representation and to automate the transformation based on interactive decisions asked to the user. The scope is to generate from MATLAB/SIMULINK a C-like fixed-point algorithm which can be directly used in a standard DSP.
11. Assisted GNSS receivers
Abstract: The use of GNSS receivers in different application fields is constantly increasing since several years. The related technologies saw a big development which took the receiver performances to a high performance status. However, the determination of the position and navigation characteristics still presents some limits, e.g. in terms of multipath, shadowing and indoor operation. This projects aims to study the characteristics of GNSS systems and the problem related to the presented problems and select an efficient solution that allows the improvement of GNSS receivers. The student will have to prepare a careful state of the art, analyzing the most interesting solutions in terms of aiding techniques, circuits complexity and power requirements. Based on the state of the art and on discussions with the project manager, a trade-off analysis shall be performed and different implementation strategies shall be chosen and implemented. The developed solution will be targeted on embedded systems sharing the workload between the host processor and (if needed) the dedicated baseband processor of the receiver. In addition to the performance analysis, the final report of the project will consider also complexity, power consumption and security characteristics. Goals: - acquire a strong background on GNSS techniques - define an innovative solution and prove its viability
12. EPON Network Scheduler Processor
Abstract: The project concerns a software-hardware implementation for an EPON Network timing scheduling and bandwidth allocation algorithm. The project will be composed of the following working steps. 1) Algorithm definition and feasibility study on hardware 2) Algorithm VHDL implementation 3) Algorithm synthesis and tests on suitable FPGA boards The design criteria will be based on bandwidth allocation efficiency, computational speed and hardware area efficiency.
13. Validation of Response Surface reconstruction techniques based on Neural Networks
Abstract: Application specific embedded systems nowadays are not designed in a monolithic way but many different components and processors are integrated together in a complex System on Chip. The set of all design alternatives is huge and evaluate a given possible solutions normally require a long simulation. To reduce the computational time to estimate the goodness of a point in the design space the simulation can be replaced by an evaluation phase. In this case the evaluation can be obtained from a response surface approximately reconstructed from a Neural Network trained by other points. In order to adopt this method is mandatory to know how much confidence is possible to give to the Neural Network, and so to validate the results of the NN, to estimate error given and to understand the level of approximation of the returned surface.
14. Yield Enhancement by Robust Application-Specific Mapping on Networks-on-Chip
Abstract: The scalability and the success of switch-based networks and packet-based communication in parallel computing have inspired the researchers to propose the Network-on-Chip (NoC) architecture as a viable solution to the complex on-chip communication problems. Customized network-oriented communication architectures have recently become a must to support high bandwidth SoCs. To this end, the corresponding communication design flow is necessary to support the design space exploration of complex SoCs with tight design constraints. Goals: In order to exploit the benefits introduced by the NoC approach for the on-chip communications, the goal of the thesis is the definition and implementation of a flow for the NoC customization
15. Development of a Hybrid-Simulation Framework for MPSoC
Abstract: Over the last years the need for high computing power in mobile devices has significantly increased. In order to meet that requirement together with the stringent constraints on power consumption, die size and price embedded systems have evolved into very complex System on Chip (SoC). Unfortunately, the growing complexity has a negative impact on the performance of today’s instruction set simulators (ISSs). Therefore, a new simulation methodology is required to keep the simulation performance at a comfortable level. Hybrid simulations are a possibility to overcome this problem by giving switching between different levels of precision. Uninteresting code regions are simulated at a high speed and low accuracy while code regions of interest are simulated with a high accuracy but low speed. In this thesis the possibilities of hybrid simulations will be analyzed.
16. Multi-objective robust Design Space Exploration for multiprocessors System on Chip
Abstract: Improvements of integration technology lead to a growing uncertainty of implementation process, then, probability of implementing faulty components must be taken into account on designing complex system on chip. Networks on Chip can be designed to be dependable in the way that, if some components are faulty, performance of the system stay acceptable. In this project we address on robust design methodology to face with said problem.
17. Leakage and Technology Variations
Abstract: The student will investigate the theme of leakage in deep submicron technologies. such leakage currents are getting a greater and greater importance and must be taken into account in any low power policy. In particular analyzing problematics arising from the variations in technology processes impact of such issues on leakage currents should be analyzed.
18. Power Model of Energy Cost of Wireless Sensor Networks: Transmission and Security
Abstract: In Wireless Sensor Networks power is a scarce resource. We proved how in commercial implementations the power consummed by microprocessor (expecially for processing security) can be more that that consummed for transmitting data. This fact is not yet very accepted by the scientific community. This work should further prove how the energy cost of microprocessor operations represents a consistent part of the total power. Moreover comparative characterizations of commercial platforms will be dealt with.
19. Novel Enhanced Sleep Transistor Techniques for reducing Leakage
Abstract: Starting from 0.18 um technologies, static power consumption, due to leaky transistors, is now a non-negligible source of power dissipation even in running mode. Thus, the total power consumption (i.e. dynamic plus static power) has to be optimized instead of reducing only dynamic power, the latter being due to switched capacitance charge/discharge. Current technologies are often available with two or more different transistor types. Each kind of transistor presents a different threshold voltage (Vth), even if all the transistors types share the same CMOS technology. Low Vth transistors will be characterized by large driving current (high speed) and large off-current (large static power consumption), while high Vth devices are slower but less leaky. The aim of this project is to study the opportunity of using some novel enhanced design techniques using sleep transistors that cut off power supply. This technique has been recognized to be quite effective, reducing subthershold leakage of about factors 10 to 20. Generally, a cut off N-ch MOS is used between virtual ground and Vss. Two N-ch and P-ch MOS can also be used.
20. Optimizing WSN Configurations depending on Power Consumption to measure Vineyard Microclimate Conditions
Abstract: The goal of the project is to analyse the specifications of a system, based on a wireless sensor network, able to measure the useful parameters to monitor the microclimate conditions of a vineyard. In particular the student should propose some indications on how to integrate the needed technology and eventually develop a small demonstrator which consists of a small wireless sensor network and the software that should manage the collected data.
21. Simulation of WSN for the cold chain
Abstract: A complex commercial system for management of the cold chain and logistics should be analyzed and managed. Available tool must initially be tuned to be able to respond to all the exigences of the foreseen application. Using such instrument models should be built and tested.
22.Trusting Evaluation of Reconfigurable Self Adaptive Elements in Distribute Computing
Abstract: In last years embedded systems have seen a strong development and diffusion and the environment in which human life is currently evolving is rounded by dozens of computational unit. Looking forward to the future, it is acceptable to think that the world will become an enormous network of ubiquitous and pervasive element able to communicate and share information and resources. In this context it is expected that each network element is Self Adaptive (SANE) and that the resource sharing process is protected by trusting and security models. This work presents an evaluation of the current methodologies used for establishing trustworthy communication in modern networks, and the application of the relevant concepts within the context of the distributed computing for SANE-made networks. A low resource consuming algorithm, capable to evaluate the statistical reliability of each linked element is proposed.
23. Craig interpolation
Abstract: The satisfiability problem (SAT) is to decide if a Boolean formula is satissfiable. Though the problem is NP-complete, state-of-the-art SAT solvers can handle formulas with millions of variables. If the formula is not satisfiable, the SAT solver can produce a proof of the the inconsistency. If two formulas A and B are inconsistent (their conjunction is unsatisfiable), we can find a third formula A' , called interpolant, such that A' is weaker than A, A' is still inconsistent with B and A' contains only the variables common to A and B. The proof of the incosistency of A and B can be used to compute the interpolant. In formal verification, the system is often too large to fit into memory. Thus, abstraction techniques are used to reduce the state space. The abstraction is usually an over-approximation and must iteratively refined. Interpolants can be used as an automatic technique for abstraction refinement. Goals: The goal of the project is to implement an open source interpolator. The tool should take as input two formulas and interface with a state-of-the-art SAT solver (such as MiniSAT) in order to check the satisfiability of their conjunction. If an incosistency is found, the tool should parse the inconsistency proof and produce an interpolant for the input formulas.