Secure and Confident: Development of Freely Available Tools for Verification of Open Source Processor Designs

CASA scientists are conducting research in a project consortium.

[Translate to Englisch:]

[Translate to Englisch:]

Security chips are essential to many electronic device suppliers of devices ranging from the smallest personal devices to automobiles. They perform cryptographic operations and are designed to prevent tampering, malfunctions and accidents. These chips should be open, flexibly adaptable and as mathematically proven secure as possible. Given global value chains with numerous players, the supply of such cost-effective components is a significant challenge. Open source processors offer a versatile alternative here, as long as their security can be guaranteed using circuit design EDA tools.

Trustworthiness and security play an important role in electronics and become even more significant as more areas of everyday life are influenced by digitalization and automation - be it driving a car or working in a smart home office. But how can these aspects be brought into focus when the individual components come from a wide variety of manufacturers along a global value chain?

To find answers to this question, the German Federal Ministry of Education and Research (BMBF) has launched the "Trustworthy Electronics (ZEUS)" funding initiative. The research, development and application of trustworthy electronics are intended to contribute to technical sovereignty in Germany and Europe. To support this endeavor, a project consortium led by the Leibniz Institute for Innovative Microelectronics (IHP) is looking at open-source approaches to computer chip design: The HEP project (HEP -Hardening the Value Chain through Open Source, Trusted EDA Tools and Processors), officially launched on March 1, 2021, aims to realize essential parts of the value chain of security-relevant chips through open source technologies.

The next hardware generation
At the heart of the HEP project are RISC-V processors. RISC-V is a new, open and free instruction set architecture that describes how the processor can be used. RISC-V is considered a promising open-source standard for many application areas. The project's goal is to develop a hardened, formally verified RISC-V processor that can accelerate cryptographic operations with special hardware structures.
The hardening of the chip aims to provide as few vulnerabilities as possible to physical attacks on the system. The modifiability of a verified RISC-V processor offers the potential to enable secure applications for the Internet of Things and to establish a new standard in the automotive industry. Therefore, the project will also develop and implement extensions for open-source circuit design tools - so-called EDA (Electronic Design Automation) tools - that integrate hardening measures into the circuits in an automated way. The project will also investigate how hardware Trojans can be inserted from design to manufacturing and what protective measures are possible against such attacks.

In the project, the Leibniz Institute for Innovative Microelectronics (IHP) focuses on the physical design of RISC-V processors. The goal of the cross-departmental research activities is to expediently combine design verification and selective hardening of the system in order to take "a major step toward design automation of highly critical systems in industrial environments," as Dr.-Ing. Markus Ulbricht, head of the IHP's Fault Tolerant Computing Group, explains.

Industrial Liaison Group pursues further development - also in small and medium-sized enterprises
The demonstrator on which the project consortium is working will subsequently be used in industrial practice. To this end, an Industrial Liaison Group is being set up in which the project partners will pursue the further development of the results close to the industry. In addition to expanding expertise in IT hardware for the automotive industry and the Internet of Things, the HEP project also aims to support small and medium-sized enterprises: Open source processors not only make it easier to enter the market but also ensure diversified value and supply chains, reducing dependencies and strengthening competitiveness.

The HEP project is led by the Leibniz Institute for Innovative Microelectronics (IHP). Partners also include:
- IAV GmbH Ingenieursgesellschaft Auto und Verkehr
- Elektrobit Automotive GmbH
- German Research Center for Artificial Intelligence GmbH (DFKI)
- Fraunhofer Institute for Secure Information Technology (SIT)
- RhineMain University of Applied Sciences, research focus "Smart Systems for People and Technology" (SSMT)
- Ruhr University Bochum, Chair of Security Engineering (Cluster of Excellence CASA)
- Technical University of Berlin, Department Security in Telecommunications

CARIAD SE (A Volkswagen Group Company), HENSOLDT Cyber GmbH, Hyperstone GmbH, Robert Bosch GmbH and Swissbit Germany AG are associated partners. The German Federal Ministry of Education and Research (BMBF) is funding the HEP project with approximately 3.64 million euros over a period of three years.

Funding code: ME1ZEUS012

Scientific contact:

Dr Norbert Herfurth

General note: In case of using gender-assigning attributes we include all those who consider themselves in this gender regardless of their own biological sex.