RISE
AI assistant serves as first point of contact for legal questions
Start: 02/2023
End: 01/2026
With increasing digitalization, more and more embedded systems are becoming part of the Internet of Things. This comprehensive network provides significant economic benefits. In many cases, however, security gaps still threaten broad integration. Side-channel attacks, especially timing attacks, are an essential category here.
FreeSBee explores a tool-based methodology for (partially) automated detection and elimination of security vulnerabilities based on timing attacks. Timing attacks make it possible to infer confidential information, such as secret keys, by observing variations in software runtime.
Based on the Astrée and CompCert tools, the FZI develops an approach that uses annotations of confidential information in source code to automatically detect all dependent potential code sections that could cause control-flow-based runtime variations.
The subsequent compilation process has been extended to eliminate these potential control-flow-based runtime variations through code transformations automatically. This allows the user to protect software against control-flow-based timing attacks with just a few annotations.
Approaches to eliminate microarchitecture-related runtime variations are also being investigated. The focus is on hardware architectures for the RISC-V instruction set.
In this research focus, the FZI investigates and conveys innovative concepts, methods for protecting IT systems, and legal framework conditions to enable secure digitalization.
Funding notice:
The joint project FreeSBee is funded by the Federal Ministry of Research, Technology and Space.
Project partner:
AI assistant serves as first point of contact for legal questions
AI engineering empowering security reasoning throughout the entire lifecycle of an AI function
Secure and self-determined digital identities in e-commerce
Co-design for application-specific microelectronics with innovative chiplets in Baden-Württemberg
Jointly moving people and goods
Stopping pathogen transmission in hospitals quickly, reliably, and comprehensively using AI.
Generating resilient system-on-a-chip architectures for RISC-V
Body-worn sensors and wearables for recording vital data and identifying health-related issues in mental and psychosomatic disorders
Efficient and highly accurate data generation for AI applications in autonomous driving
Generative AI in Software Development with a focus on smart home applications.