Hardware Security Board

Hardware Security Board

The Hardware Security Board consists of a physical hardware device which provides the link between sensors (data generators) and the COSMOS environment/platform. The Hardware Security Board can be either attached to one sensor or can be a hub for an entire collection of sensors (e.g. temperature, pressure, humidity, surveillance cameras, etc.).

In order to provide high trustworthiness a hardware coded security forms the foundation of the H/W Security Board. This layer provides basic security primitives which are used by software drivers and applications as the so-called “root of trust”.
The Hardware Security Board consists therefore of a FPGA platform device. This provides the necessary means for developing the hardware coded security components while making use of standard, state-of-the-art computing processors. The operating system of choice is Linux which provides not only the necessary platform for developing the high-level software applications but also enables the usage of the security hardware modules.

The hardware components within the Hardware Security Board provide:

• Secure Boot: using encrypted flash memories and device-unique keys, enables only trusted software applications to be executed;
• Secure Storage: allows for on-chip key storage while protecting against common security attacks which target key recovery;
• Secure execution: using hardware partitioning schemes, unsecure software applications are sandboxed, thus protecting the rest of the computing platform from malicious software or malware;
• Cryptographic hardware accelerators: allow for fast, on the fly encryptions and decryptions to be performed, without performance loss

More information can be found in Deliverable D3.1.2