HASPOC

HASPOC project description

The following paragraphs aim at introducing the project in a nutshell:

Motivation

A Societal Challenge

In the modern information society, digital infrastructures provide and control close to all important services and production systems in society. At the same time, end-users, industry, and society in general face a rapidly increasing cyber threat situation. In order to guarantee reliable and available services withstanding those threats, security solutions for critical digital services and infrastructures are needed. The Digital Agenda for Sweden (PDF) points out some challenges: Control systems for vital services must be secure, networks must handle communications securely and there is a need for use of encryption to provide communications privacy and integrity. One of the key challenges is to establish a high degree of platform security.

Embedded Systems

Recently, warnings were raised with regard to the security of the embedded systems which we currently use for communication purposes like routers and modems or as controlling units. It was pointed out that a large share of them lack in SW quality and maintainability opening up for attacks.

Verification and Certification

Governments, big organizations and authorities are increasingly starting to require an independent verification (certification) of claimed security properties of deployed products and systems. For IT-solutions, a well-established method is to use the Common Criteria (CC) (ISO 15408) framework and certify products according to defined and internationally recognized security requirements and assurance levels. The CC addresses protection of assets from unauthorized disclosure, modification, or loss of use. Requirements for high assurance level CC certification of security products come from Swedish authorities and other customers. In the project reference group we have representatives for Swedish authorities (MSB, PTS and MUST) developing product requirements as well as regulating use of certified products.


Objectives

The Idea

A secure and trusted virtualized COTS platform for use in e.g. crypto equipment, secure mobile phones, firewalls and data diodes. Featuring:
  1. execution on ARM (one of the most widespread comodity platform architectures in embedded systems),
  2. virtualization in order to achieve secure isolation of critical processes,
  3. the ability to run unmodified guests,
  4. resource and cost efficiency,
  5. multicore support,
  6. a secure boot process,
  7. formal verification,
  8. Common Criteria certified security properties with high assurance level,
  9. European origin (with development and security evaluation performed in Sweden),
  10. open source

Some Thoughts

The ultimate project target is to provide security for critical digital services and infrastructures by development of a trusted, cost and resource efficient virtualized COTS (ARM) platform with proven and Common Criteria certified security properties.
Customer requirements and market competition require that future security products deliver stronger and verified protection, can be developed faster, use less resources (hardware, energy), and become physically smaller. To this end, virtualization is a powerful tool both for efficiency and protection as virtualization can be a security mechanism in itself offering isolation of different services running on a computing platform. However, for customers to place trust in a product such as a hypervisor, in particular if it is new to the marketplace, the claimed security properties must be backed up by evidence, and the best evidence available is a formal and machine checkable proof. The platform will cover trust anchoring, boot system, hypervisor functionality, and required security related life-cycle management features.
A key activity will be to integrate, in terms of understanding and use/development of supporting tools, the formal verification currently under way with the CC evaluation process.


Use

Application Cases

The developed technology will, in addition to specific security products like crypto equipment, secure mobile phones, and firewalls, be applicable in a wide range of areas like SCADA systems, mobile communication networks, vehicular, avionics, and medical systems, cloud application platforms, and also for devices in the Internet of Things (IoT).

Examples

  1. Cryptographic equipment with red/black separation implemented by logical means rather than physical HW separation.
  2. Communication infrastructure nodes where critical communication services have fault isolation and data separation against non-critical user services and applications.
  3. Electronic Control Units in process automation systems.

Market Aspects

To gain market success and contribute to business growth, it is necessary to have highly secure and competitive products. Products need to be resource efficient with respect to cost of production, time for development, physical size and power consumption while maintaining strong security assertions. A virtualized solution influences all these factors in a positive way and will markedly increase the competitiveness of a product on the international market.

Open Source

The platform will be open source, making it possible to independently evaluate the solution and increase trust.


Further Reading

More details on the roject can be found in:


Funding

HASPOC is a project in Vinnova's Challenge Driven Innovation program. It is co-funded by SSF.