Trusted Apps for Open Cyber-Physical Systems

Dates: 1/01/2015 – 31/12/2017
Funding scheme: RIA – Research and Innovation action

Τhe project will develop a parallel, real-time Trusted Execution Environment (TEE) for highly-trusted CPS Apps. The TEE is located separately from existing the execution environment inside the System Control Units and exploits functionalities provided by the novel hardware-, processor- and network-centric security mechanisms as well as a hypervisor for virtualization.

Furthermore, TAPPS will provide and validate an end-to-end solution for development and deployment of trusted apps, including an App Store and a model-based tool chain for trusted application development including verification tools. This multi-level trusted Apps platform and tool chain are matured and validated in health and automotive application domains using industrial, realistic use cases paving the way for future exploitation in further demanding application domains.

Links: http://www.tapps.eservices4life.org/

Publications

This material is presented to ensure timely dissemination of scholarly and technical work.
Copyright and all rights therein are retained by authors or by other copyright holders.
All persons copying this information are expected to adhere to the terms and constraints
invoked by each author’s copyright. In most cases, these works may not be reposted without
the explicit permission of the copyright holder.

C. Prehofer , G. Kornaros and M. Paolino, “TAPPS – Trusted Apps for open Cyber-Physical Systems“, 6th International Conference on e-Democracy, pp 213-216, 2015 [preprint]
C. Prehofer, O. Horst, R. Dodi, A. Geven, G. Kornaros, E. Montanari, M. Paolino, “Towards Trusted Apps platforms for open CPS”, 3rd International Workshop on Emerging Ideas and Trends in Engineering of Cyber-Physical Systems (EITEC), 2016
G. Kornaros, E. Wozniak, O. Horst, N. Koch, C. Prehofer, A. Rigo, M. Coppola, “Secure and Trusted Open CPS Platforms“, in book “Handbook of Research on Solutions for Cyber-Physical Systems Ubiquity”, Editors: Norbert Druml, Andreas Genser, Armin Krieg, Manuel Menghin and Andrea Hoeller, IGI Global book series Advances in Systems Analysis, Software Engineering, and High Performance [Download]
George Kornaros and Svoronos Leivadaros, “Securing Dynamic Firmware Updates of Mixed-Critical Applications“, 3rd IEEE International Conference on Cybernetics (CYBCONF), 2017, DOI:10.1109/CYBConf.2017.7985807 [preprint]

Talks

G. Kornaros, “Using a Secure IoT Platform based on STM32 MCUs“, In Design, Automation and Test in Europe (DATE’17) Conference, “The Internet of INSECURE Things” Tutorial, organized by M.Copolla, Mar. 2017 [presentationDATE2017]

Demos

Secure CAN (sCAN) communication in action
Firmware Over-the-Air Updating: STM32F779 using ESP8266 downloads the firmware that later (after blue led turns off) transmits to an STM32F769i over secure CAN-bus
Hardware extensions for the open access HUB: WORM, Firewall
Unauthorized Login for Automotive Networks over Secure HUB: Use Case, Demonstration
Authorized Login for Automotive Networks over Secure HUB: Use Case, Demonstration
Hardware extensions for the open access HUB & Un/Authorized login (all in one)
Authorized Secure Firmware Over-the-Air Updating for Automotive ECUs: Ιllustration, Use Case, Demonstration, All In One