Infineon, Bosch, and more on quest for "Trustworthy Electronics"

Twelve partners from the research and academic sectors as well as from electronics and end user industries are working together to develop a holistic security concept for the Internet of Things. The VE-VIDES goal is to already systematically identify potential security gaps in the design phase and to use automatically generated, trustworthy mechanisms to protect electronic systems against attack. The German Federal Ministry of Education and Research is supporting the project as part of its funding measure "Trustworthy Electronics (ZEUS)". "We rely on electronic systems in almost every aspect of our lives and our work. These systems make our lives easier, safer and greener. We need trustworthy electronics if we want to really be able to rely on them," says Infineon's Djones Lettnin, head of the alliance project. "In VE-VIDES our focus is on securing the trustworthiness of system hardware while taking the direct interfaces to trustworthy firmware and software components into account." It is already necessary to plan for and secure the trustworthiness of a system and for all subcomponents during design at the architecture level. VE-VIDES is therefore researching trustworthy development and verification processes which give electronic systems verifiable and, whenever possible, quantifiable protection against attacks. The design methods, tool chains and test suites emerging from this alliance project will give a solid foundation to future development tools for trustworthy electronics and will thus contribute to the technical and technological sovereignty of Germany and Europe. The essential attack scenarios for electronic systems are:

• Attacks via the internet (hacking) in which intentionally integrated backdoors and trojans or accidentally overlooked vulnerabilities are exploited in order to change the target system's functionality or steal data stored within the system
• Electronic, optical or physical attacks on integrated circuits in order to steal intellectual property or illegally read out or modify data

The leading institution for cataloging cyber-security vulnerabilities, CVE-MITRE, expects a potential 43 percent reduction in overall system vulnerability when vulnerabilities in trustworthiness are already eliminated at the hardware level. System-level approaches, including access restrictions and redundancy, currently help protect against attacks and reduce security risks. VE-VIDES applies a holistic security concept here to improve the development processes for trustworthy electronics systems and their integration along global value chains. The concept employs an innovative IP design and verification flow to ensure the trustworthiness of security-critical electronics systems in particular. VE-VIDES follows an application-oriented approach, bringing together companies from important industry sectors such as Automotive and Industry 4.0 with supplier, development and research partners. Project internet page: www.edacentrum.de/ve-vides Participating Partners:

• CARIAD SE, https://cariad.technology/de/en.html
• Fraunhofer Institute for Integrated Circuits IIS, Division Engineering of Adaptive Systems EAS, https://www.eas.iis.fraunhofer.de
• Infineon Technologies AG, https://www.infineon.com
• IMMS Institut für Mikroelektronik- und Mechatronik-Systeme gemeinnützige GmbH (IMMS GmbH), https://www.imms.de
• OFFIS e.V. - Institute for Information Technology, https://www.offis.de
• OneSpin, a Siemens company, https://www.onespin.com
• Robert Bosch GmbH, https://www.bosch.com
• Siemens AG, http://www.siemens.com/eda
• Synopsys GmbH, https://www.synopsys.com
• Chemnitz University of Technology, https://www.tu-chemnitz.de/etit/sse/
• Ulm University, https://www.uni-ulm.de/in/mikro/
• X-FAB Global Services GmbH, http://www.xfab.com
• Project Management: edacentrum GmbH, edacentrum.de