Customizing Security for Diverse IoT Endpoints

Endpoints in the Internet of Things (IoT) vary considerably in their hardware-software architecture and their functional capability. The IoT marketplace is unlikely to converge on a single or a few dominant endpoint platforms in the near term and potentially even long term future.This creates a major problem and an opportunity for securing IoT endpoints that are being increasingly integrated in critical infrastructures and tactical cyber physical systems.Our effort explores flexible customization of security using Field Programmable Gate Arrays (FPGAs) which have emerged in diverse SoCs targeting IoT endpoints.Specifically, we will realize FPGA customization in three core forms: (1) Incorporating a subset of standard TPM functions that grows as the FPGA grows and is increasingly leveraged by standard, open-source cryptographic frameworks running on the SoC CPUs.(2) Incorporating the chain of trust support needed for realizing a secure world on CPU architectures whose protection mechanisms allow doing so.(3)Leveraging FPGA protection mechanisms to customize secure support for specific OS mechanisms, if not functions, especially when they are lacking in the other processors.We will provide reference designs for representative SoCs and demonstrate a prototype of a mote scale IoT endpoint.