Industry experts forecast that more than 20 billion wireless devices of all types—from smart TVs, phones and home appliances to health care monitors and manufacturing process controls—will be connected worldwide via the emerging Internet of Things (IoT) by 2020. Malicious cyber activity, which cost the U.S. economy $57 to $109 billion in 2016 alone, is expected to rise by 22 percent each year, disrupting both consumer and business use of these devices and putting the economy at risk.
A team of electrical engineers, led by assistant professor and principal investigator Fatemeh Afghah of Northern Arizona University’s School of Informatics, Computing, and Cyber Systems (SICCS), was recently awarded a $750,000 grant by the National Science Foundation’s Partnerships for Innovation Program to develop and commercialize a next-generation cryptosystem, or security platform, capable of protecting IoT devices from cybersecurity attacks through more advanced authentication procedures.
The NAU team, which includes professor of practice Bertrand Cambou and assistant professor Abolfazl Razi, will collaborate with Michael Kozicki and Hugh Barnaby of Arizona State University to enhance security solutions used in e-commerce, banking, smart cities, supply chains, smart health, machine-to-machine communications and the IoT.
Current methods of protecting devices from cyberattacks often are software-based, which limits the extent to which unique identifying properties can be used for secure authentication. The security platform Afghah and her team are developing is a software-hardware hybrid implementing physically unclonable functions that rely on the unique properties of a device’s memory—variabilities generated through the fabrication process—to provide a technological “fingerprint” unique to each device. The proposed solution uses ultra-low-power memory, such as resistive random access memory, making it more competitive because of its reduced consumption of power. Advanced error correction methods will help ensure authentication.
“One of our main contributions with this project designing new algorithms and mechanisms is to ensure that we can always correctly authenticate a device, no matter what physical environment it’s in,” Afghah said.
This three-year project is part of the NSF’s Partnerships for Innovations Program, which offers researchers from all disciplines of science and engineering “the opportunity to perform translational research and technology development, catalyze partnerships and accelerate the transition of discoveries from the laboratory to the marketplace for societal benefit.”
The team will work with several industry partners, including BRIDG, SecureFoundry and Desert Microtechnology Associates, Inc., who will build these devices, evaluate their performance under a range of environmental conditions and manufacture cost-effective products that will be competitive in the marketplace.
“If we can make this happen, it will be a very competitive solution for the IoT, since, despite the current cryptographic methods where the cryptographic keys are stored in devices’ memories, no security keys will be stored in the proposed security module,” Afghah said. “It could have a huge impact on society and the economy by protecting millions of IoT devices against physical hijacking.”
Afghah, who joined NAU in 2015, is the director of the Wireless Networking and Information Processing Laboratory. Her research focuses on machine learning and signal processing in different areas, including wireless communication systems, unmanned aerial vehicles, security systems and medical applications.