Tiempo Secure, a secure semiconductor design company, has been selected, in a partnership with the CEA, as a winner of the Grand Cybersecurity Challenge (“Grand Défi Cyber”), a project launched by the French government in 2020. The announced objective of the Grand Cybersecurity Challenge is to make our systems sustainably resilient to cyberattacks. Participating in the Challenge brings a valuable support to Tiempo Secure for the development of the iMRC project, which makes IoT connected objects resistant to known and yet unknown attacks.
The iMRC project secures connected objects in a resilient way
The weak security of connected electronic objects has become the Achilles’ heel of networks. In a world where the Internet of Things (IoT) is under constant attacks, the integrated Monitoring & Recovery Component (iMRC) greatly improves the resilience of connected electronic objects. The iMRC project improves the robustness of connected objects not only to known attacks but also to those that are still unknown.
An attack by a virus, ransomware or spyware on a connected object modifies the behavior of this object. Typically, it can lose connection with the remote server or start behaving erratically, with undesired effects. The integrated Monitoring and Recovery Component (iMRC) can detect these behaviors, regain control over the connected object and repair it.
The principle of iMRC (integrated Monitoring & Recovery Component) is as follows:
- iMRC, a new-generation Secure Element (SE), is on board on all connected objects;
- Its role is to regularly monitor the correct execution of the application program of the connected object on the main processor, typically a System-on-Chip (SoC);
- The Secure Element communicates regularly with a secure server in the Cloud, in the form of a Hardware Security Module (HSM), so that the latter always has complete records for each object behavior in the field;
- If the Secure Element detects an abnormal behavior of the application processor, this is a sign of a malware-induced corruption; in this case, the Secure Element takes control of the application processor;
- The Secure Element communicates with the secure server in the Cloud, which, thanks to Artificial Intelligence processes, decides on what to do to settle the malware issue. The server has records including the characteristics and full history of each object, and also a knowledge base of attacks which allows it to define the most suitable response;
- Even if communications are cut, the secure component can still reset the application processor on its own and reinstall a certified image of the application software; this way, the secure component destroys the malware, thus returning the application processor to its initial state.
The iMRC solution ensures that a fleet of malware-infected objects can always be reset/reinstalled remotely, without the need for manual and local intervention on each object, which can be very expensive or even impossible in some operating contexts.
An additional advantage of this approach is that it makes it possible to resist not only the malware programs known as of today, but also future attacks, since their detection is not dependent on the type of attack. The robustness of the solution is due to its architecture including both a Secure Element per object and a secure server accessible in the Cloud, which makes it possible to execute Artificial Intelligence processes and constantly improve the malware knowledge base. Thus, responses are always more adapted to new attacks.
With the Grand Cybersecurity Challenge, innovation on cybersecurity takes a big leap forward
The Grand Cybersecurity Challenge aims at making systems more resilient to cyberattacks in the long term. The iMRC project stands at the very heart of this objective. Tiempo Secure was selected as a winner of the Grand Cybersecurity Challenge in February 2021. This allowed the company to accelerate its developments and always remain at the forefront of semiconductor security for the IoT. In particular, within the framework of the iMRC project, Tiempo Secure collaborates with two CEA laboratories, CEA-Leti and CEA-List, for the best combination of expertise in the areas of secure design of electronic hardware and embedded software, knowledge of cyberattacks/malware as well as the use of Artificial Intelligence.
As part of the Grand Cybersecurity Challenge, Tiempo benefits from a EUR 814,000 grant for the 15 months of the project, which will allow to go from the principle description to a full functional prototype implementing the iMRC functionalities. Thanks to the Grand Cybersecurity Challenge, a high technological content SME like Tiempo Secure has the means to finance extremely innovative developments: the design of integrated circuits and the development of embedded software for iMRC. Concretely, since the start of the iMRC project, three engineers specializing in integrated circuit design and embedded software development have been hired by Tiempo Secure. The second stage of the project will allow to evolve from a functional prototype to an industrialized product that will meet the expectations of developers of connected objects. Commercial operations will take place by stages in the second half of 2022. It will allow large manufacturers who develop components for connected objects to benefit from Tiempo Secure’s technology and integrate it into their own products.
Serge Maginot, CEO and co-founder of Tiempo Secure, declares: “We are extremely happy and proud to have been selected by the French Government in the Grand Cybersecurity Challenge. This way, we can accelerate our development of innovative solutions and strengthen our partnerships with leading industry players. The Grand Cybersecurity Challenge also has another effect: as the selection was very rigorous, the fact we participate in the Challenge is a guarantee of expertise and quality recognized by all our contacts in France and abroad.”