Control flow verification and integrity of executed instructions for the protection of run-time data in Tokens, Internet-of-Things, Mobile Devices and Cyber Physical Systems

Smart cards, tokens, mobile devices, embedded and cyber physical systems have penetrated various aspects of our everyday life. Although each individual device may have been around for a number of years, their widespread use in a number of operational and challenging environments along with the increased interconnectivity requirements (Internet-of-Things), have created an ever increasing demand for extensive security functionality, interoperability and robustness, both in terms of hardware and software.

The research team led by Professor Konstantinos Markantonakis (http://km.isg.rhul.ac.uk/) currently consists of 1 postdoc and 7 PhD students, all of whom are working on the interplay between theory and practice in the above research areas.

Current areas of research examine how the above devices are utilised in a number of application scenarios, for example in payment systems and protocols (EMV, tokenisation, NFC and blockchain technologies), in an attempt to derive innovative and robust secure channel/authentication/authorisation and fair exchange protocols. The team is also addressing issues on how Trusted Execution Environments (TEE), Secure Elements (SEs) and their underlying software platforms can be potentially enhanced with micro kernel, attestation mechanisms and software countermeasures that will safeguard secure application life cycle management (e.g. installation, execution, decommission). We are particularly interested in the interplay between hardware and software based secure application execution mechanisms, hardware and software binding for avionics, automotive environments and Internet of Things (IoTs).

More specifically this project aims to examine control flow verification and integrity of executed instructions for the protection of run-time data in microprocessors. The precise project will be decided upon in consultation with the supervisor.

We are now looking for highly talented candidates, which already have or be expecting to obtain a first class honours degree or a Master’s degree in Information Security, Computer Science, or electronic/computer engineering to join Prof Markantonakis’ team of PhD students. The successful candidate will ideally have good practical skills (such as experience in software development, appreciation of the underlying hardware characteristics of execution environments, FPGA programming is desirable, but not essential), communication and team working skills. A strong interest in information security problems that aim to bridge theory and practice in embedded systems, IoTs, mobile devices, smart cards is essential.

The Information Security Group (ISG) at Royal Holloway, University of London is one of the largest academic security research groups in the world. In 2002, we established the ISG Smart card Centre (SCC, see www.scc.rhul.ac.uk for further details) as a centre of excellence in the field of smart cards, tokens, security and applications. As a result, the student will benefit from a thriving and dynamic research environment, and may collaborate with PhD students and researchers with an interest in the field.