Cyber Physical Security Research Center
AIST

Research Teams

Security Assurance Scheme Research Team

In our time, the supply chain of devices and systems includes a variety of businesses and many phases, and is globalized. Meanwhile, along with the rapid popularization of IoT, which is expected to provide new services, tampering of products themselves by inserting malicious logic into ICs used in IoT devices, has become threats causing malicious function such as information leakage and denial of service.The security assurance scheme research team aims to quickly and reliably install new security technology in products and systems by improving the technical foundation of security assurance, leading to evaluation certification and international standardization, in cooperation with relevant organizations. Specifically, we aggregate attack types by comprehensively analyzing and evaluating vulnerabilities from the viewpoint of an attacker who exploits a variety of logical / physical interfaces of software / hardware in an advanced manner. In addition, we will consider technical and procedural issues concerning methods of deriving the security requirements that the manufacturer should satisfy and vulnerability assessment methods to be carried out by the evaluation agency. Through these approaches, we are working on research and development of security assurance schemes suitable for various IoT fields involving multiple layers from chip vendors to application suppliers.

Software Analytics Research Team

We are studying software technologies for the future IoT environments where billions of devices are connected and controlled for mega-scale optimization. We have specific interests in how we test the IoT systems that work both in the cyber world and in the real world and how we fix their defects as soon as they are discovered. It is predicted that in 2030 there will be a trillion IoT devices running in the world. As it is impossible for humans to maintain systems in such magnitude, we have to automate a large part of the tasks of fault localization, debugging, synthesis and update of the program, possibly through cloud. In this regard, we are engaged in basic research for automated programming. Since many infrastructures are going to depend on IoT in the future, its security becomes extremely important. We are working on the methods for improving reliability of large and complex distributed systems and for detecting/fixing vulnerabilities of the systems.

Advanced Cryptography Research Team

With the advance of complex information systems, such as large-scale clouds, protecting security and privacy using existing cryptographic techniques becomes increasingly difficult. To address this, we are developing new efficient cryptographic schemes with advanced functionalities, including functional encryption, fully homomorphic encryption, zero-knowledge proofs, and secure computation. These schemes enable fine-grained access control and computation over encrypted data. Furthermore, cryptographic systems deployed in practice require a high level of security to ensure that they cannot be broken via powerful distributed attacks or immediate advances in cryptanalytic techniques. We are working on the security evaluation of several deployed and widely used cryptographic systems, with the aim of either providing mathematical proofs of the security of these, or identifying potential weaknesses which might lead to attacks.

Hardware Security Research Team

Our team conducts hardware security research that contributes to enhancing security and its evaluation from the viewpoints of hardware and physical properties. Our research activities extend to reflecting the research results in security guidelines and standards as well as security evaluation and certification schemes.

Cryptography Platform Research Team

Our team aims at conducting novel cryptographic researches and applying our results to various platforms or systems for protecting privacy and security. Our research interests consist of diverse areas of cryptography and information security such as attribute-based and functional encryption, secure multi-party computation, security analyses of lattice-based cryptosystems, differential privacy, trusted computing, and many more. Based on these tools, we focus on practical applications including access control, privacy-preserving data analyses, and applied security in trusted execution environments, together with efficient implementations thereof. Our main vision is to bridge the gap between theoretic research in cryptography and practical security in real-world platforms.

Infrastructure Protection Security Research Team

The Internet of things (IoT) attempts to connect physical objects all around users, which will enhance the users’ convenience and brings us the quality of the society. Along with the transformation of our societies, the safety/security threat to users and the surroundings has occurred in many places. In order to realize a secure society with the advent of the coming IoT society, a comprehensive rather than ad-hoc, from the entrance stage of manufacturing, commitment to security measures (security by design; SBD) is required. For example, in order to design the function of the required security and safety while maintaining the integrity of the entire system, while reducing the labor of manual analysis, IPS(Infrastructure Protection Security)Research Team is developing the software tools to continually update the system requirements. It is said the physical devices in our surroundings become a few hundred billion within five-ten years, it then must avoid falling into malfunction or loss of functionality due to natural or man-made electromagnetic noise. In the IPS team, we are also developing technologies to support the normal operation of the microcomputers and software.

Software Quality Assurance Research Team

Software will be a key component for various safety-related decisions in cyber-physical systems. At the same time, however, low-quality software may cause critical failures of the whole system, resulting in physical safety/security incidents.
Quality management of software in cyber-physical systems faces two major challenges: complexity of the surrounding environment and diversity of used software-development technologies. Cyber-physical system software will typically be used in an open environment where advance analysis of the all risks in the real use-case quite difficult. Recent software development technologies, especially AI-based machine-learned recognition and decisions, will make structural testing of software quite unreliable. Both of these do not fit well with the traditional structure of software quality management based on comprehensive risk analysis and item-wise realization of countermeasures to the risks.
Our research team aim to solve these problems by conducting research on the following topics.

1. Quality assurance processes and techniques for contemporary software development:

We will develop a quality assurance process and related software engineering technologies (testing, analysis, verification etc.) for the contemporary software technologies, especially those using data-driven automatic code-generation (i.e. machine-learning / artificial intelligence) or probabilistic (randomized, non-deterministic) executions. We will find out how these kinds of software can be ensured a high level of reliability and fitted in the existing requirements and processes for software security and safety managements.

2. Logical formalization and verification of real world safety properties and requirements:

We will develop technologies that helps understanding of the safety-related properties of the real world of high diversity. These covers from practical procedural method for risk analysis in the open world to completely logical formalizations of the real-world geometry and mechanical physics. Our goal is to fill-in the gap between intrinsic human understanding of security/safety risks and those modelled and realized in the computer software and its development processes, that is a major cause of unexpected malfunctions of cyber-physical system software.