Søg
Close this search box.
Kategorier
Bridge-projekt

Verified Voting Protocols and Blockchains

DIREC-projekt

Verified Voting protocols and blockchains

Resumé

Der er konstant interesse for internetafstemning fra valgkommissioner rundt om i verden. Samtidig er der behov for onlineafstemning i blockchain-styring. Dog er det ikke let at opbygge et internetafstemningssystem: Designet af nye kryptografiske protokoller er fejlbehæftet, og offentlig tillid til det valgte organ er let truet.

I samarbejde med en industriel partner har dette projekt til formål at forbedre sikkerheden og kvaliteten af internetafstemningssystemet og påvirke reguleringen af minimumskvalitetskrav for blockchains.

Projektperiode: 2023-2025
Budget: 7,5 millioner kr.

Our aim is to bring the security proofs about protocols much closer to their implementation.

Here are four considerations that explain the unmet needs of this project.

  1. Voting protocols, both in form of Blockchain Governance Protocols and Internet Voting Protocols have become increasingly popular and will be more widely deployed, as a result of an ongoing digitalization effort of democratic processes and also driven by the current pandemic.
  2. Elections are based on trust, which means that election systems ideally should be based on algorithms and data structures that are already trusted. Blockchains provide such a technology. They provide a trusted bulletin board, which can be used as part of voting.
  3. Voting crucially depends on establishing the identity of the voter to avoid fraud and to establish eligibility verifiability.
  4. Any implementation created by a programmer, be it a Blockchain Governance Protocol or an Internet Voting Protocol can have bugs that quickly erode public confidence.

This project aims to shed more light on the overall research question, how to design high assurance blockchain governance software, and can such protocols scale to Internet Voting Protocols.

(RO) To advance the state of the art of high assurance cryptographic software, especially for blockchain governance protocols and voting protocols.

(WP1) To achieve (RO), we start by working towards a high assurance implementation of a blockchain governance protocol (e.g. the one used by Concordium) and an existing blockchain voting protocol, such as the Open Vote Network, or Election Guard. If there is sufficient progress in the design of a software-independent protocol we will retarget our research to such a protocol. This will use existing software projects developed at AU: SSProve, ConCert and various libraries for high assurance cryptographic primitives. AU will take the lead for this WP.

(WP2) The Concordium blockchain provides a secure and private way to put credentials, such as passport information, on the internet. In this project we aim to integrate this with legacy ID infrastructure, such as MitID. We will investigate how to reuse such blockchain based identities for internet voting. We aim to address (4) above in this way. Concordium will take the lead for this WP.

(WP3) Implementation of the cryptographic protocol. Based on the results from (WP1), we propose to develop an open-source library that makes our high assurance blockchain voting technology available for use in third-party products. We envision to release a prototype similar to Election Guard (which is provided by Microsoft), but with a blockchain providing the ID infrastructure, as well as functioning as a public bulletin board. ALX will take the lead for this WP.

Scientific value
Internet voting provides a unique collection of challenges, such as, for example, vote privacy, software quality, receipt freeness, coercion resistance, and dispute resolution. Subsets of them can be solved separately, here we aim to guarantee vote privacy and software quality by the means of a privacy-preserving and accountable blockchain and formally verify substantial parts of the resulting voting protocol.

Capacity building
The proposed project pursues capacity building by training a PhD student. The Alexandra Institute will build capacity in rust, smart contracts and high assurance cryptographic software.

Business value
The project is highly interesting to and relevant for the industry. There are two reasons why it is interesting for Concordium. On the one hand, voting is an excellent application demonstrating the vision of the blockchain and, on the other hand, Concordium will as part of the project implement a voting scheme to be used for decentralized governance of the blockchain. More precisely, the Concordium blockchain is designed to support applications where users can act privately while maintaining accountability and meeting regulatory requirements.

Furthermore, it is an explicit goal of Concordium to support formally verified smart contracts. Obviously, all these goals fit nicely with the proposed project, and it will be important for Concordium to demonstrate that the blockchain actually supports the secure voting schemes developed in the project. With respect to governance, Concordium has a need to develop a strong voting scheme allowing members of our community to vote on proposed features and to elect members of the Governance Committee. The project is of great interest to the Alexandra Institute to apply and improve in-house capacity for implementing cryptographic algorithms. The involvement of Alexandra will guarantee that the theoretical findings of the proposed project will we translated into usable real world products.

Societal value
Internet voting was stalled for three years in Switzerland due to insecure protocols and implementations. We aim to develop technology to improve the security (audits) of such protocols and implementations. Around 5 billion dollars were lost since 2018 due to insecure blockchain implementations, often effecting retail investors. Our project aims to improve the state of the art of cryptographic software, and thus influence regulation on minimal quality requirements for blockchains, similar to existing Swiss regulation for e-voting.

Værdi

Projektet søger at implementere sikre blockchain-baserede afstemningsordninger, der understøtter decentral styring og overholdelse af lovgivning, samtidig med at kryptografisk software fremmes for at forbedre sikkerhedsforanstaltninger og påvirke regulatoriske standarder, og derved mindske risici og forbedre samfundets tillid til digital afstemning og blockchain-implementeringer.

Nyheder / omtale

Deltagere

Project Manager

Bas Spitters

Associate Professor

Aarhus University
Department of Computer Science

E: spitters@cs.au.dk

Gert Læssøe Mikkelsen

Head of Security Lab

The Alexandra Institute

Nibras Stiebar-Bang

Chief Technology Officer

Concordium ApS

Bernardo David

Associate Professor

IT University of Copenhagen

Diego Aranha

Associate Professor

Aarhus University
Department of Computer Science

Lasse Letager Hansen

PhD Student

Aarhus University
Department of Computer Science

Eske Hoy Nielsen

PhD Student

Aarhus University
Department of Computer Science

Partnere

Kategorier
Bridge-projekt

Secure Internet of Things – Risk Analysis in Design and Operation (SIoT)

DIREC-projekt

Secure Internet of things (SIOT)

- Risk Analysis in Design and Operation

Resumé

Behovet for sikkerhed i IoT-systemer er enormt, men det er svært at opnå på grund af systemernes karakteristika.

Sammen med en række virksomheder har dette projekt til formål at identificere sikkerheds- og sikkerhedskrav til IoT-systemer og udvikle algoritmer til kvantitativ risikovurdering og beslutningstagning, samt skabe værktøjer til at designe og certificere IoT-sikkerhedstræningsprogram, der vil sætte danske virksomheder i stand til at opnå sikkerhedcertificering af deres IoT-enheder, hvilket kan give dem et forspring på et marked, der sandsynligvis vil kræve en sådan certificering i den nærmeste fremtid..

 

Projektperiode: 2022-2025
Budget: 25,10 millioner kr.

When developing novel IoT services or products today, it is essential to consider the potential security implications of the system and to take those into account before deployment. Due to the criticality and widespread deployment of many IoT systems, the need for security in these systems has even been recognised at the government and legislative level, e.g., in the US and the UK, resulting in proposed legislation to enforce at least a minimum of security consideration in deployed IoT products.

However, developing secure IoT systems is notoriously difficult, not least due to the characteristics of many such systems: they often operate in unknown and frequently in privacy‐sensitive environments, engage in communication using a wide variety of protocols and technologies, and must perform essential tasks such as monitoring and controlling (physical) entities. In addition, IoT systems must often perform within real‐ time bounds on limited computing platforms and at times even with a limited energy budget. Moreover, with the increasing number of safety‐critical IoT devices (such as medical devices and industrial IoT devices), IoT security has become a public safety issue. To develop a secure IoT system, one should take into account all of the factors and characteristics mentioned above, and balance them against functionality and performance requirements. Such a risk analysis must be performed not only at the design stage, but also throughout the lifetime of the product. Besides technical aspects, the analysis should also take into account the human and organizational aspects. This type of analysis will form an essential activity for standardization and certification purposes.

In this project, we will develop a modelling formalism with automated tool support, for performing such risk assessments and allowing for extensive “what‐if” scenario analysis. The starting point will be the well‐ known and widely used formalism of attack‐defense trees extended to include various quantities, e.g., cost or energy consumption, as well as game features, for modelling collaboration and competition between systems and between a system and its environment.

In summary, the project will deliever:

  • a modeling method for a systematic description of the relevant IoT system/service aspects
  • a special focus on their security, interaction, performance, and cost aspects
  • a systematic approach, through a new concept of attack‐defense‐games
  • algorithms to compute optimal strategies and trade‐offs between performance, cost and security
  • a tool to carry out quantitative risk assessment of secure IoT systems
  • a tool to carry out “what‐if” scenario analysis, to harden a secure IoT system’s design and/or operation
  • usability studies and design for usability of the tools within organizations around IoT services
  • design of training material to enforce security policies for employees within these organizations.

The main research problems are:

  1. To identify safety and security requirements (including threats, attacker models and counter measures) for IoT systems, as well as the inherent design limitations in the IoT problem domain (e.g., limited computing resources and a limited energy budget).
  2. To organize the knowledge in a comprehensive model. We propose to extend attack‐defense trees with strategic game features and quantitative aspects (time, cost, energy, probability).
  3. To transform this new model into existing “computer models” (automata and games) that are amenable to automatic analysis algorithms. We consider stochastic priced timed games as an underlying framework for such models due to their generality and existing tool support.
  4. To develop/extend the algorithms needed to perform analysis and synthesis of optimal response strategies, which form the basis of quantitative risk assessment and decision‐making.
  5. To translate the findings into instruments and recommendations for the partner companies, addressing both technical and organizational needs.
  6. To design, evaluate, and assess the user interface of the IoT security tools, which serve as important backbones supporting to design and certify IoT security training programs for stakeholder organizations.

Throughout the project, we focus on the challenges and needs of the partner companies. The concrete results and outcomes of the project will also be evaluated in the contexts of these companies. The project will combine the expertise of five partners of DIREC (AAU, AU, Alexandra, CBS and DTU) and four Work Streams from DIREC (WS7: Verification, WS6: CPS and IoT systems, WS8: Cybersecurity and WS5: HCI, CSCW and InfoVis) in a synergistic and collaborative way.

Business value
While it is difficult to make a precise estimate of the number of IoT devices, most estimates are in the range 7‐15 billion connected devices and expected to increase dramatically over the next 5‐10 years. The impact of a successful attack on IoT systems can range from nuisance, e.g., when baby monitors or thermostats are hacked, over potentially expensive DDoS attacks, e.g., when the Mirai malware turned many IoT devices into a DDoS botnet, to life‐threatening, e.g., when pacemakers are not secure. Gartner predicted that the worldwide spending on IoT security will increase from roughly USD 900M to USD 3.1B in 2021 out of a total IoT market up to USD 745B.

The SIOT project will concretely contribute to the agility of the Danish IoT industry. By applying the risk analysis and secure design technologies developed in the project, these companies get a fast path to certification of secure IoT devices. Hence, this project will give Danish companies a head‐start for the near future where the US and UK markets will demand security certification for IoT devices. Also, EU is already working on security regulation for IoT devices. Furthermore, it is well known that the earlier in the development process a security vulnerability or programming error is found, the cheaper it is to fix it. This is even more important for IoT products that may not be updatable “over‐the‐air” and thus require a product recall or physical update process. The methods and technologies developed in this project will help companies find and fix security vulnerabilities already from the design phase and exploration phase, thus reducing long‐term cost of maintenance.

Societal value
It is an academic duty to contribute to safer and more secure IoT systems, since they are permeating the society. Security issues quickly become safety incidents, for instance since IoT systems are monitoring against dangerous physical conditions. In addition, compromised IoT devices can be detrimental for our privacy, since they are measuring all aspects of human life. DTU and Alexandra Institute will disseminate the knowledge and expertise through the network built in the joint CIDI project (Cybersecure IoT in Danish Industry, ending in 2021), in particular a network of Danish IoT companies interested in security, with a clear understanding of companies’ needs for security concerns.

We will strengthen the cybersecurity level of Danish companies in relation to Industry 4.0 and Internet of Things (IoT) security, which are key technological pillars of digital transformation. We will do this by means of research and lectures on several aspects of IoT security, with emphasis on security‐by‐design, risk analysis, and remote attestation techniques as a counter measure.

Capacity building
The education of PhD students itself already contributes to “capacity building”. We will organize a PhD Summer school towards the end of the project, to disseminate the results, across the PhD students from DIREC and students abroad.

We will also prepare learning materials to be integrated in existing course offerings (e.g., existing university courses, and the PhD and Master training networks of DIREC) to ensure that the findings of the project are injected into the current capacity building processes.

Through this education, we will also attract more students for the Danish labor market. The lack of skilled people is even larger in the security area than in other parts of computer science and engineering.

Værdi

Projektet vil give danske virksomheder et forspring i den nærmeste fremtid, når både EU, USA og det britiske marked vil kræve sikkerhedscertificering af IoT-enheder.

Ved at anvende risikoanalyse og sikre designteknologier udviklet i projektet får danske virksomheder en hurtig vej til certificering af sikre IoT-enheder.

Nyheder / omtale

Deltagere

Project Manager

Jaco van de Pol

Professor

Aarhus University
Department of Computer Science

E: jaco@cs.au.dk

Torkil Clemmensen

Professor

Copenhagen Business School
Department of Digitalization

Qiqi Jiang

Associate Professor

Copenhagen Business School
Department of Digitalization

Kim Guldstrand Larsen

Professor

Aalborg University
Department of Computer Science

René Rydhof Hansen

Associate Professor

Aalborg University
Department of Computer Science

Flemming Nielson

Professor

Technical University of Denmark
DTU Compute

Alberto Lluch Lafuente

Associate Professor

Technical University of Denmark
DTU Compute

Nicola Dragoni

Professor

Technical University of Denmark
DTU Compute

Sean Kauffman

Assistant Professor (Tenure Track)

Aalborg University

Mikael Bisgaard Dahlsen-Jensen

PhD Student

Aarhus University
Department of Computer Science

Alyzia-Maria Konsta

PhD Student

Technical University of Denmark
DTU Compute

Gert Læssøe Mikkelsen

Head of Security Lab

The Alexandra Institute

Laura Lynggaard Nielsen

Senior Anthropologist

The Alexandra Institute

Zaruhi Aslanyan

Security Architect

The Alexandra Institute

Marcia ShiTing Wang

PhD Student

Copenhagen Business School
Department of Digitalization

Anders Qvistgaard Sørensen

R&D Manager

Micro Technic

Jørgen Hartig

CEO & Strategic Advisor

SecuriOT

Claus Riber

Senior Manager
Software Cybersecurity

Beumer Group

Morten Granum

Software Director

Beumer Group

Kristian Baasch Thomsen

Lead Digital Compliance Specialist

Grundfos

Karsten Ries

CEO

Develco Products

Daniel Lux

Chief Technology Officer

Seluxit

Samant Khajuria

Chief Specialist Cybersecurity

Terma

Tobias Worm Bøgedal

PhD student

Aalborg University

Partnere

Kategorier
Bridge-projekt

Verifiable and Safe AI for Autonomous Systems

DIREC-projekt

Verifiable and safe ai for autonomous systems

Resumé

Den hastigt voksende anvendelse af maskinlæringsteknikker i cyberfysiske systemer fører til bedre løsninger og produkter med hensyn til tilpasningsevne, ydeevne, effektivitet, funktionalitet og brugervenlighed.
Cyberfysiske systemer er dog ofte sikkerhedskritiske, fx selvkørende biler eller medicinsk udstyr, og behovet for verifikation mod potentielt dødsulykker er af afgørende betydning.

Sammen med virksomhedsdeltagerne har dette projekt til formål at udvikle metoder og værktøjer, der vil sætte industrien i stand til automatisk at sammensætte konstruktionsmæssigt korrekte og næsten optimale controllere til sikkerhedskritiske systemer inden for en række forskellige domæner.

AI technologies may present new safety risks for users when they are embedded in products and services. For example, as result of a flaw in the object recognition technology, an autonomous car can wrongly identify an object on the road and cause an accident involving injuries and material damage. This in turn makes it difficult to place liability in case of malfunctioning:
Under the Product Liability Directive, a manufacturer is liable for damage caused by a defective product. However, in the case of an AI based system such as autonomous cars, it may be difficult to prove that there is a defect in the product, the damage that has occurred and the causal link between the two.

What is needed are new methods, where machine learning is integrated with model-based techniques such that machine-learned solutions, typically optimising expected performance, are ensured to not violate crucial safety constraints, and can be certified not to do so. Relevant domains include all types of autonomous systems, where machine learning is applied to control safety critical systems.

The research aim of the project is to develop methods and tools that will enable industry to automatically synthesise correct-by-construction and near-optimal controllers for safety critical 45 systems within a variety of domains. The project will involve a number of scientific challenges including representation of strategies – neural networks (for compactness), decision trees (for explainability). Also, development of strategy learning methods with statistical guarantees is crucial.

A key challenge is understanding and specifying what safety and risk means for model-free controllers based on neural networks. Once formal specifications are created, we aim at combining the existing knowledge about property-based testing, Bayesian probabilistic programming, and model checking.

Value creation
The scientific value of the project are new fundamental theories, algorithmic methods and tools together with evaluation of their performance and adequacy in industrial settings. These are important contributions bridging between the core research themes on AI and Verification in DIREC.

For capacity building the value of the project is to educate PhD students and Post Docs in close collaboration with industry. The profile of these PhD students will meet a demand in the companies for staff with competences on both machine learning, data science and traditional software engineering. In addition, the project will offer a number of affiliated students projects at master-level.

For the growing number of companies relying of using AI in their products the ability to produce safety certification using approved processes and tools will be vital in order to bring safety critical applications to the market. At the societal level trustworthiness of AI-based systems is of prime concern within EU. Here methods and tools for providing safety guarantees can play a crucial role.

Værdi

For det stigende antal virksomheder, der er afhængige af at bruge AI i deres produkter, vil evnen til at producere sikkerhedscertificering ved hjælp af godkendte processer og værktøjer være afgørende for at bringe sikkerhedskritiske applikationer på markedet.

På samfundsniveau er troværdigheden af AI-baserede systemer af største betydning i EU. Her kan metoder og værktøjer til at stille sikkerhedsgarantier spille en afgørende rolle.

Nyheder / omtale

Deltagere

Project Manager

Kim Guldstrand Larsen

Professor

Aalborg University
Department of Computer Science

E: kgl@cs.aau.dk

Thomas Dyhre Nielsen

Professor

Aalborg University
Department of Computer Science

Andrzej Wasowski

Professor

IT University of Copenhagen
Department of Computer Science

Martijn Goorden

PostDoc

Aalborg University
Department of Computer Science

Esther Hahyeon Kim

PhD Student

Aalborg University
Department of Computer Science

Mohsen Ghaffari

PhD Student

IT University of Copenhagen
Department of Computer Science

Martin Zimmermann

Associate Professor

Aalborg University
Department of Computer Science

Christian Schilling

Assistant Professor

Aalborg University
Department of Computer Science

Thomas Asger Hansen

Head of Analytics and AI

Grundfos

Daniel Lux

CEO

Seluxit

Karsten Lumbye

Chief Innovation Officer

Aarhus Vand

Kristoffer Tønder Nielsen

Project Manager

Aarhus Vand

Malte Skovby Ahm

Research and business lead

Aarhus Vand

Mathias Schandorff Arberg

Engineer

Aarhus Vand

Gitte Rosenkranz

Project Manager

HOFOR

Susanne Skov-Mikkelsen

Chief Consultant

HOFOR

Lone Bo Jørgensen

Senior Specialist

HOFOR

Partnere