As technological advancements drive the proliferation of IoT devices and embedded systems, ensuring their security has become increasingly critical. Despite their compact size and cost-efficiency, these devices often lack robust security features, making them prime targets for cyber attackers. Addressing these vulnerabilities requires innovative solutions and a deep understanding of system architecture. A leading expert in the field has been instrumental in identifying critical gaps in embedded systems and enhancing product security through advanced architectural features. Their pioneering efforts have significantly improved the resilience of these devices against evolving threats, setting new standards in embedded security.
With the technological advancements in embedded systems and IoT devices, the usage of these compact and cost-effective devices has surged significantly in recent years. These devices are essential for storing, processing, and transferring user data and critical information. However, their small size and limited cost requirements often result in minimal security features, making them attractive targets for attackers. The security and resilience of embedded systems have been the focus of extensive research, with significant contributions made in understanding, analyzing, conceptualizing, and implementing various security solutions for these systems. One leading figure in this domain is Avani Dave, whose work has greatly advanced the field.
Her contributions extend beyond just boot time or certain levels of runtime security by verifying integrity and authenticity using hashing or cryptographic primitives. Traditional techniques, which primarily detect attacks and terminate processes or notify users for further action, fall short in the era of AI and interconnected devices. This traditional approach can create bottlenecks due to delays and a lack of proactive prevention measures.
One notable achievement by her is the development of an end-to-end attestation flow, presented at the Linux Security Summit in 2019 and well-received by the community. Her research papers, such as CARE, SRACARE, FVCARE, RARES, and SEDAT, have introduced various attack resiliency techniques for both boot time and runtime. These contributions highlight the importance of resilient systems design, which includes attack detection, prevention, and recovery.
The recognition of these research works has led Dave to secure a hardware security architect role at a leading semiconductor manufacturer. In this capacity, her focus is on developing system security solutions and features for next-generation graphics security products. This role emphasizes the importance of security in the design and development phases, ensuring that systems are “secure by design.”
Among the significant projects undertaken by Avani, the work on SEDAT has provided proof of concept for reference integrity measurements for Trusted Computing Groups (TCGs) using canonical event logs. SRACARE introduced a secure attestation framework for resource-constrained devices, earning an outstanding research paper award at an IEEE conference. Recent initiatives in automotive security, including AI-based automotive controllers and FPGA-based interconnect security, are gaining industry interest and paving the way for future research.
Significant outcomes from these projects include enhanced security measures for the automotive and IoT industries, which rely heavily on application-specific embedded controllers and devices. Addressing challenges such as area, power, and performance optimization in embedded systems, innovative solutions like Linear Temporal Logic-based control register approaches have been developed. These approaches require minimal hardware and performance overhead while providing significant resilience and self-recovery capabilities.
Furthermore, the use of onboard recovery ROMs with a light hardware footprint increases customer trust and offers resilience against secure boot attacks. Implementing combined hardware and software logic without impacting overall solution delivery has been crucial for timely project completion.
Key publications by her, including SRACARE, CARE, SEDAT, RARES, and FVCARE, are leading the way in embedded security by enabling various attack-resilient system design techniques. FVCARE focuses on identifying the correct set of tools for effective security measures.
As an experienced professional in this field, Dave emphasizes that the architecture of embedded systems must be “secure by design.” This requires extensive security analysis, threat model development, and reviews. Resilient systems should not only detect attacks but also provide mechanisms to prevent detected attacks at runtime and offer recovery solutions when applicable. The introduction of AI further demands early detection of anomalies and enhances future systems design by identifying zero-day attacks and analyzing system behavior proactively.
The future of embedded systems security lies in integrating AI for early detection and response, ensuring that devices remain secure, resilient, and efficient in an increasingly connected world. Avani Dave’s pioneering work and insights continue to shape the landscape of embedded system security, driving innovation and setting new standards in the field.