The Secure Systems Research Center (SSRC) has partnered with the University of New South Wales (UNSW Sydney) to research enhancements and scaling of the seL4 microkernel on edge devices. The collaboration aims to extend the seL4 microkernel to support dynamic virtualization, combining minimal trusted computing base with strong isolation. This will address challenges related to heterogeneous hardware, software, and environmental factors in edge computing. Why it matters: This partnership aims to improve the security of edge devices in critical sectors, addressing vulnerabilities in cyber-physical and autonomous systems.
Researchers from KAUST, University of St. Andrews, and the Center for Unconventional Processes of Sciences have developed an uncrackable security system using optical chips. The system uses silicon chips with complex structures that are irreversibly changed to send information, achieving "perfect secrecy" through a one-time key. This method leverages classical physics and the second law of thermodynamics to ensure that keys are never stored, communicated, or recreated, making interception impossible. Why it matters: This breakthrough has the potential to revolutionize communications privacy globally, offering an unbreakable method for securing confidential data on public channels.
Researchers at ETH Zurich have formalized models of the EMV payment protocol using the Tamarin model checker. They discovered flaws allowing attackers to bypass PIN requirements for high-value purchases on EMV cards like Mastercard and Visa. The team also collaborated with an EMV consortium member to verify the improved EMV Kernel C-8 protocol. Why it matters: This research highlights the importance of formal methods in identifying critical vulnerabilities in widely used payment systems, potentially impacting financial security for consumers in the GCC region and worldwide.
The Secure Systems Research Center (SSRC) has obtained membership in the seL4 Foundation. This membership allows SSRC to participate in and contribute to the open-source development of seL4, a formally verified microkernel OS. SSRC aims to research, contribute to, and advance next-generation high-end edge device environments using seL4's capabilities. Why it matters: This move enhances the UAE's capabilities in developing secure and resilient edge computing solutions, fostering innovation in critical sectors like secure communications and drone technology.
TII's Secure Systems Research Center in Abu Dhabi has integrated a secure PX4 stack into a RISC-V based drone, marking a milestone in making RISC-V UAV systems a reality. The center ported DroneCode's PX4 open source software to RISC-V using a commercially available RISC-V development platform. SSRC aims to improve the security and resilience of the PX4 flight control software and NuttX real-time OS, contributing modifications back to the open-source community. Why it matters: This achievement enhances TII's position in drone and autonomous systems research, contributing to safer and more efficient smart city applications in the region.
A PhD candidate from the University of Waterloo presented on threats from large machine learning systems at MBZUAI. The talk covered data privacy during inference and the misuse of ML systems to generate deepfakes. The speaker also analyzed differential privacy and watermarking as potential solutions. Why it matters: Understanding and mitigating the risks of large ML systems is crucial for responsible AI development and deployment in the region.
TII's Secure Systems Research Center (SSRC) has partnered with Purdue University on a three-year cybersecurity project focused on ensuring the safe and efficient use of Unmanned Aerial Vehicles (UAVs) in urban environments. The collaboration will study security and resilience in cyber-physical and autonomous systems, addressing vulnerabilities in communication, navigation, and command and control. The project includes four phases: modeling and analysis of UAS security, developing algorithms for high-assurance autonomy, constructing an experimental environment, and testing mitigation strategies. Why it matters: The partnership enhances the UAE's capabilities in securing critical digital systems and fosters the growth of commercial autonomous drones and robots, opening new opportunities for enterprises.