Secure Critical Systems Laboratory

Supported by DST-FIST 2016

Department of Computer Science and Engineering

Indian Institute of Technology Madras, Chennai 600036, India

Secure Critical Systems Laboratory - An Introduction

The Secure Critical Systems Laboratory (SCSL) is an initiative to set up a laboratory for information security research at IIT Madras. The lab is located in the Department of Computer Science and Engineering and with a funding of INR 2.39 Crores from DST Fund for Improvement of R&D Infrastructure FIST. The grant is for a total of 5 years for purchase of (1) high-end reconfigurable boards (Rs. 1.20 Lakhs), (2) deep-learning platforms (Rs. 85 Lakhs), (3) network testers (Rs. 15 Lakhs) and (4) Maintenance (Rs. 19 Lakhs). The lab will focus on areas related to information security in critical systems, including the following areas: formal methods in security, learning algorithms and security, and design and development of indigenous secure systems, network security protocol design and implementation using programmable data plane devices.

Research Themes

Formal Methods in Security

While the security of crypto-algorithms are mathematically proven, their implementations are not. Adversaries may be able to exploit bugs, errors, and flaws in implementations. Sensitive information may leak through side channels such as the device’s power consumption, electro-magnetic radiation, and execution time. At SCSL, correctness of the implementation is verified by formal verification and the side channel vulnerabilities of implementations would be investigated. The primarily challenge in applying formal verification is that cryptographic programs are computationally intensive and have a huge state space. We apply effective techniques on these programs from the software verification domain to ensure their formal correctness.
Learn More»           

Learning Algorithms and Security

Current design techniques use a find-and-patch methodology, where software patches are applied only after vulnerabilities are detected. Sometimes, systems are deployed for several years before such vulnerabilities our detected. In this track, we plan to use AI/ML to discover vulnerabilities as early as in the design phase itself. The AI/ML agent, would learn system characteristics and automatically discover potential attacks. Another aspect of focus is on the security of ML and AI algorithms. For instance, an attacker can infer the machine learning decision process or even manipulate datasets to tamper with decision process’ to force invalid outputs. In this research, our focus is on detecting security vulnerabilities in these algorithms.
Learn More»           

Indigenous Secure Systems and Tools for Security

Optimizations in system design has always focused on better performance with smaller sizes and lower power consumption. Security has always been a hindsight. This design approach leads to severe security vulnerabilities in all system modules, which becomes very difficult to fix. In this track, we plan to design systems keeping security as a prime design objective in addition to system performance, size, and power. Design choices would be explored keeping in perspective tradeoffs between the traditional parameters along with security. We plan to design and develop security aware microprocessors, operating systems, network routers, low cost tablets. Side-by-side, the lab also builds tools for security evaluation of these devices.

Learn More»           

Academic Programs

The lab offers undergraduate and graduate courses in information security.
Current course offered are :
Network Security (CS6500)
Applied Cryptography (CS6530)
Secure Systems Engineering (CS6570)
Router Architectures and Algorithms (CS6040)

User Oriented Programs offers post-graduate programs with specialization in information security.

Learn More»           

Specific Research Areas

  • 1. Design and development of secure and fault-tolerant microprocessor cores
  • 2. Development of a secure low cost tablet
  • 3. Design and development of a secure router
  • 4. Framework for malware analysis and open IoT
  • 5. Formal methods for security assessment
  • 6. Framework for discovering new attack vectors, detect security breaches, etc.

  • Learn More»           

Project Implementation Group