The Secure Critical Systems Laboratory (SCSL) is an initiative to set up a laboratory for information security research at IIT Madras. The lab is located in the Department of Computer Science and Engineering and with a funding of INR 2.39 Crores from DST Fund for Improvement of R&D Infrastructure FIST.
The grant is for a total of 5 years for purchase of (1) high-end reconfigurable boards (Rs. 1.20 Lakhs), (2) deep-learning platforms (Rs. 85 Lakhs), (3) network testers (Rs. 15 Lakhs) and (4) Maintenance (Rs. 19 Lakhs).
The lab will focus on areas related to information security in critical systems, including the following areas: formal methods in security, learning algorithms and security, and design and development of indigenous secure systems, network security protocol design and implementation using programmable data plane devices.
This equipment infrastructure is available to all faculty and students from Computer Science and Engineering, IIT Madras and other departments. For use of equipment purchased on this project, please contact HOD, CSE.
While the security of crypto-algorithms are mathematically proven, their implementations are not. Adversaries may be able to exploit bugs, errors, and flaws in implementations. Sensitive information may leak through side channels such as the device’s power consumption, electro-magnetic radiation, and execution time. At SCSL, correctness of the implementation is verified by formal verification and the side channel vulnerabilities of implementations would be investigated. The primarily challenge in applying formal verification is that cryptographic programs are computationally intensive and have a huge state space. We apply effective techniques on these programs from the software verification domain to ensure their formal correctness.
Current design techniques use a find-and-patch methodology, where software patches are applied only after vulnerabilities are detected. Sometimes, systems are deployed for several years before such vulnerabilities our detected. In this track, we plan to use AI/ML to discover vulnerabilities as early as in the design phase itself. The AI/ML agent, would learn system characteristics and automatically discover potential attacks. Another aspect of focus is on the security of ML and AI algorithms. For instance, an attacker can infer the machine learning decision process or even manipulate datasets to tamper with decision process’ to force invalid outputs. In this research, our focus is on detecting security vulnerabilities in these algorithms.
Optimizations in system design has always focused on better performance with smaller sizes and lower power consumption. Security has always been a hindsight. This design approach leads to severe security vulnerabilities in all system modules, which becomes very difficult to fix. In this track, we plan to design systems keeping security as a prime design objective in addition to system performance, size, and power. Design choices would be explored keeping in perspective tradeoffs between the traditional parameters along with security. We plan to design and develop security aware microprocessors, operating systems, network routers, low cost tablets. Side-by-side, the lab also builds tools for security evaluation of these devices.
The lab offers undergraduate and graduate courses in information security. Current and upcoming courses are:
User Oriented Programs offer post-graduate programs with specialization
in information security.