Approaches and tools for security in software and hardware development and assessment

Develop new architectures for tamper-resistant chips and processors. Exploring novel designs for secure microprocessors, leveraging hardware-level security enhancements, and integrating cryptographic co-processors that may also support post-quantum cryptography (PQC), for enhanced protection against tampering and side-channel attacks.

Enhance supply chain transparency for chip production and integration. Exploring innovative ways to improve traceability and accountability in chip manufacturing processes, including methods such as post-quantum secure hardware roots of trust, blockchain for tracking components, or certification mechanisms.

Establish security-by-design methodologies for hardware security assessment. Advancing methodologies for systematic security testing of hardware components, including automated vulnerability analysis, verification frameworks, and integration of security assessment into chip design and lifecycle management.

Develop methods and tools for an effective and efficient non-destructive authentication and physical analysis of integrated circuits and multi-chips modules (chiplets).

Develop technical means for ensuring hardware supply chain security, and secure PQC implementations: hardware trojan and backdoor detection, hardware watermarking, relevant reverse engineering techniques, countermeasures also against new classes of hardware physical attacks. Develop self-healing firmware able to recover from cyber-attacks. Develop firmware able to leverage advanced anomaly detection, AI-driven threat mitigation and secure rollback mechanisms to automatically identify cyber-attacks, isolate compromised components restore the system to a trusted state while maintaining operational continuity.

Develop innovative tools for real-time software vulnerability detection and automatic patching. Advancing the state of automated detection techniques, incorporating dynamic analysis, AI-driven pattern recognition, predictive analytics to proactively identify security weaknesses before exploitation and self-healing mechanisms.

Enhance secure software frameworks, including protection against the quantum threat. Exploring new methodologies for integrating security-by-design principles across development workflows, incorporating approaches such as automated security policy enforcement, modular security components, and improved dependency management.

Improve resilience against supply chain cyber threats. Investigating novel mitigation strategies, including provenance tracking for software components and their analysis, secure update distribution mechanisms including protection from emerging quantum threats where relevant, enhanced anomaly detection, and multi-layer defence approaches to ensure integrity and trustworthiness.