Search Results (519)

FPGA-based reconfigurable systems play a vital role in many critical domains by virtue of their unique advantages. They can effectively adapt to dynamically changing application scenarios, while featuring high parallelism and low power consumption. As a result, they have been widely adopted in key sectors such as aerospace, nuclear industry, and weapon equipment, where high performance and stability are of utmost importance. However, these systems face significant challenges. The continuous and drastic reduction in chip process size has led to increasingly complex and delicate internal circuit structures and physical characteristics. Meanwhile, the operating environments are often harsh and unpredictable. Additionally, the adoption of untrusted third-party foundries to reduce development costs further compounds these issues. Collectively, these factors make such systems highly susceptible to reliability threats, including environmental radiation, aging degradation, and malicious hardware attacks. These problems severely impact the stable operation and functionality of the systems. Therefore, ensuring the highly reliable operation of reconfigurable systems has become a critical issue that urgently needs to be addressed. There is a pressing need to summarize their technical characteristics, research status, and development trends comprehensively and in depth. In response, this paper conducts relevant research. By systematically reviewing 183 domestic and international research papers published between 2012 and 2024, it first provides a detailed analysis of the root causes of reliability issues in reconfigurable systems, thoroughly exploring their underlying mechanisms. Second, it focuses on the key technologies for achieving high reliability, encompassing four types of fault-tolerant design technologies, three types of aging mitigation technologies, and two types of hardware attack defense technologies. The paper comprehensively summarizes relevant research findings and the latest advancements in this field, offering a wealth of references for related research. Finally, it conducts a detailed comparative analysis and summary of the research hotspots in the field of high-reliability reconfigurable systems. It objectively evaluates the achievements and shortcomings of current research efforts and delves into the development trends of key technologies for high-reliability reconfigurable systems, providing clear directions for future research and practical applications. Full article

The Internet of Things (IoT) is increasingly deployed at the edge under resource and environmental constraints, which limits the practicality of traditional intrusion detection systems (IDSs) on IoT hardware. This paper presents two IDS configurations. First, we develop a baseline IDS with fixed hyperparameters, achieving 99.20% accuracy and ~0.002 ms/sample inference latency on a desktop machine; this configuration is suitable for high-performance platforms but is not intended for constrained IoT deployment. Second, we propose a lightweight, edge-oriented IDS that applies ANOVA-based filter feature selection and uses a genetic algorithm (GA) for the bounded hyperparameter tuning of the classifier under stratified cross-validation, enabling efficient execution on Raspberry Pi-class devices. The lightweight IDS achieves 98.95% accuracy with ~4.3 ms/sample end-to-end inference latency on Raspberry Pi while detecting both low-volume and high-volume (DoS/DDoS) attacks. Experiments are conducted in a Raspberry Pi-based real lab using an up-to-date mixed-modal dataset combining system/network telemetry and heterogeneous physical sensors. Overall, the proposed framework demonstrates a practical, hardware-aware, and reproducible way to balance detection performance and edge-level latency using established techniques for real-world IoT IDS deployment. Full article

Soft errors and Hardware Trojans (HTs) constitute major reliability concerns, and in combination they can pose an even greater threat to circuit security. The main aim of this research is to develop and implement a reliability-based HT and to identify the optimal regions for its injection, enabling the creation of challenging benchmarks for evaluating detection techniques. In this context, a reliability-based HT is designed and evaluated using different components to achieve the required time overhead. Next, a method that combines the generation and propagation of Single-Event Transients (SETs), while accounting for both masking effects and the design’s timing constraints, is employed to efficiently identify the most vulnerable and critical gates. The sensitive gates selected for HT insertion exhibit 50–70% vulnerability to soft errors. At the same time, their insertion and the resulting path delay overhead must not violate the design’s timing constraints, and the additional area must remain below 10% of the total area. These three conditions ensure that the inserted HTs remain stealthy and, therefore, challenging to detect. The experimental results demonstrate that selecting this category of gates is highly effective, as it leads to a significant increase in the number of soft errors and, consequently, aggravates circuit vulnerability with minimal impact on the design. On average, the targeted gates exhibit a 130% increase in sensitivity, and the overall Soft Error Rate (SER) increases by 78%, confirming the importance of providing robust benchmarks to combat potential attacks of this kind. Full article

Autonomous drone swarms are increasingly deployed in critical domains such as infrastructure inspection, environmental monitoring, and emergency response. While their distributed operation enables scalability and resilience, it also introduces new vulnerabilities, particularly in authentication and trust establishment. Conventional cryptographic solutions, including public key infrastructures (PKI) and symmetric key protocols, impose computational and connectivity requirements unsuited to resource-constrained and external infrastructure-free swarm deployments. In this paper, we present a decentralized authentication scheme rooted in hardware security primitives (HSPs); specifically, Physical Unclonable Functions (PUFs) and True Random Number Generators (TRNGs). The protocol leverages master-initiated token broadcasting, iterative HSP seed evolution, randomized response delays, and statistical trust evaluation to detect cloning, replay, and impersonation attacks without reliance on centralized authorities or pre-distributed keys. Simulation studies demonstrate that the scheme achieves lightweight operation, rapid anomaly detection, and robustness against wireless interference, making it well-suited for real-time swarm systems. Full article

Instruction Set Architecture (ISA) extensions, particularly scalar cryptography extensions (Zk), combine the performance advantages of hardware with the adaptability of software, enabling the direct and efficient execution of cryptographic functions within the processor pipeline. This integration eliminates the need to communicate with external cores, substantially reducing latency, power consumption, and hardware overhead, making it especially suitable for embedded systems with constrained resources. However, current scalar cryptography extension implementations remain vulnerable to physical threats, notably power side-channel attacks (PSCAs). These attacks allow adversaries to extract confidential information, such as secret keys, by analyzing the power consumption patterns of the hardware during operation. This paper presents an optimized and secure implementation of the RISC-V scalar Advanced Encryption Standard (AES) extension (Zkne/Zknd) using Domain-Oriented Masking (DOM) to mitigate first-order PSCAs. Our approach features optimized assembly implementations for partial rounds and key scheduling alongside pipeline-aware microarchitecture optimizations. We evaluated the security and performance of the proposed design using the Xilinx Artix7 FPGA platform. The results indicate that our design is side-channel-resistant while adding a very low area overhead of 0.39% to the full 32-bit CV32E40S RISC-V processor. Moreover, the performance overhead is zero when the extension-related instructions are properly scheduled. Full article

Software-defined (SD) honeypots, as dynamic cybersecurity technologies, enhance defense efficiency through flexible resource allocation. However, traditional SD honeypots face latency and jitter issues under network fluctuations, while balancing adjustment costs with defense benefits remains challenging. This paper proposes a DPU-accelerated SD honeypot security service deployment method, leveraging DPU hardware acceleration to optimize network traffic processing and protocol parsing, thereby significantly improving honeypot environment construction efficiency and response real-time performance. For dynamic attack–defense scenarios, we design an adaptive adjustment strategy combining Stackelberg game theory with deep reinforcement learning (AASGRL). By calculating the expected defense benefits and adjustment costs of optimal honeypot deployment strategies, the approach dynamically determines the timing and scope of honeypot adjustments. Simulation experiments demonstrate that the mechanism requires no adjustments in 80% of interaction rounds, while achieving enhanced defense benefits in 20% of rounds with controlled adjustment costs. Compared to traditional methods, the AASGRL mechanism maintains stable defense benefits in long-term interactions, verifying its effectiveness in balancing low costs and high benefits against dynamic attacks. This work provides critical technical support for building adaptive proactive network defense systems. Full article

The current trend of globalization of the supply chain in the integrated circuit (IC) industry has led to numerous security issues, such as intellectual property (IP) piracy, overbuilding, hardware Trojan (HT), and so on. Over the past decade or so, logic locking has been developed as an important method to prevent or mitigate the above security issues in ICs throughout their lifecycles. However, most published logic locking schemes are vulnerable to the SAT attack and its variants. Existing SAT-resilient locking schemes always entail a trade-off between security and effectiveness and incur significant hardware overhead. In this paper, we propose a new replacement-based key-controlled circuit (called RKC), the application of which changes the underlying framework of traditional logic locking designs, making the SAT attack and its variants infeasible in the framework. To achieve stronger functional and structural obfuscation and to validate the extensibility of the proposed method within the modified logic-locking design framework, we develop a new multi-input key-controlled circuit (called MKC) via vertical extension, also based on replacement applied to the locking design. In addition, we expand the two proposed circuits horizontally by varying the design parameter m, yielding four logic-locking design circuits. Relevant experiments performed on six selected benchmark circuits from ISCAS’85 and MCNC benchmarks show that the proposed method demonstrates superior/less hardware overhead compared to four recently published locking methods, i.e., GateLock, SKG-Lock, SKG-Lock+, and CAS-Lock. Full article

Resource-constrained Internet of Things (IoT) devices are increasingly deployed in critical domains but remain vulnerable to stealthy attacks that can bypass conventional defenses. At the same time, privacy constraints limit centralized data collection and processing, complicating anomaly detection. This systematic review surveys methods for privacy-preserving anomaly detection in resource-constrained IoT and introduces a five-dimension taxonomy covering deployment paradigms, resource constraints, real-time requirements, protection techniques, and communication constraints. We review how the literature measures and reports resource and privacy costs and identify three major gaps: (1) a shortage of co-designed detector-plus-privacy solutions tailored to constrained hardware, (2) inconsistent reporting of resource and privacy trade-offs, and (3) limited robustness against adaptive attackers and realistic deployment noise. We conclude with actionable recommendations and a prioritized research roadmap. Furthermore, the multi-dimensional taxonomy we introduce provides a structured framework to guide design choices and systematically improve the comparability, deployability, and overall trustworthiness of anomaly detection systems for constrained IoT. Full article

Wireless Sensor Networks (WSNs) operate under strict energy constraints and are therefore highly vulnerable to radio interference, particularly jamming attacks that directly affect communication availability and network lifetime. Although jamming and anti-jamming mechanisms have been extensively studied, energy is frequently treated as a secondary metric, and analyses are often conducted in partial isolation from system assumptions, protocol behavior, and deployment context. This fragmentation limits the interpretability and comparability of reported results. This article presents a systematic literature review (SLR) covering the period from 2004 to 2024, with a specific focus on energy-aware jamming and mitigation strategies in IEEE 802.15.4-based WSNs. To ensure transparency and reproducibility, the literature selection and refinement process is formalized through a mathematical search-and-filtering model. From an initial corpus of 482 publications retrieved from Scopus, 62 peer-reviewed studies were selected and analyzed across multiple dimensions, including jamming modality, affected protocol layers, energy consumption patterns, evaluation assumptions, and deployment scenarios. The review reveals consistent energy trends among constant, random, and reactive jamming strategies, as well as significant variability in the energy overhead introduced by defensive mechanisms at the physical (PHY), Medium Access Control (MAC), and network layers. It further identifies persistent methodological challenges, such as heterogeneous energy metrics, incomplete characterization of jamming intensity, and the limited use of real-hardware testbeds. To address these gaps, the paper introduces an energy-centric taxonomy that explicitly accounts for attacker–defender energy asymmetry, cross-layer interactions, and recurring experimental assumptions, and proposes a minimal set of standardized energy-related performance metrics suitable for IEEE 802.15.4 environments. By synthesizing energy behaviors, trade-offs, and application-specific implications, this review provides a structured foundation for the design and evaluation of resilient, energy-proportional WSNs operating under availability-oriented adversarial interference. Full article

Maritime transportation accounts for approximately 80 percent of global trade volume, with modern vessels increasingly reliant on Software-Defined Radio (SDR) technologies for communication and navigation. However, the very flexibility and reconfigurability that make SDRs advantageous also introduce complex radio frequency vulnerabilities exposing ships to threats that jeopardize vessel security, and this disrupts global supply chains. This survey paper systematically examines the security landscape of maritime SDR systems through a threat modeling lens. Following Preferred Reporting Items for Systematic Reviews and Meta-Analyses guidelines, we analyzed 84 peer-reviewed publications (from 2002 to 2025) and applied the STRIDE framework to identify and categorize maritime SDR threats. We identified 44 distinct threat types, with tampering attacks being most prevalent (36 instances), followed by Denial of Service (33 instances), Repudiation (30 instances), Spoofing (23 instances), Information Disclosure (24 instances), and Elevation of Privilege (28 instances). These threats exploit vulnerabilities across device, software, network, message, and user layers, targeting critical systems including Global Navigation Satellite Systems, Automatic Identification Systems, Very High Frequency or Digital Selective Calling systems, Electronic Chart Display and Information Systems, and National Marine Electronics Association 2000 networks. Our analysis reveals that maritime SDR threats are multidimensional and interdependent, with compromises at any layer potentially cascading through entire maritime operations. Significant gaps remain in authentication mechanisms for core protocols, supply chain assurance, regulatory frameworks, multi-layer security implementations, awareness training, and standardized forensic procedures. Further analysis highlights that securing maritime SDRs requires a proactive security engineering that integrates secured hardware architectural designs, cryptographic authentications, adaptive spectrum management, strengthened international regulations, awareness education, and standardized forensic procedures to ensure resilience and trustworthiness. Full article

The Internet of Things (IoT) has transformed global connectivity by linking people, smart devices, and data. However, as the number of connected devices continues to grow, ensuring secure data transmission and communication has become increasingly challenging. IoT security threats arise at the device level due to limited computing resources, mobility, and the large diversity of devices, as well as at the network level, where the use of varied protocols by different vendors introduces further vulnerabilities. Physical Unclonable Functions (PUFs) provide a lightweight, hardware-based security primitive that exploits inherent device-specific variations to ensure uniqueness, unpredictability, and enhanced protection of data and user privacy. Additionally, modeling attacks against PUF architectures is challenging due to the random and unpredictable physical variations inherent in their design, making it nearly impossible for attackers to accurately replicate their unique responses. This study collected approximately 80,000 Challenge Response Pairs (CRPs) from a Ring Oscillator (RO) PUF design to evaluate its resilience against modeling attacks. The predictive performance of five machine learning algorithms, i.e., Support Vector Machines, Logistic Regression, Artificial Neural Networks with a Multilayer Perceptron, K-Nearest Neighbors, and Gradient Boosting, was analyzed, and the results showed an average accuracy of approximately 60%, demonstrating the strong resistance of the RO PUF to these attacks. The NIST statistical test suite was applied to the CRP data of the RO PUF to evaluate its randomness quality. The p-values from the 15 statistical tests confirm that the CRP data exhibit true randomness, with most values exceeding the 0.01 threshold and supporting the null hypothesis of randomness. Full article

The topic of Unmanned Aerial Vehicle (UAV) cybersecurity has received significant recent interest from the research community, with many methods proposed in the literature to improve detect and mitigate various types of attacks. This paper provides a comprehensive review of UAV cybersecurity, addressing all aspects of the UAV ecosystem and presenting a thorough review of the various types of UAV attacks, including a survey of recent real-world UAV cybersecurity incidents. UAV cybersecurity threat analysis and risk assessment methodologies are reviewed, discussing how potential attacks translate to UAV system risk. The various threat detection and countermeasure (mitigation) techniques are analyzed. Finally, this paper’s unique contribution is that it provides a survey of existing tools and datasets that are available to UAV cybersecurity researchers. A key identified research gap is the need to conduct real-world experimentation to validate proposed cybersecurity techniques. Many proposed approaches are computationally expensive or require additional redundant hardware onboard the UAV. Future research should focus on the development of lightweight methods that are practical for UAV adoption. Another key research gap is the relative lack of RemoteID cybersecurity research, despite its mandated adoption by UAVs. Lastly, this paper concludes that Global Positioning System (GPS)-related threats pose the greatest continued risk to UAVs. Full article

An intrusion into the operational network (OT) of a production site can cause serious damage by affecting productivity, reliability, and quality. The presence of embedded neural networks (NNs), such as classifiers, in physical devices opens the door to new attack vectors. Due to the stochastic behavior of the classifier and the difficulty of reproducing results, the Artificial Intelligence (AI) Act requires the NN’s behavior to be explainable. For this purpose, the platform HistoTrust enables tracing NN behavior, thanks to secure hardware components issuing attestations registered in a blockchain ledger. This solution helps to build trust between independent actors whose devices perform tasks in cooperation. This paper proposes going further by integrating a mechanism for detecting tampering of embedded NN, and using smart contracts executed on the blockchain to propagate the alert to the peer devices in a distributed manner. The use case of a bit-flip attack, targeting the weights of the NN model, is considered. This attack can be carried out by repeatedly injecting very small messages that can be missed by the Intrusion Detection System (IDS). Experiments are being conducted on the HistoTrust platform to demonstrate the feasibility of our distributed approach and to qualify the time required to detect intrusion and propagate the alert, in relation to the time it takes for the attack to impact decisions made by the AI. As a result, the blockchain may be a relevant technology to complement traditional IDS in order to face distributed attacks. Full article

Global Navigation Satellite System (GNSS) signals are highly vulnerable to spoofing attacks, which can cause positioning errors and pose serious threats to user receivers. Therefore, the development of efficient and reliable spoofing detection techniques has become an urgent requirement for ensuring GNSS security. In spoofing attacks, attackers introduce additional bias in the Doppler shift. However, detection methods that rely on extracting this deviation from raw measurements suffer from limited practicality, and existing alternative detection schemes based on position, velocity, and time (PVT) information exhibit poor adaptability to diverse scenarios. To address these limitations, this paper proposes a spoofing detection method based on the self-consistency verification of the receiver’s clock state (SCV-RCS). Its core statistic is the cumulative difference between the estimated clock bias and the bias obtained by integrating clock drift. By monitoring this consistency, SCV-RCS identifies anomalies in pseudorange and Doppler observations without complex bias extraction or auxiliary hardware, ensuring easy deployment. Simulation and experimental results demonstrate the method’s effectiveness across diverse spoofing scenarios. It achieves the fastest alarm delay of ≤2 s while providing continuous alerting capability in full-channel and partial-channel spoofing. This study provides a robust and reliable solution for GNSS receivers operating in complex spoofing environments. Full article

The advancement of Automotive Industry 4.0 has promoted the development of Vehicle to Vehicle (V2V) and Internet of Vehicles (IoV) communication, which marks the new era for intelligent, connected and automated transportation. Despite the benefits of this metamorphosis in terms of effectiveness and convenience, new obstacles to safety, inter-connectivity, and cybersecurity emerge. The tire pressure monitoring system (TPMS) is one prominent feature that senses tire pressure, which is closely related to vehicle stability, braking performance and fuel efficiency. However, the majority of TPMSs currently in use are based on the use of insecure and proprietary wireless communication links that can be breached by attackers so as to interfere with not only tire pressure readings but also sensor data manipulation. For this purpose, we design a secure TPMS architecture suitable for real-time IoV sensing. The framework is experimentally implemented using a Raspberry Pi 3B+ (Raspberry Pi Ltd., Cambridge, UK) as an independent autonomous control unit (ACU), interfaced with vehicular pressure sensors and a LoRa SX1278 (Semtech Corporation, Camarillo, CA, USA) module to support low-power, long-range communication. The gathered sensor data are encrypted, their integrity checked, source authenticated by lightweight cryptographic algorithms and sent to a secure server locally. To validate this approach, we show a three-node exhibition where Node A (raw data and tampered copy), B (unprotected copy) and C (secure auditor equipped with alerting of tampering and weekly rotation of the ID) realize detection of physical level threats at top speeds. The validated datasets are further enriched in a MATLAB R2024a simulator by replicating the data of one vehicle by 100 virtual vehicles communicating using over 5G, LoRaWAN and LoRa P2P as communication protocols under urban, rural and hill-station scenarios. The presented statistics show that, despite 5G ultra-low latency, LoRa P2P consistently provides better reliability and energy efficiency and is more resistant to attacks in the presence of various terrains. Considering the lack of private vehicular 5G infrastructure and the regulatory restrictions, this work simulated and evaluated the performance of 5G communication, while LoRa-based communication was experimentally validated with a hardware prototype. The results underline the trade-offs among LoRa P2P and an infrastructure-based uplink 5G mode, when under some specific simulation conditions, as opposed to claiming superiority over all 5G modes. In conclusion, the presented Raspberry Pi–MATLAB hybrid solution proves to be an effective and scalable approach to secure TPMS in IoV settings, intersecting real-world sensing with large-scale network simulation, thus enabling safer and smarter next-generation vehicular systems. Full article