Abstract: Disclosed are systems and methods for a computerized framework that provides an improved, secure computational environment between trusted and untrusted devices (e.g., a Trusted Execution Environment (TEE) and graphics processing unit (GPU), respectively) for executing and offloading Convolutional Neural Network (CNN) computations and operations. The disclosed framework can operate to perform such secure offloading and processing not only during inference computations of the CNN, but also during training of the CNN. The disclosed framework operates to enable training and execution of CNN models, whereby the data used for such operations are held securely while they are in use, in transit (e.g., between the TEE and GPU) and while in storage.

Abstract: A computer-implemented method includes generating shared random bits at the two or more nodes in a multi-party computation system, obtaining one or more Gaussian samples at the two or more modes utilizing the shared random bits, at each of the two or more nodes, generate and output one or more Laplacian samples using the one or more Gaussian samples.

Abstract: A distributed computer network utilizing cryptography that includes one or more processors, wherein the one or more processors are programmed to receive a secret input state and one or more tuples, mask the secret input state with the one or more tuple and utilize a reveal to compute a masked input, compute six multiplications on the masked input, compute multiplication of two secret values to output an intermediate output, mask a third secret value from the intermediate output and reveal the third secret value to compute an interaction, compute a multiparty-computation multiplication with the interaction, and output a final secret value in response to computing the multiparty-computation multiplication.

Abstract: An electronic control unit (ECU) includes a processor, a Controller Area Network (CAN) controller, clock gating logic, and security gating logic. The CAN controller having a status and configured to receive data and control signals from the processor, and a clock signal, package the data to create a CAN protocol frame held in at least one transmit buffer, and shift the CAN protocol frame to a CAN transceiver that is configured to transmit the CAN protocol frame to a CAN bus. The security gating logic configured to, in response to the status of the CAN controller being active, inhibit disabling the clock signal.

Abstract: A system and method for generating a digital identity of a vehicle. A first plurality of measurements may be generated from a plurality of electronic control units located within the vehicle. The measurements may be received by a backend service or a secured controller residing within the vehicle. The measurements may be generated using physics-based metrics unique to each of the plurality of electronic control units. A data pool may be created from the measurements. Also, a unique key operable to verify the digital identity of the vehicle may be generated by combining the data pool with error-correcting data.

Abstract: A system includes a memory and a processor in communication with the memory. The processor is programmed to receive a runtime measurement from a sensor regarding the physical attribute of at least the separate processor during runtime; compare the runtime measurement of the physical attribute to a fingerprint that includes a baseline measurement of a physical attribute of at least a separate processor during an evaluation period of the system, and in response to the measurement exceeding a threshold, executing a countermeasure operation against software ran by the separate processor.

Abstract: A method for implementing a secure multiparty inner product computation between two parties using an SPDZ protocol involves having a first party and a second party compute, for i=1, . . . , k, a vector (I)=(II) based on a vector (x={x1, . . . , xN}), and a vector (w={W1, WN}), respectively, where (I)=(X2i-1X2i) (III)=W2i-1W2i, N is the total number of elements in the vectors k=N/2. The vectors (I), and (III) are securely shared between the parties. The parties then jointly compute SPDZ protocol Add([w2i], [x2i-1]) and Add([w2i], [x2i-1]) to determine shares [w2i-1+x2i] and [w2i+x2i-1] respectively, and then compute, for i=1, . . . , k, inner product shares [di] by performing SPDZ protocol Mult([w2i-1+x2i], [w2i+x2i-1]). SPDZ protocol ([Add d1], . . . , [dk], -(IV), . . . , -(V), -(VI), -, (VII)) is then performed to determine the inner product.

Abstract: A system and method is disclosed for generating a pseudo-random number to prevent unauthorized access to an application-layer communication protocol (e.g., Unified Diagnostic Service protocol) within a vehicle. A first controller within the vehicle may be selected as a security server (e.g., SecurityAccess server). A second controller may be selected that may be in operable communication with the first controller over a shared bus network (e.g., Communication Area Network). A response time-based, voltage-based, or random walk-based algorithm may be employed to generate a pseudo-random number. It is contemplated the pseudo-random number may be generated as a challenge when access is being requested through the application-layer communication protocol.

Abstract: Training of a model is performed to minimize expected loss under noise (ELUN) while maintaining differential privacy. Noise is added to weights of a machine learning model as random samples drawn from a noise distribution, the noise being added in accordance with a privacy budget. The ELUN is minimized by using a loss function that anticipates noise added to the weights of the machine learning model, to find a point in the parameter space for which loss is robust to the noise in the weights. The addition of noise and the minimization of the ELUN are iterated until the weights converge and optimization constraints are satisfied. The model is utilized on arbitrary inputs while protecting the privacy of training data used to train the model.

Abstract: A Software in the Loop (SiL) system and method is disclosed which may include a simulator operable to provide an environment to simulate dynamic systems, enable rapid development, validation of systems, and testing of complex systems. The system and method may include assembling one or more unsecured models operable to simulate the real-world system. The system and method may then encrypt and generate at least one secured model from the one or more unsecured models using a first cryptographic key. The at least one secured model may be decrypted using a sealed decryption key. The decrypted secured model may then be executed within the one or more TEEs. The at least one secured model may be operable to process incoming data and outgoing data.

Abstract: A system includes memory, a processor in communication with the memory. The processor is programmed to define a fingerprint that includes a baseline measurement of a physical attribute of at least a separate processor during an enrollment period of the system, wherein the enrollment period includes measuring the physical attribute of the processor prior to runtime operation, receiving a runtime measurement from a sensor regarding the physical attribute of at least the separate processor during runtime, comparing the runtime measurement of the physical attribute to the fingerprint, and outputting a multi-dimensional domain image in response to the runtime measurement.

Abstract: A multi-party network utilizing cryptography that includes one or more processors, wherein the one or more processors are programmed to utilize bit decomposition on an embedded input state associated with an input, apply a backward substitution box affine transformation to output bits, determine seven powers from the output bits utilizing seven of linear transformations, determine an inverse of the secret state utilizing six secret-by-secret multiplications with the seven powers from the output bits, and output an inverse of a secret input state of a Galois field in response to composing the inverse of the secret state.

Abstract: A distributed computer network utilizing cryptography that includes one or more processors, wherein the one or more processors are programmed to receive a secret input state and one or more tuples, mask the secret input state with the one or more tuple and utilize a reveal to compute a masked input, compute six multiplications on the masked input, compute multiplication of two secret values to output an intermediate output, mask a third secret value from the intermediate output and reveal the third secret value to compute an interaction, compute a multiparty-computation multiplication with the interaction, and output a final secret value in response to computing the multiparty-computation multiplication.

Abstract: A searchable symmetric encryption (SSE) system and method of processing inverted index is provided. The SSE system includes genKey, buildSecureIndex, genToken, and search operations. A compress X is integrated into at least one of the buildSecureIndex and search operations. The compress then X takes each entry of an encrypted index, compresses entry of the encrypted index into a compressed entry, and then processes the compressed entry with a function. The function comprises a linked list function and on array function. The search operation decompresses the processed entry and output the decompressed entry. The SSE comprises a client device and a server. The genKey, buildSecureIndex, and genToken operations are integrated into the client device and the search operation is integrated into the server.

Abstract: A system comprising a microcontroller located on a communication bus, a power consumption circuit configured to determine power consumption of the microcontroller, wherein a processor is programmed to determine if a clock associated with the microcontroller is paused and whether an average operational power has exceeded a power threshold, and in response to the average operational power exceeding the power threshold and in response to identifying an attacked message or attacked electronics control unit, in response to determining the microcontroller is under the suspected attack, output an alert associated with an event causing change in the bit patterns of messages on the communication bus.

Abstract: A Software in the Loop (SiL) system and method is disclosed which may include a simulator operable to provide an environment to simulate dynamic systems, enable rapid development, validation of systems, and testing of complex systems. The system and method may include assembling one or more unsecured models operable to simulate the real-world system. The system and method may then encrypt and generate at least one secured model from the one or more unsecured models using a first cryptographic key. The at least one secured model may be decrypted using a sealed decryption key. The decrypted secured model may then be executed within the one or more TEEs. The at least one secured model may be operable to process incoming data and outgoing data.

Abstract: Instruction classification and software intrusion detection is performed. Program instruction execution of a processor of a microcontroller unit (MCU) is monitored via side-channel signal analysis, the monitoring including capturing a signal trace of a physical property of the MCU that leaks information correlated with the program instruction execution of the MCU, the signal trace indicating a value of the physical property over time. From the signal trace, time domain features, frequency domain features, and Mel Frequency Cepstral Coefficients (MFCC) features are extracted. A model is utilized for instruction detection to identify an execution signature based on the time domain features, frequency domain features, and MFCC features. The execution signature is compared to one or more reference instruction signatures. A remedial action is performed responsive to the execution signature failing to match to the one or more reference instruction signatures.

Abstract: A method for secure multiparty computation of an inner product includes performing multiparty additions to generate a first sum share and a second sum share between two shares of alternating elements from corresponding pairs of elements in a first vector and a second vector, performing multiparty multiplications with at least one other node to generate inner product pair shares corresponding to products of the first sum shares and the second sum shares corresponding to pairs of elements in the first and second vectors, and performing another multiparty addition of each inner product pair share with a first negated shares of pair products corresponding to pairs of elements in the first vector and a second negated shares of pair products corresponding to pairs of elements in the second vector to generate a share of an inner product of the first and second vectors.

Abstract: An electronic control unit (ECU) includes a processor, a Controller Area Network (CAN) controller, clock gating logic, and security gating logic. The CAN controller having a status and configured to receive data and control signals from the processor, and a clock signal, package the data to create a CAN protocol frame held in at least one transmit buffer, and shift the CAN protocol frame to a CAN transceiver that is configured to transmit the CAN protocol frame to a CAN bus. The security gating logic configured to, in response to the status of the CAN controller being active, inhibit disabling the clock signal.

Abstract: A system that includes memory and a microcontroller including an analog-to-digital converter (ADC) and in communication with the memory. The microcontroller is configured to define a fingerprint that includes a baseline measurement of side-channel traces of a side-channel retrieved from the ADC, during an enrollment period of the system, wherein the enrollment period includes measuring voltage prior to runtime operation, receive a runtime measurement from the ADC that includes voltage of at least the separate microcontroller during runtime, compare the runtime measurement to the fingerprint, and in response to the measurement exceeding a threshold, executing a countermeasure operation against software ran by the separate processor.