Five Year Achievements Morgan State University Research Magazine final.proof_MSU.research | Page 26

A dog wanders away from home but luckily has a biochip transponder that transmits his location so he can be found . A car equipped with ONSTAR is involved in an accident , and help is on the way within minutes . A heart patient working in his garden is unworried about the exertion . He has been fitted with a wireless heart implant . In the evolving terminology of the Internet of Things ( IoT ), the dog , car , and patient are defined as physical objects or “ things ” within the IoT .

Center for Reverse Engineering and Assured

Microelectronics ( CREAM )

CREAM is turning Morgan State University students into skilled cybersecurity engineers who will help secure our nation ’ s critical infrastructure . Our research is driven by the premise that Internet of Things ( IoT ) devices pose grave threats to our nation ’ s cyber physical infrastructure . We aim to change that .
Leadership
Dr . Kevin Kornegay is on the front line of the battle to protect America ’ s security infrastructure . He knows how important it is to be a step ahead of those who work to compromise the integrity of the nation ’ s critical infrastructure . Dr . Kornegay is the director of CREAM and IoT Security Chaired professor in the Department of Electrical and Computer Engineering with degrees from UC Berkeley in electrical engineering and computer science . Dr . Kornegay ’ s research is cutting-edge and essential to CREAM and its mission to train Morgan State students to become the next generation of cybersecurity engineers ..
Research Programs
EMBEDDED SYSTEMS AND THE IOT The Internet of Things ( IoT ) is a scenario in which objects , animals or people are provided unique identifiers such as an Internet protocol ( IP ) address and the ability to transfer data over a network without requiring human-tohuman or human-to-computer interaction . Almost anything can fit into that category as long as there is an assigned IP address and the means to transfer data over a network . The IoT has rapidly evolved from the convergence of wireless technologies , sensors , and the internet .
Most IoT devices can be classified as embedded systems ( ES ). ES use a combination of computer hardware and software to perform dedicated functions within a larger mechanical or electrical system . Examples of embedded systems include cell phones , personal digital assistants , gaming consoles , and global positioning systems . As the IoT continues its evolution , the number of things and the upstream data associated with them present security concerns .
Public trust in the nation ’ s ability to protect sensitive information has wavered as cybersecurity intrusions become more frequent . Currently , most available security products deal only with protecting software . But sophisticated hackers are now able to attack hardware devices . CREAM researchers are working to develop solutions that will help protect our nation ’ s infrastructure by preventing the compromise of hardware .
MULTI-LAYER SECURITY Most current solutions address IoT security at higher layers of the open systems interconnection model such as the application , transport , network , or data link layers . But Dr . Kevin Kornegay believes there is a unique opportunity to address security issues much earlier at the lower or physical layer of the open systems interconnection . This would allow for a security perimeter to be formed at the outermost edge of the IoT ecosystem all the way up to the cloud level . Hence , CREAM ’ s research has focused on vulnerability assessment , countermeasures , authentication , and intrusion detection of IoT devices .
CREAM researchers intend to investigate cross layer approaches that tie upper level security techniques to the physical layer to provide multi-layer security . At the heart of embedded systems are computers that leak information through side-channels , hidden back doors that are exploited during a cyber-attack . Sidechannel analysis ( SCA ) is a reverse engineering technique used to reveal the encryption key via noninvasive side-channel monitoring . SCA attacks have uncovered the encryption key of many commercial computer systems . Vigorous
12 MORGAN STATE UNIVERSITY