The SecureCore project will investigate and design a secure integrated core architecture for trustworthy operation of mobile computing devices consisting of: a security-aware general-purpose processor, a small security kernel and a small set of essential secure communications protocols. The research will use a "clean slate" approach to define a minimal set of fundamental architectural features required for such a secure core, for use in resource-constrained, ubiquitous computing platforms exemplified by secure embedded systems (e.g., computer in a heart monitor), pocket devices (e.g., contact-less smart card), and mobile computing devices (e.g., handheld web-enabled computer). This approach shows what is possible when security is designed in at the beginning rather than added as an after-thought. It also changes the design paradigm from an emphasis on performance to one on trustworthy, dependable operation. The goal is to achieve the desired security levels without compromising performance, size, cost, energy consumption, or usability. Threat models will be re-examined in the new context of continuously networked commodity devices and Internet-scale epidemics such as DDoS, worms and viruses. The broader impact is to provide the scientific basis for trustworthy computing, communications and storage in pervasive computing environments. SecureCore impact will be immense if its architecture influences the design of future trustworthy commodity products, as well as the curriculum for computer hardware and software engineering education.
