Secure IoT Platform with Advanced Key Generation and Robust Cybersecurity

L.-Y. Chiou (Academy of Innovative Semiconductor and Sustainable Manufacturing, Taiwan), R. Holý (Czech Technical Univ., Czech Republic), Z.-F. Chen (National Cheng Kung Univ., Taiwan), J.Q. Choy (National Cheng Kung Univ., Malaysia), H.-Y. Chen, C.-Y. Chang, Y.-Y. Shen (National Cheng Kung Univ., Taiwan), M. Vaniš, M. Šrotýř (Czech Technical Univ., Czech Republic)

With the rapid proliferation of Internet of Things (IoT) devices in industrial environments, securing connected hardware has become a critical challenge. This paper presents a hardware-secure System-on-Chip (SoC) platform co-developed by National Cheng Kung University (NCKU) and Czech Technical University (CTU), integrating a PUF-based key generation mechanism, AES-GCM authenticated encryption, and a dual-core RISC-V architecture. The platform incorporates a two-stage secure boot mechanism, a mutual authentication protocol, and hardware-enforced memory isolation via Physical Memory Protection (PMP). The platform is evaluated for security compliance against IEC 62443 and ISO/IEC 15408 (Common Criteria) international standards. Experimental results demonstrate a 71.7% improvement in AES-GCM encryption performance and a 94.9% improvement in SHA-256 hashing over software-only implementations. The proposed architecture provides a comprehensive, standards-compliant foundation for industrial IoT security.