DevToSCA: A Developer-Centric Solution for Side-Channel Attacks Prevention

The rising reliance on technology has resulted in a growing concern for enterprises all over the world: the potential of cyber attacks. Everyone, from little enterprises to giant corporations, is vulnerable to these attacks, which can have existential implications. Side-channel attacks have arisen as a particularly sophisticated type of cyber attack because of its passive nature and its ability of going unreported for extended periods of time.

The project „Developer-centric Tools for Side-Channel Analysis (DevToSCA)“ is a collaborative research project that is funded by the German Federal Ministry of Education and Research (BMBF), aimed at preventing side-channel attacks. This initiative brings together a team of experts from diverse backgrounds who are working on developing an innovative solution. The project’s goal is to create open-source, developer-centric tools that enable software developers to protect their applications against side-channel attacks.

The project works on building open-source symbolic and statistical verification tools for side-channel investigation. Software developers will be able to evaluate their own software products for side-channel vulnerabilities using these tools, regardless of their level of experience. This method simplifies software verification, making it more accessible to software developers of varying levels of expertise and democratizing the process of protecting applications against side-channel attacks.

DevToSCA is a joint research project of Bonn-Rhein-Sieg University of Applied Science, Ruhr University Bochum, Kasper & Oswald GmbH, and Rohde & Schwarz Cybersecurity GmbH.