RISC-V is an Instruction Set Architecture (ISA) design. An ISA is essentially a specification for the instructions any compatible processor implementation should be able to execute, and the resources those instructions can access; it acts as the interface between the processor implementation (hardware) and programs that execute on it (software). In sharp contrast with proprietary analogues such as the x86 ISA from Intel, RISC-V is an open source design. This means it can be used freely by anyone for any purpose, which, in part, has meant rapid development of a rich support infrastructure around the project: this includes a) vibrant developer and user communities, built around an associated non-profit foundation, b) numerous implementations of the ISA, both in HDL (i.e., a soft core for use on an FPGA platform) and silicon (i.e., physical ICs), and c) ports of programming tool-chains (e.g., GCC and LLVM) and operating systems (e.g., Linux). Similar openness is a core principle in security-critical contexts, contrasting with the alternative often colloquially termed "security by obscurity". This is particularly true in the field of cryptography, a technology routinely tasked with ensuring secrecy, robustness and provenience of our data (communicated or stored), and the authenticity of parties we interact with: open development of cryptographic standards, designs, and implementations is the modern norm. As a result, RISC-V presents various opportunities when used to execute cryptographic software. The proposed research goals capitalise on these opportunities, in a way designed to address advanced, persistent threats to our digital security, and, by extension, society. Specifically: 1) Since RISC-V can be implemented by anyone, it is possible to develop a core hardened against specific types of attack; the focus will be on the threat of side-channel attacks (which is particularly relevant to embedded use-cases, e.g., IoT). As well as doing so, the proposed research will investigation how detailed information about the implementation can be harnessed to produce more effective security evaluations. 2) Since RISC-V can be adapted by anyone, it is possible to develop various cryptography-specific extensions or variants of the ISA that offer either, for example, higher efficiency. If cryptographic software is more efficient it can also be more secure, because, for example, larger keys or more robust attack countermeasures can be deployed without as significant an impact on latency. 3) Evaluation of side-channel security can be prohibitive in the sense it needs various specific items of equipment. Harnessing a platform based on RISC-V, the proposed research with address this problem by offering a "lab. free" (i.e., cloud-based) acquisition and analysis workflow available to anyone.

Within the next few years the number of devices connected to each other and the Internet will outnumber humans by almost 5:1. These connected devices will underpin everything from healthcare to transport to energy and manufacturing. At the same time, this growth is not just in the number or variety of devices, but also in the ways they communicate and share information with each other, building hyper-connected cyber-physical infrastructures that span most aspects of people's lives. For the UK to maximise the socio-economic benefits from this revolutionary change we need to address the myriad trust, identity, privacy and security issues raised by such large, interconnected infrastructures. Solutions to many of these issues have previously only been developed and tested on systems orders of magnitude less complex in the hope they would 'scale up'. However, the rapid development and implementation of hyper-connected infrastructures means that we need to address these challenges at scale since the issues and the complexity only become apparent when all the different elements are in place. There is already a shortage of highly skilled people to tackle these challenges in today's systems with latest estimates noting a shortfall of 1.8M by 2022. With an estimated 80Bn malicious scans and 780K records lost daily due to security and privacy breaches, there is an urgent need for future leaders capable of developing innovative solutions that will keep society one step ahead of malicious actors intent on compromising security, privacy and identity and hence eroding trust in infrastructures. The Centre for Doctoral Training (CDT) 'Trust, Identity, Privacy and Security - at scale' (TIPS-at-Scale) will tackle this by training a new generation of interdisciplinary research leaders. We will do this by educating PhD students in both the technical skills needed to study and analyse TIPS-at-scale, while simultaneously studying how to understand the challenges as fundamentally human too. The training involves close involvement with industry and practitioners who have played a key role in co-creating the programme and, uniquely, responsible innovation. The implementation of the training is novel due to its 'at scale' focus on TIPS that contextualises students' learning using relevant real-world, global problems revealed through project work, external speakers, industry/international internships/placements and masterclasses. The CDT will enrol ten students per year for a 4-year programme. The first year will involve a series of taught modules on the technical and human aspects of TIPS-at-scale. There will also be an introductory Induction Residential Week, and regular masterclasses by leading academics and industry figures, including delivery at industrial facilities. The students will also undertake placements in industry and research groups to gain hands-on understanding of TIPS-at-scale research problems. They will then continue working with stakeholders in industry, academia and government to develop a research proposal for their final three years, as well as undertake internships each year in industry and international research centres. Their interdisciplinary knowledge will continue to expand through masterclasses and they will develop a deep appreciation of real-world TIPS-at-scale issues through experimentation on state-of-the-art testbed facilities and labs at the universities of Bristol and Bath, industry and a city-wide testbed: Bristol-is-Open. Students will also work with innovation centres in Bath and Bristol to develop novel, interdisciplinary solutions to challenging TIPS-at-scale problems as part of Responsible Innovation Challenges. These and other mechanisms will ensure that TIPS-at-Scale graduates will lead the way in tackling the trust, identity, privacy and security challenges in future large, massively connected infrastructures and will do so in a way that considers wider sosocial responsibility.