Ensuring Trust Of Third-Party Hardware Design With Constrained Sequential Equivalence Checking

Shrestha, Gyanendra

25 October 2012

Globalization of semiconductor design and manufacturing has led to a concern of trust in the final product. The components may now be designed and manufactured from anywhere in the world without the direct supervision of the buyer. As a result, the hardware designs and fabricated chips may be vulnerable to malicious alterations by an adversary at any stage of VLSI design flow, thus compromising the integrity of the component. The effect of any modifications made by the adversary can be catastrophic in the critical applications. Because of the stealthy nature of such insertions, it is extremely difficult to detect them using traditional testing and verification methods. Therefore, the trust of the hardware systems require a new approach and have drawn much attention in the hardware security community. For many years, the researchers have developed sophisticated techniques to detect, isolate and prevent malicious attacks in cyber security community assuming that the underlying hardware platform is extremely secure and trustworthy. But the hardware may contain one or more backdoors that can be exploited by software at the time of operation. Therefore, the trust of the computing system cannot be guaranteed unless we can guarantee the trust of the hardware platform. A malicious insertion can be very stealthy and may only involve minor modification in the hardware design or the fabricated chip. The insertion may require rare or specific conditions in order to be activated. The effect may be denial of service, change of function, destruction of chip, leakage of secret information from cryptographic hardware etc. In this thesis, we propose a novel technique for the detection of malicious alteration(s) in a third party soft intellectual property (IP) using a clever combination of sequential equivalence checking (SEC) and automatic test generation. The use of powerful inductive invariants can prune a large illegal state space, and test generation helps to provide a sensitization path for nodes of interest. Results for a set of hard-to-verify designs show that our method can either ensure that the suspect design is free from the functional effect of any malicious change(s) or return a small group of most likely malicious signals. / Master of Science

BMC

Miter

RTL

Hardware Trojan

Estudo sobre hardware trojans e suas ameaças à Administração Pública Federal

Bruzzeguez, Gustavo Andrade

16 December 2017

Dissertação (mestrado)—Universidade de Brasília, Instituto de Ciências Exatas, Departamento de Ciência da Computação, 2017. / Submitted by Raquel Viana (raquelviana@bce.unb.br) on 2018-07-23T16:36:11Z No. of bitstreams: 1 2017_GustavoAndradeBruzzeguez.pdf: 2394160 bytes, checksum: c28f3f1d732b548a557f1a9cc46f87d8 (MD5) / Approved for entry into archive by Raquel Viana (raquelviana@bce.unb.br) on 2018-07-24T19:35:27Z (GMT) No. of bitstreams: 1 2017_GustavoAndradeBruzzeguez.pdf: 2394160 bytes, checksum: c28f3f1d732b548a557f1a9cc46f87d8 (MD5) / Made available in DSpace on 2018-07-24T19:35:27Z (GMT). No. of bitstreams: 1 2017_GustavoAndradeBruzzeguez.pdf: 2394160 bytes, checksum: c28f3f1d732b548a557f1a9cc46f87d8 (MD5) Previous issue date: 2018-07-23 / Nos últimos anos, pesquisadores vêm demonstrando a possibilidade de implementação de códigos maliciosos em circuitos integrados durante a fabricação destes dispositivos. A ameaça, que ficou conhecida como hardware trojan, vem atraindo a atenção dos governos e da indústria, dado que potencialmente envolve questões de espionagem e guerra cibernética. Diversos estudos vem sendo desenvolvidos na comunidade acadêmica mundial, em particular nos últimos 5 anos, conforme se constatou no levantamento bibliográfico com uso do enfoque meta-analítico. Não obstante, no Brasil, pouco se tem falado sobre o tema. Recentemente, o Gabinete de Segurança Institucional da Presidência da República publicou a Estratégia de Segurança da Informação e Comunicações e de Segurança Cibernética da Administração Pública Federal 2015-2018, o que demonstra a vontade do Estado brasileiro em equacionar os problemas afetos à área cibernética, por meio do planejamento e da coordenação de esforços dos órgãos públicos, em parceria com a sociedade. Trabalhando a partir dos Objetivos Estratégicos declarados nessa Estratégia, e utilizando-se de conceitos do Balanced Scorecard e da metodologia 5W2H, o trabalho propôs desdobramentos, no nível tático, de tais Objetivos, de forma que a Estratégia possa também abordar as questões associadas à ameaça do hardware Trojan. Não obstante os avanços notados na área cibernética, observa-se que o país encontra-se vulnerável à ameaça do hardware Trojan, seja pela incapacidade de detecção da ameaça, seja pela ausência de ações governamentais focando especificamente o problema. / In recent years, researchers have been demonstrating the possibility of malicious code being introduced into integrated circuits during the fabrication of these devices. The threat, which has become known as hardware Trojan, has attracted the attention of governments and industry as it potentially involves espionage and cyber warfare issues. Several studies have been developed in the world academic community, in particular in the last 5 years, as was verified in the bibliographical survey using the meta-analytic approach. Nevertheless, in Brazil, little has been said about the subject. Recently, the Office of Institutional Security of the brazilian Presidency of the Republic has published the Strategy for Information Security and Cybersecurity of the Federal Public Administration 2015-2018, which demonstrates the Brazilian State’s willingness to address the problems to the cybernetic area, through the planning and coordination of efforts of public agencies, in partnership with society. Working from the Strategic Objectives stated in this Strategy, and using concepts from the Balanced Scorecard and the 5W2H methodology, the work proposed a tactical level development of these Objectives, so that the Strategy could also address issues associated with the hardware Trojan threat. Despite the notable advances in the area of cybernetics, it’s noted that the country is vulnerable to the threat of hardware Trojan, either by the inability to detect the threat or by the absence of government actions specifically focusing on the problem.

Segurança da informação

Segurança cibernética

Hardware trojan

A multi-layer approach to designing secure systems: from circuit to software

Zhou, Boyou

04 June 2019

In the last few years, security has become one of the key challenges in computing systems. Failures in the secure operations of these systems have led to massive information leaks and cyber-attacks. Case in point, the identity leaks from Equifax in 2016, Spectre and Meltdown attacks to Intel and AMD processors in 2017, Cyber-attacks on Facebook in 2018. These recent attacks have shown that the intruders attack different layers of the systems, from low-level hardware to software as a service(SaaS). To protect the systems, the defense mechanisms should confront the attacks in the different layers of the systems. In this work, we propose four security mechanisms for computing systems: (i ) using backside imaging to detect Hardware Trojans (HTs) in Application Specific Integrated Circuits (ASICs) chips, (ii ) developing energy-efficient reconfigurable cryptographic engines, (iii) examining the feasibility of malware detection using Hardware Performance Counters (HPC). Most of the threat models assume that the root of trust is the hardware running beneath the software stack. However, attackers can insert malicious hardware blocks, i.e. HTs, into the Integrated Circuits (ICs) that provide back-doors to the attackers or leak confidential information. HTs inserted during fabrication are extremely hard to detect since their overheads in performance and power are below the variations in the performance and power caused by manufacturing. In our work, we have developed an optical method that identifies modified or replaced gates in the ICs. We use the near-infrared light to image the ICs because silicon is transparent to near-infrared light and metal reflects infrared light. We leverage the near-infrared imaging to identify the locations of each gate, based on the signatures of metal structures reflected by the lowest metal layer. By comparing the imaged results to the pre-fabrication design, we can identify any modifications, shifts or replacements in the circuits to detect HTs. With the trust of the silicon, the computing system must use secure communication channels for its applications. The low-energy cost devices, such as the Internet of Things (IoT), leverage strong cryptographic algorithms (e.g. AES, RSA, and SHA) during communications. The cryptographic operations cause the IoT devices a significant amount of power. As a result, the power budget limits their applications. To mitigate the high power consumption, modern processors embed these cryptographic operations into hardware primitives. This also improves system performance. The hardware unit embedded into the processor provides high energy-efficiency, low energy cost. However, hardware implementations limit flexibility. The longevity of theIoTs can exceed the lifetime of the cryptographic algorithms. The replacement of the IoT devices is costly and sometimes prohibitive, e.g., monitors in nuclear reactors.In order to reconfigure cryptographic algorithms into hardware, we have developed a system with a reconfigurable encryption engine on the Zedboard platform. The hardware implementation of the engine ensures fast, energy-efficient cryptographic operations. With reliable hardware and secure communication channels in place, the computing systems should detect any malicious behaviors in the processes. We have explored the use of the Hardware Performance Counters (HPCs) in malware detection. HPCs are hardware units that count micro-architectural events, such as cache hits/misses and floating point operations. Anti-virus software is commonly used to detect malware but it also introduces performance overhead. To reduce anti-virus performance overhead, many researchers propose to use HPCs with machine learning models in malware detection. However, it is counter-intuitive that the high-level program behaviors can manifest themselves in low-level statics. We perform experiments using 2 ∼ 3 × larger program counts than the previous works and perform a rigorous analysis to determine whether HPCs can be used to detect malware. Our results show that the False Discovery Rate of malware detection can reach 20%. If we deploy this detection system on a fresh installed Windows 7 systems, among 1,323 binaries, 198 binaries would be flagged as malware.

Computer engineering

Cryptographic acceleration

Hardware Trojan detection

Malware detection

Security

Hardware Trojan Detection Using Multiple-Parameter Side-Channel Analysis

Du, Dongdong

23 July 2010

No description available.

Electrical Engineering

Engineering

Hardware Trojan

Side-Channel Analysis

Multiple-Parameter.

Hardware Trojan Detection in Cryptography IP Cores by Library Encoding Method

Penumetcha, Dinesh Varma

18 August 2015

No description available.

Electrical Engineering

Systematic Analysis and Methodologies for Hardware Security

Moein, Samer

18 December 2015

With the increase in globalization of Integrated Circuit (IC) design and production, hardware trojans have become a serious threat to manufacturers as well as consumers. These trojans could be intensionally or accidentally embedded in ICs to make a system vulnerable to hardware attacks. The implementation of critical applications using ICs makes the effect of trojans an even more serious problem. Moreover, the presence of untrusted foundries and designs cannot be eliminated since the need for ICs is growing exponentially and the use of third party software tools to design the circuits is now common. In addition if a trusted foundry for fabrication has to be developed, it involves a huge investment. Therefore, hardware trojan detection techniques are essential. Very Large Scale Integration (VLSI) system designers must now consider the security of a system against internal and external hardware attacks. Many hardware attacks rely on system vulnerabilities. Moreover, an attacker may rely on deprocessing and reverse engineering to study the internal structure of a system to reveal the system functionality in order to steal secret keys or copy the system. Thus hardware security is a major challenge for the hardware industry. Many hardware attack mitigation techniques have been proposed to help system designers build secure systems that can resist hardware attacks during the design stage, while others protect the system against attacks during operation. In this dissertation, the idea of quantifying hardware attacks, hardware trojans, and hardware trojan detection techniques is introduced. We analyze and classify hardware attacks into risk levels based on three dimensions Accessibility/Resources/Time (ART). We propose a methodology and algorithms to aid the attacker/defender to select/predict the hardware attacks that could use/threaten the system based on the attacker/defender capabilities. Because many of these attacks depends on hardware trojans embedded in the system, we propose a comprehensive hardware trojan classification based on hardware trojan attributes divided into eight categories. An adjacency matrix is generated based on the internal relationship between the attributes within a category and external relationship between attributes in different categories. We propose a methodology to generate a trojan life-cycle based on attributes determined by an attacker/defender to build/investigate a trojan. Trojan identification and severity are studied to provide a systematic way to compare trojans. Trojan detection identification and coverage is also studied to provide a systematic way to compare detection techniques and measure their e effectiveness related to trojan severity. We classify hardware attack mitigation techniques based on the hardware attack risk levels. Finally, we match these techniques to the attacks the could countermeasure to help defenders select appropriate techniques to protect their systems against potential hardware attacks. / Graduate / 0544 / 0984 / samerm@uvic.ca

Hardware Attack Mitigation

Hardware Attacks

Hardware Security

Hardware Trojan Detection

Hardware Trojans

3D-ART Schema

Emerging Security Threats in Modern Digital Computing Systems: A Power Management Perspective

Shridevi, Rajesh Jayashankara

01 May 2019

Design of computing systems — from pocket-sized smart phones to massive cloud based data-centers — have one common daunting challenge : minimizing the power consumption. In this effort, power management sector is undergoing a rapid and profound transformation to promote clean and energy proportional computing. At the hardware end of system design, there is proliferation of specialized, feature rich and complex power management hardware components. Similarly, in the software design layer complex power management suites are growing rapidly. Concurrent to this development, there has been an upsurge in the integration of third-party components to counter the pressures of shorter time-to-market. These trends collectively raise serious concerns about trust and security of power management solutions. In recent times, problems such as overheating, performance degradation and poor battery life, have dogged the mobile devices market, including the infamous recall of Samsung Note 7. Power outage in the data-center of a major airline left innumerable passengers stranded, with thousands of canceled flights costing over 100 million dollars. This research examines whether such events of unintentional reliability failure, can be replicated using targeted attacks by exploiting the security loopholes in the complex power management infrastructure of a computing system. At its core, this research answers an imminent research question: How can system designers ensure secure and reliable operation of third-party power management units? Specifically, this work investigates possible attack vectors, and novel non-invasive detection and defense mechanisms to safeguard system against malicious power attacks. By a joint exploration of the threat model and techniques to seamlessly detect and protect against power attacks, this project can have a lasting impact, by enabling the design of secure and cost-effective next generation hardware platforms.

power management

security assurance

third party components

hardware trojan

Electrical and Computer Engineering

Protocols and algorithms for secure Software Defined Network on Chip (SDNoC)

Ellinidou, Soultana

16 February 2021

Under the umbrella of Internet of Things (IoT) and Internet of Everything (IoE), new applications with diverse requirements have emerged and the traditional System-on-Chips (SoCs) were unable to support them. Hence, new versatile SoC architectures were designed, like chiplets and Cloud-of-Chips (CoC). A key component of every SoC, is the on-chip interconnect technology, which is responsible for the communication between Processing Elements (PEs) of a system. Network-on-Chip (NoC) is the current widely used interconnect technology, which is a layered, scalable approach. However, the last years the high structural complexity together with the functional diversity and the challenges (QoS, high latency, security) of NoC motivated the researchers to explore alternatives of it. One NoC alternative that recently gained attention is the Software Defined Network-on-Chip (SDNoC). SDNoC originated from Software Defined Network (SDN) technology, which supports the dynamic nature of future networks and applications, while lowering operating costs through simplified hardware and software. Nevertheless, SDN technology designed for large scale networks. Thus, in order to be ported to micro-scale networks proper alterations and new hardware architectures need to be considered.In this thesis, an exploration of how to embed the SDN technology within the micro scale networks in order to provide secure and manageable communication, improve the network performance and reduce the hardware complexity is presented. Precisely, the design and implementation of an SDNoC architecture is thoroughly described followed by the creation and evaluation of a novel SDNoC communication protocol, called MicroLET, in order to provide secure and efficient communication within system components. Furthermore, the security aspect of SDNoC constitutes a big gap in the literature. Hence, it has been addressed by proposing a secure SDNoC Group Key Agreement (GKA) communication protocol, called SSPSoC, followed by the exploration of Byzantine faults within SDNoC and the investigation of a novel Hardware Trojan (HT) attack together with a proposed detection and defend method. / Doctorat en Sciences de l'ingénieur et technologie / info:eu-repo/semantics/nonPublished

Sciences de l'ingénieur

Software Defined Network-on-Chip

routing algorithms

NoC

Hardware Trojan

Byzantine Faults

Group Key Agreement

Bio-Inspired Hardware Security Defenses: A CRISPR-Cas-Based Approach for Detecting Trojans in FPGA Systems

Staub, Dillon

24 October 2019

No description available.

Electrical Engineering

hardware Trojan

CRISPR-Cas

bio-inspired

hardware security

FPGA

Testing and Security Considerations in Presence of Process Variations

Shanyour, Basim

01 May 2020

Process variations is one of the most challenging phenomena in deep submicron. Delay fault testing becomes more complicated because gate delays are not fixed but instead, they are statistical quantities due to the variations in the transistor characteristics. On the other hand, testing for hardware Trojan is also challenging in the presence of process variations because it can easily mask the impact of the inserted Trojan. This work consists of two parts. In the first part, an approach to detect ultra-low-power no-payload Trojans by analyzing IDDT waveforms at each gate in the presence of process variations is presented. The approach uses a novel ATPG to insert a small number of current sensors to analyze the behavior of individual gates at the IDDT waveform. The second part focuses on identifying a test set that maximizes the defect coverage for path delay fault. The proposed approach utilizes Monte-Carlo simulation efficiently and uses a machine-learning algorithm to select a small test set with high detect coverage.

ATPG

Broadside ATPG

Hardware Trojan

Machine Learning

Path delay fault testing