Preventing integrated circuit piracy using reconfigurable logic barriers

With each new feature size, integrated circuit (IC) manufacturing costs increase. Rising expenses cause the once vertical IC supply chain to flatten out. Companies are increasing their reliance on contractors, often foreign, to supplement their supply chain deficiencies as they no longer can provide all of the services themselves. This shift has brought with it several security concerns classified under three categories: (1) Metering - controlling the number of ICs created and for whom. (2) Theft - controlling the dissemination of intellectual property (IP). (3) Trust - controlling the confidence in the IC post-fabrication. Our research focuses on providing a solution to the metering problem by restricting an attacker\u27s access to the IC design. Our solution modifies the CAD tool flow in order to identify locations in the circuit which can be protected with reconfigurable logic barriers. These barriers require the correct key to be present for information to flow through. Incorrect key values render the IC useless as the flow of information is blocked. Our selection heuristics utilize observability and controllability don\u27t care sets along with a node\u27s location in the network to maximize an attacker\u27s burden while keeping in mind the associated overhead. We implement our approach in an open-source logic synthesis tool, compare it against previous solutions and evaluate its effectiveness against a knowledgeable attacker

A survey on security analysis of machine learning-oriented hardware and software intellectual property

Intellectual Property (IP) includes ideas, innovations, methodologies, works of authorship (viz., literary and artistic works), emblems, brands, images, etc. This property is intangible since it is pertinent to the human intellect. Therefore, IP entities are indisputably vulnerable to infringements and modifications without the owner’s consent. IP protection regulations have been deployed and are still in practice, including patents, copyrights, contracts, trademarks, trade secrets, etc., to address these challenges. Unfortunately, these protections are insufficient to keep IP entities from being changed or stolen without permission. As for this, some IPs require hardware IP protection mechanisms, and others require software IP protection techniques. To secure these IPs, researchers have explored the domain of Intellectual Property Protection (IPP) using different approaches. In this paper, we discuss the existing IP rights and concurrent breakthroughs in the field of IPP research; provide discussions on hardware IP and software IP attacks and defense techniques; summarize different applications of IP protection; and lastly, identify the challenges and future research prospects in hardware and software IP security

N-variant Hardware Design

The emergence of lightweight embedded devices imposes stringent constraints on the area and power of the circuits used to construct them. Meanwhile, many of these embedded devices are used in applications that require diversity and flexibility to make them secure and adaptable to the fluctuating workload or variable fabric. While field programmable gate arrays (FPGAs) provide high flexibility, the use of application specific integrated circuits (ASICs) to implement such devices is more appealing because ASICs can currently provide an order of magnitude less area and better performance in terms of power and speed. My proposed research introduces the N-variant hardware design methodology that adds the sufficient flexibility needed by such devices while preserving the performance and area advantages of using ASICs. The N-variant hardware design embeds different variants of the design control part on the same IC to provide diversity and flexibility. Because the control circuitry usually represents a small fraction of the whole circuit, using multiple versions of the control circuitry is expected to have a low overhead. The objective of my thesis is to formulate a method that provides the following advantages: (i) ease of integration in the current ASIC design flow, (ii) minimal impact on the performance and area of the ASIC design, and (iii) providing a wide range of applications for hardware security and tuning the performance of chips either statically (e.g., post-silicon optimization) or dynamically (at runtime). This is achieved by adding diversity at two orthogonal levels: (i) state space diversity, and (ii) scheduling diversity. State space diversity expands the state space of the controller. Using state space diversity, we introduce an authentication mechanism and the first active hardware metering schemes. On the other hand, scheduling diversity is achieved by embedding different control schedules in the same design. The scheduling diversity can be spatial, temporal, or a hybrid of both methods. Spatial diversity is achieved by implementing multiple control schedules that use various parts of the chip at different rates. Temporal diversity provides variants of the controller that can operate at unequal speeds. A hybrid of both spatial and temporal diversities can also be implemented. Scheduling diversity is used to add the flexibility to tune the performance of the chip. An application of the thermal management of the chip is demonstrated using scheduling diversity. Experimental results show that the proposed method is easy to integrate in the current ASIC flow, has a wide range of applications, and incurs low overhead

An Efficient Authentication Protocol for Smart Grid Communication Based on On-Chip-Error-Correcting Physical Unclonable Function

Security has become a main concern for the smart grid to move from research and development to industry. The concept of security has usually referred to resistance to threats by an active or passive attacker. However, since smart meters (SMs) are often placed in unprotected areas, physical security has become one of the important security goals in the smart grid. Physical unclonable functions (PUFs) have been largely utilized for ensuring physical security in recent years, though their reliability has remained a major problem to be practically used in cryptographic applications. Although fuzzy extractors have been considered as a solution to solve the reliability problem of PUFs, they put a considerable computational cost to the resource-constrained SMs. To that end, we first propose an on-chip-error-correcting (OCEC) PUF that efficiently generates stable digits for the authentication process. Afterward, we introduce a lightweight authentication protocol between the SMs and neighborhood gateway (NG) based on the proposed PUF. The provable security analysis shows that not only the proposed protocol can stand secure in the Canetti-Krawczyk (CK) adversary model but also provides additional security features. Also, the performance evaluation demonstrates the significant improvement of the proposed scheme in comparison with the state-of-the-art

Uncovering Vulnerable Industrial Control Systems from the Internet Core

Industrial control systems (ICS) are managed remotely with the help of dedicated protocols that were originally designed to work in walled gardens. Many of these protocols have been adapted to Internet transport and support wide-area communication. ICS now exchange insecure traffic on an inter-domain level, putting at risk not only common critical infrastructure but also the Internet ecosystem (e.g., DRDoS~attacks). In this paper, we uncover unprotected inter-domain ICS traffic at two central Internet vantage points, an IXP and an ISP. This traffic analysis is correlated with data from honeypots and Internet-wide scans to separate industrial from non-industrial ICS traffic. We provide an in-depth view on Internet-wide ICS communication. Our results can be used i) to create precise filters for potentially harmful non-industrial ICS traffic, and ii) to detect ICS sending unprotected inter-domain ICS traffic, being vulnerable to eavesdropping and traffic manipulation attacks

Active hardware metering for intellectual property protection and security

Abstract We introduce the first active hardware metering scheme that aims to protect integrated circuits (IC) intellectual property (IP) against piracy and runtime tampering. The novel metering method simultaneously employs inherent unclonable variability in modern manufacturing technology, and functionality preserving alternations of the structural IC specifications. Active metering works by enabling the designers to lock each IC and to remotely disable it. The objectives are realized by adding new states and transitions to the original finite state machine (FSM) to create boosted finite state machines(BFSM) of the pertinent design. A unique and unpredictable ID generated by an IC is utilized to place an BFSM into the power-up state upon activation. The designer, knowing the transition table, is the only one who can generate input sequences required to bring the BFSM into the functional initial (reset) state. To facilitate remote disabling of ICs, black hole states are integrated within the BFSM. We introduce nine types of potential attacks against the proposed active metering method. We further describe a number of countermeasures that must be taken to preserve the security of active metering against the potential attacks. The implementation details of the method with the objectives of being low-overhead, unclonable, obfuscated, stable, while having a diverse set of keys is presented. The active metering method was implemented, synthesized and mapped on the standard benchmark circuits. Experimental evaluations illustrate that the method has a low-overhead in terms of power, delay, and area, while it is extremely resilient against the considered attacks

Design of programmable hardware security modules for enhancing blockchain based security framework

Globalization of the chip design and manufacturing industry has imposed significant threats to the hardware security of integrated circuits (ICs). It has made ICs more susceptible to various hardware attacks. Blockchain provides a trustworthy and distributed platform to store immutable records related to the evidence of intellectual property (IP) creation, authentication of provenance, and confidential data storage. However, blockchain encounters major security challenges due to its decentralized nature of ledgers that contain sensitive data. The research objective is to design a dedicated programmable hardware security modules scheme to safeguard and maintain sensitive information contained in the blockchain networks in the context of the IC supply chain. Thus, the blockchain framework could rely on the proposed hardware security modules and separate the entire cryptographic operations within the system as stand-alone hardware units. This work put forth a novel approach that could be considered and utilized to enhance blockchain security in real-time. The critical cryptographic components in blockchain secure hash algorithm-256 (SHA-256) and the elliptic curve digital signature algorithm are designed as separate entities to enhance the security of the blockchain framework. Physical unclonable functions are adopted to perform authentication of transactions in the blockchain. Relative comparison of designed modules with existing works clearly depicts the upper hand of the former in terms of performance parameters