Trojans in Early Design Steps—An Emerging Threat

Hardware Trojans inserted by malicious foundries during integrated circuit manufacturing have received substantial attention in recent years. In this paper, we focus on a different type of hardware Trojan threats: attacks in the early steps of design process. We show that third-party intellectual property cores and CAD tools constitute realistic attack surfaces and that even system specification can be targeted by adversaries. We discuss the devastating damage potential of such attacks, the applicable countermeasures against them and their deficiencies

DeMiST: Detection and Mitigation of Stealthy Analog Hardware Trojans

The global semiconductor supply chain involves design and fabrication at various locations, which leads to multiple security vulnerabilities, e.g., Hardware Trojan (HT) insertion. Although most HTs target digital circuits, HTs can be inserted in analog circuits. Therefore, several techniques have been developed for HT insertions in analog circuits. Capacitance-based Analog Hardware Trojan (AHT) is one of the stealthiest HT that can bypass most existing HT detection techniques because it uses negligible charge accumulation in the capacitor to generate stealthy triggers. To address the charge sharing and accumulation issues, we propose a novel way to detect such capacitance-based AHT in this paper. Secondly, we critically analyzed existing AHTs to highlight their respective limitations. We proposed a stealthier capacitor-based AHT (fortified AHT) that can bypass our novel AHT detection technique by addressing these limitations. Finally, by critically analyzing the proposed fortified AHT and existing AHTs, we developed a robust two-phase framework (DeMiST) in which a synchronous system can mitigate the effects of capacitance-based stealthy AHTs by turning off the triggering capability of AHT. In the first phase, we demonstrate how the synchronous system can avoid the AHT during run-time by controlling the supply voltage of the intermediate combinational circuits. In the second phase, we proposed a supply voltage duty cycle-based validation technique to detect capacitance-based AHTs. Furthermore, DeMiST amplified the switching activity for charge accumulation to such a degree that it can be easily detectable using existing switching activity-based HT detection techniques.Comment: Accepted at ACM Hardware and Architectural Support for Security and Privacy (HASP) 202

Malicious Hardware & Its Effects on Industry

In recent years advancements have been made in computer hardware security to circumnavigate the threat of malicious hardware. Threats come in several forms during the development and overall life cycle of computer hardware and I aim to highlight those key points. I will illustrate the various ways in which attackers exploit flaws in a chip design, or how malicious parties take advantage of the many steps required to design and fabricate hardware. Due to these exploits, the industry and consumers have suffered damages in the form of financial loss, physical harm, breaches of personal data, and a multitude of other problems. Many are under the impression that such damages and attacks are only carried out at a software level. Because of this, flaws in chip design, fabrication, and the large scale of transistors on chips have often been overlooked as a means of exploitation. However, as is the trend in cyberattacks when one door is locked attackers look to gain an entrance with any possible means. Fortunately, strides have been made in closing those doors, however now that malicious attackers have been made aware of these openings the aim is to mitigate or even abolish the damage that has been dealt

Survey on Security Issues and Protective Measures in Different Layers of Internet of Things (IoT)

In general perspective, Internet of things is defined as a network of physical objects by connecting” things to things” through the sensors, actuators and processors, to communicate and exchange data and information among each other along with other related devices and systems spread over different locations, without human-to-human or human-to-computer interactions. This survey summarises all the security threats along with privacy issues that may be confronted by the end users in Internet of Things (IoT). The majority of survey is to gather information about the current security requirements for IoT, the further scope and the challenges in IoT and the measures to prevent attacks upon the IoT systems