3 research outputs found
Ingress of threshold voltage-triggered hardware trojan in the modern FPGA fabric–detection methodology and mitigation
The ageing phenomenon of negative bias temperature instability (NBTI) continues to challenge the dynamic thermal management of modern FPGAs. Increased transistor density leads to thermal accumulation and propagates higher and non-uniform temperature variations across the FPGA. This aggravates the impact of NBTI on key PMOS transistor parameters such as threshold voltage and drain current. Where it ages the transistors, with a successive reduction in FPGA lifetime and reliability, it also challenges its security. The ingress of threshold voltage-triggered hardware Trojan, a stealthy and malicious electronic circuit, in the modern FPGA, is one such potential threat that could exploit NBTI and severely affect its performance. The development of an effective and efficient countermeasure against it is, therefore, highly critical. Accordingly, we present a comprehensive FPGA security scheme, comprising novel elements of hardware Trojan infection, detection, and mitigation, to protect FPGA applications against the hardware Trojan. Built around the threat model of a naval warship’s integrated self-protection system (ISPS), we propose a threshold voltage-triggered hardware Trojan that operates in a threshold voltage region of 0.45V to 0.998V, consuming ultra-low power (10.5nW), and remaining stealthy with an area overhead as low as 1.5% for a 28 nm technology node. The hardware Trojan detection sub-scheme provides a unique lightweight threshold voltage-aware sensor with a detection sensitivity of 0.251mV/nA. With fixed and dynamic ring oscillator-based sensor segments, the precise measurement of frequency and delay variations in response to shifts in the threshold voltage of a PMOS transistor is also proposed. Finally, the FPGA security scheme is reinforced with an online transistor dynamic scaling (OTDS) to mitigate the impact of hardware Trojan through run-time tolerant circuitry capable of identifying critical gates with worst-case drain current degradation
Design techniques for safe, reliable, and trustworthy analog circuits
Rapid developments in communication, automation, and smart technologies continue to
drive the trend of increasingly large-scale integration of electronics. The number of ICs
embedded in various systems continues to rise to realize more sophisticated functions and
capabilities, and as a result we rely more and more on the smooth, safe, and secure operation of
ICs. Quality assurance of ICs is of paramount importance in critical missions because faults can
incur heavy consequences. To ensure reliability, IC designs undergo a thorough verification
process prior to fabrication and comprehensive testing and measurements before distribution.
These steps provide confidence in parts shortly after their deployment into operation. Many
critical ICs also embed functions to detect abnormal or faulty behavior in the field and add
another layer of safety to the operation. The methodology for creating these built-in self-tests
(BISTs) for digital circuits is fairly mature, yet analog and mixed signal (AMS) circuits still
present a significant challenge for verification and testing.
The development of in-field tests for AMS circuits is relatively new. Part of the
difficulty is the many constraints that define satisfactory function. Complicated signal
generators and observers are usually required to stimulate the circuit and measure its response in
order to accurately determine if it meets specifications. These are available in a production test
environment in the form of external equipment, but the amount of hardware, power, and other
resources required for these tests make it impractical for in-field operation. To address this
issue, some simple, low-resource test circuits have been developed to test some fundamental
AMS blocks. The test results allow one to infer faulty behavior of circuit rather than explicitly
confirming specifications are not met, which makes the design of test inputs and observers
significantly easier. These test circuits use simple analog-digital interfaces which aid the
integration of the designs into existing digital test architectures. The AMS test circuits were
implemented on a PCB to demonstrate their feasibility.
For ICs targeting high reliability, the parts are designed such that the probability of a fault
occurring is extremely low, at least for a time. BISTs for in-field testing are intended to detect
faults originating from a single source because of a defect or some other unpredictable event.
But every IC will reach a time when devices start to fail independently of each other because of
normal wear from use. The physical mechanisms causing transistor degradation, called transistor
aging, have a predictable trend for a given history of use. On-chip monitors that track device
aging over the life of a part can provide warnings before widespread failure occurs and allow
confident operation of IC right up to its effective end of life (EOL). A bias and temperature
instability (BTI) monitor was designed to estimate the evolving probability of BTI degradation in
a device or devices during its operation.
In addition to the chance of random failures in critical ICs, designers and customers must
also concern themselves with intentionally induced failures. The important role these parts play
in their respective systems makes them potential targets of attack by third parties whose goal is
contrary to the parts’ primary missions. One potential class of threats is the hardware Trojan
horse, a hidden and malicious function physically embedded in the design. These are high-
risk/high-reward attacks because insertion of the Trojan is generally considered difficult but
successful activation is potentially devastating. Much research and resources have been
dedicated to developing threat models, identifying potential means of insertion and operation,
and detection of Trojans during production tests. However, these efforts are almost entirely
focused on the security of digital circuits while threats to AMS circuits have been ignored. One
of the main reasons for this is the inherent sensitivity of AMS circuits, which leads to the
assumption that any tampering would be obvious. This assumption falls short when a well-
known problem in AMS circuit design is considered: multi-stable operation. A definitive
taxonomy of this sub-class of hardware Trojans was constructed to complement existing
definitions and efforts on Trojan classification. An example of an AMS circuit with such a
Trojan is provided to validate the threat this class of Trojans poses
Design for prognostics and security in field programmable gate arrays (FPGAs).
There is an evolutionary progression of Field Programmable Gate Arrays (FPGAs)
toward more complex and high power density architectures such as Systems-on-
Chip (SoC) and Adaptive Compute Acceleration Platforms (ACAP). Primarily, this is
attributable to the continual transistor miniaturisation and more innovative and
efficient IC manufacturing processes. Concurrently, degradation mechanism of Bias
Temperature Instability (BTI) has become more pronounced with respect to its
ageing impact. It could weaken the reliability of VLSI devices, FPGAs in particular
due to their run-time reconfigurability. At the same time, vulnerability of FPGAs to
device-level attacks in the increasing cyber and hardware threat environment is also
quadrupling as the susceptible reliability realm opens door for the rogue elements to
intervene. Insertion of highly stealthy and malicious circuitry, called hardware
Trojans, in FPGAs is one of such malicious interventions. On the one hand where
such attacks/interventions adversely affect the security ambit of these devices, they
also undermine their reliability substantially. Hitherto, the security and reliability are
treated as two separate entities impacting the FPGA health. This has resulted in
fragmented solutions that do not reflect the true state of the FPGA operational and
functional readiness, thereby making them even more prone to hardware attacks.
The recent episodes of Spectre and Meltdown vulnerabilities are some of the key
examples. This research addresses these concerns by adopting an integrated
approach and investigating the FPGA security and reliability as two inter-dependent
entities with an additional dimension of health estimation/ prognostics. The design
and implementation of a small footprint frequency and threshold voltage-shift
detection sensor, a novel hardware Trojan, and an online transistor dynamic scaling
circuitry present a viable FPGA security scheme that helps build a strong
microarchitectural level defence against unscrupulous hardware attacks. Augmented
with an efficient Kernel-based learning technique for FPGA health
estimation/prognostics, the optimal integrated solution proves to be more
dependable and trustworthy than the prevalent disjointed approach.Samie, Mohammad (Associate)PhD in Transport System