Energy Harvesting and Sensor Based Hardware Security Primitives for Cyber-Physical Systems

The last few decades have seen a large proliferation in the prevalence of cyber-physical systems. Although cyber-physical systems can offer numerous advantages to society, their large scale adoption does not come without risks. Internet of Things (IoT) devices can be considered a significant component within cyber-physical systems. They can provide network communication in addition to controlling the various sensors and actuators that exist within the larger cyber-physical system. The adoption of IoT features can also provide attackers with new potential avenues to access and exploit a system\u27s vulnerabilities. Previously, existing systems could more or less be considered a closed system with few potential points of access for attackers. Security was thus not typically a core consideration when these systems were originally designed. The cumulative effect is that these systems are now vulnerable to new security risks without having native security countermeasures that can easily address these vulnerabilities. Even just adding standard security features to these systems is itself not a simple task. The devices that make up these systems tend to have strict resource constraints in the form of power consumption and processing power. In this dissertation, we explore how security devices known as Physically Unclonable Functions (PUFs) could be used to address these concerns. PUFs are a class of circuits that are unique and unclonable due to inherent variations caused by the device manufacturing process. We can take advantage of these PUF properties by using the outputs of PUFs to generate secret keys or pseudonyms that are similarly unique and unclonable. Existing PUF designs are commonly based around transistor level variations in a special purpose integrated circuit (IC). Integrating these designs within a system would still require additional hardware along with system modification to interact with the device. We address these concerns by proposing a novel PUF design methodology for the creation of PUFs whose integration within these systems would minimize the cost of redesigning the system by reducing the need to add additional hardware. This goal is achieved by creating PUF designs from components that may already exist within these systems. A PUF designed from existing components creates the possibility of adding a PUF (and thus security features) to the system without actually adding any additional hardware. This could allow PUFs to become a more attractive security option for integration with resource constrained devices. Our proposed approach specifically targets sensors and energy harvesting devices since they can provide core functions within cyber-physical systems such as power generation and sensing capabilities. These components are known to exhibit variations due to the manufacturing process and could thus be utilized to design a PUF. Our first contribution is the proposal of a novel PUF design methodology based on using components which are already commonly found within cyber-physical systems. The proposed methodology uses eight sensors or energy harvesting devices along with a microcontroller. It is unlikely that single type of sensor or energy harvester will exist in all possible cyber-physical systems. Therefore, it is important to create a range of designs in order to reach a greater portion of cyber-physical systems. The second contribution of this work is the design of a PUF based on piezo sensors. Our third contribution is the design of a PUF that utilizes thermistor temperature sensors. The fourth contribution of this work is a proposed solar cell based PUF design. Furthermore, as a fifth contribution of this dissertation we evaluate a selection of common solar cell materials to establish which type of solar cell would be best suited to the creation of a PUF based on the operating conditions. The viability of the proposed designs is evaluated through testing in terms of reliability and uniformity. In addition, Monte Carlo simulations are performed to evaluate the uniqueness property of the designs. For our final contribution we illustrate the security benefits that can be achieved through the adoption of PUFs by cyber-physical systems. For this purpose we chose to highlight vehicles since they are a very popular example of a cyber-physical system and they face unique security challenges which are not readily solvable by standard solutions. Our contribution is the proposal of a novel controller area network (CAN) security framework that is based on PUFs. The framework does not require any changes to the underlying CAN protocol and also minimizes the amount of additional message passing overhead needed for its operation. The proposed framework is a good example of how the cost associated with implementing such a framework could be further reduced through the adoption of our proposed PUF designs. The end result is a method which could introduce security to an inherently insecure system while also making its integration as seamless as possible by attempting to minimize the need for additional hardware

A PUF-and biometric-based lightweight hardware solution to increase security at sensor nodes

Security is essential in sensor nodes which acquire and transmit sensitive data. However, the constraints of processing, memory and power consumption are very high in these nodes. Cryptographic algorithms based on symmetric key are very suitable for them. The drawback is that secure storage of secret keys is required. In this work, a low-cost solution is presented to obfuscate secret keys with Physically Unclonable Functions (PUFs), which exploit the hardware identity of the node. In addition, a lightweight fingerprint recognition solution is proposed, which can be implemented in low-cost sensor nodes. Since biometric data of individuals are sensitive, they are also obfuscated with PUFs. Both solutions allow authenticating the origin of the sensed data with a proposed dual-factor authentication protocol. One factor is the unique physical identity of the trusted sensor node that measures them. The other factor is the physical presence of the legitimate individual in charge of authorizing their transmission. Experimental results are included to prove how the proposed PUF-based solution can be implemented with the SRAMs of commercial Bluetooth Low Energy (BLE) chips which belong to the communication module of the sensor node. Implementation results show how the proposed fingerprint recognition based on the novel texture-based feature named QFingerMap16 (QFM) can be implemented fully inside a low-cost sensor node. Robustness, security and privacy issues at the proposed sensor nodes are discussed and analyzed with experimental results from PUFs and fingerprints taken from public and standard databases.Ministerio de Economía, Industria y Competitividad TEC2014-57971-R, TEC2017-83557-

A Novel Physical Unclonable Function (PUF) Featuring 0.113 FJ/B for IOT Devices

A physically unclonable function (PUF) is useful for authentication purposes and is a function created for its inherent uniqueness and inability of adversaries to duplicate it. In this thesis, a PUF is designed, which is a combination of both digital and analog circuits. This PUF could be designed partially based on a semi-automated approach using custom-built P-cells. The PUF is implemented using novel digital circuits, which have been designed using basic digital gates with a minimal number of transistors. The proposed PUF is developed by the introduction of a layer of multiplexers, which is triggered by a novel SR-latch based model for driving the selection lines. For a higher bit stability, the SR latch is combined with four-way asynchronous circuits, which are a class of coincident flip-flops. The resulted PUF consumes very little power and is suitable for sensors and low power applications. The proposed design was implemented in using the Cadence virtuoso IC 5.1.4 and based on the 180nm TSMC transistor models. The energy consumption and area of the proposed PUF is shown to be equal to 0.1132 fJ/bit and 8.03, which is considerably lower than the state of the arts. The uniqueness and reliability of the proposed PUF are estimated to be 48.66% and 99.33%

Functional mobile-based two-factor authentication by photonic physical unclonable functions

Given the rapid expansion of the Internet of Things and because of the concerns around counterfeited goods, secure and resilient cryptographic systems are in high demand. Due to the development of digital ecosystems, mobile applications for transactions require fast and reliable methods to generate secure cryptographic keys, such as Physical Unclonable Functions (PUFs). We demonstrate a compact and reliable photonic PUF device able to be applied in mobile-based authentication. A miniaturized, energy-efficient, and low-cost token was forged of flexible luminescent organic–inorganic hybrid materials doped with lanthanides, displaying unique challenge–response pairs (CRPs) for two-factor authentication. Under laser irradiation in the red spectral region, a speckle pattern is attained and accessed through conventional charge-coupled cameras, and under ultraviolet light-emitting diodes, it displays a luminescent pattern accessed through hyperspectral imaging and converted to a random intensity-based pattern, ensuring the two-factor authentication. This methodology features the use of a discrete cosine transform to enable a low-cost and semi-compact encryption system suited for speckle and luminescence-based CRPs. The PUF evaluation and the authentication protocol required the analysis of multiple CRPs from different tokens, establishing an optimal cryptographic key size (128 bits) and an optimal decision threshold level that minimizes the error probability.publishe