Security of Electrical, Optical and Wireless On-Chip Interconnects: A Survey

The advancement of manufacturing technologies has enabled the integration of more intellectual property (IP) cores on the same system-on-chip (SoC). Scalable and high throughput on-chip communication architecture has become a vital component in today's SoCs. Diverse technologies such as electrical, wireless, optical, and hybrid are available for on-chip communication with different architectures supporting them. Security of the on-chip communication is crucial because exploiting any vulnerability would be a goldmine for an attacker. In this survey, we provide a comprehensive review of threat models, attacks, and countermeasures over diverse on-chip communication technologies as well as sophisticated architectures.Comment: 41 pages, 24 figures, 4 table

Effectiveness of HT-assisted Sinkhole and Blackhole Denial of Service Attacks Targeting Mesh Networks-on-chip

There are ample opportunities at both design and manufacturing phases to meddle in a many-core chip system, especially its underlining communication fabric, known as the networks-on-chip (NoC), through the inclusion of malicious hardware Trojans (HT). In this paper, we focus on studying two specific HT-assisted Denial-of-Service (DoS) attacks, namely the sinkhole and blackhole attacks, that directly target the NoC of a many-core chip. As of the blackhole attacks, those intermediate routers with inserted HTs can stop forwarding data packets/flits towards the packets’ destination; instead, packets are either dropped from the network or diverted to some other malicious nodes. Sinkhole attacks, which exhibit similar attack effects as blackhole attacks, can occur when the NoC supports adaptive routing. In this case, a malicious node actively solicits packets from its neighbor nodes by pretending to have sufficient free buffer slots. Effects and efficiencies of both sinkhole and blackhole DoS attacks are modeled and quantified in this paper, and a few factors that influence attack effects are found to be critical. Through fine-tuning of these parameters, both attacks are shown to cause more damages to the NoC, measured as over 30% increase in packet loss rate. Even with current detection and defense methods in place, the packet loss rate is still remarkably high, suggesting the need of new and more effective detection and defense methods against the enhanced blackhole and sinkhole attacks as described in the paper

Tree-structured small-world connected wireless network-on-chip with adaptive routing

Traditional Network-on-Chip (NoC) systems comprised of many cores suffer from debilitating bottlenecks of latency and significant power dissipation due to the overhead inherent in multi-hop communication. In addition, these systems remain vulnerable to malicious circuitry incorporated into the design by untrustworthy vendors in a world where complex multi-stage design and manufacturing processes require the collective specialized services of a variety of contractors. This thesis proposes a novel small-world tree-based network-on-chip (SWTNoC) structure designed for high throughput, acceptable energy consumption, and resiliency to attacks and node failures resulting from the insertion of hardware Trojans. This tree-based implementation was devised as a means of reducing average network hop count, providing a large degree of local connectivity, and effective long-range connectivity by means of a novel wireless link approach based on carbon nanotube (CNT) antenna design. Network resiliency is achieved by means of a devised adaptive routing algorithm implemented to work with TRAIN (Tree-based Routing Architecture for Irregular Networks). Comparisons are drawn with benchmark architectures with optimized wireless link placement by means of the simulated annealing (SA) metaheuristic. Experimental results demonstrate a 21% throughput improvement and a 23% reduction in dissipated energy per packet over the closest competing architecture. Similar trends are observed at increasing system sizes. In addition, the SWTNoC maintains this throughput and energy advantage in the presence of a fault introduced into the system. By designing a hierarchical topology and designating a higher level of importance on a subset of the nodes, much higher network throughput can be attained while simultaneously guaranteeing deadlock freedom as well as a high degree of resiliency and fault-tolerance

Secure Network-on-Chip Against Black Hole and Tampering Attacks

The Network-on-Chip (NoC) has become the communication heart of Multiprocessors-System-on-Chip (MPSoC). Therefore, it has been subject to a plethora of security threats to degrade the system performance or steal sensitive information. Due to the globalization of the modern semiconductor industry, many different parties take part in the hardware design of the system. As a result, the NoC could be infected with a malicious circuit, known as a Hardware Trojan (HT), to leave a back door for security breach purposes. HTs are smartly designed to be too small to be uncovered by offline circuit-level testing, so the system requires an online monitoring to detect and prevent the HT in runtime. This dissertation focuses on HTs inside the router of a NoC designed by a third party. It explores two HT-based threat models for the MPSoC, where the NoC experiences packet-loss and packet-tampering once the HT in the infected router is activated and is in the attacking state. Extensive experiments for each proposed architecture were conducted using a cycle-accurate simulator to demonstrate its effectiveness on the performance of the NoC-based system. The first threat model is the Black Hole Router (BHR) attack, where it silently discards the packets that are passing through without further announcement. The effect of the BHR is presented and analyzed to show the potency of the attack on a NoC-based system. A countermeasure protocol is proposed to detect the BHR at runtime and counteract the deliberate packet-dropping attack with a 26.9% area overhead, an average 21.31% performance overhead and a 22% energy consumption overhead. The protocol is extended to provide an efficient and power-gated scheme to enhance the NoC throughput and reduce the energy consumption by using end-to-end (e2e) approach. The power-gated e2e technique locates the BHR and avoids it with a 1% performance overhead and a 2% energy consumption overhead. The second threat model is a packet-integrity attack, where the HT tampers with the packet to apply a denial-of-service attack, steal sensitive information, gain unauthorized access, or misroute the packet to an unintended node. An authentic and secure NoC platform is proposed to detect and countermeasure the packet-tampering attack to maintain data-integrity and authenticity while keeping its secrecy with a 24.21% area overhead. The proposed NoC architecture is not only able to detect the attack, but also locates the infected router and isolates it from the network

HARDWARE ATTACK DETECTION AND PREVENTION FOR CHIP SECURITY

Hardware security is a serious emerging concern in chip designs and applications. Due to the globalization of the semiconductor design and fabrication process, integrated circuits (ICs, a.k.a. chips) are becoming increasingly vulnerable to passive and active hardware attacks. Passive attacks on chips result in secret information leaking while active attacks cause IC malfunction and catastrophic system failures. This thesis focuses on detection and prevention methods against active attacks, in particular, hardware Trojan (HT). Existing HT detection methods have limited capability to detect small-scale HTs and are further challenged by the increased process variation. We propose to use differential Cascade Voltage Switch Logic (DCVSL) method to detect small HTs and achieve a success rate of 66% to 98%. This work also presents different fault tolerant methods to handle the active attacks on symmetric-key cipher SIMON, which is a recent lightweight cipher. Simulation results show that our Even Parity Code SIMON consumes less area and power than double modular redundancy SIMON and Reversed-SIMON, but yields a higher fault -detection-failure rate as the number of concurrent faults increases. In addition, the emerging technology, memristor, is explored to protect SIMON from passive attacks. Simulation results indicate that the memristor-based SIMON has a unique power characteristic that adds new challenges on secrete key extraction

Reliability and Security Assessment of Modern Embedded Devices

L'abstract è presente nell'allegato / the abstract is in the attachmen

Persistent monitoring of digital ICs to verify hardware trust

The specialization of the semiconductor industry has resulted in a global Integrated Circuit (IC) supply chain that is susceptible to hardware Trojans - malicious circuitry that is embedded into the chip during the design cycle. This nefarious attack could compromise the missioncritical systems which implement these devices. While a trusted domestic IC supply chain exists with resources such as the Trusted Foundry Program, it\u27s highly desirable to utilize the high yield, fast turn-around time, low cost, and leading-edge technology of the global IC supply chain. Research into the verification of hardware trust has made significant progress in recent years but is still far from a single, comprehensive solution. Most proposed solutions are one-time implementable methods that attempt to detect hardware Trojans during the verification stage of the IC development process. While this is a desirable solution, it\u27s not realistic given the current limitations of hardware Trojan detection techniques. We propose a more comprehensive solution that involves the persistent verification of hardware trust in the field, in addition to several one-time methods implemented during IC verification. We define a persistent verification framework that involves the use of a few ICs from a secure process flow to persistently monitor and verify the operation of several untrusted ICs from the global supply chain. This allows the system integrator to realize the benefits of the global IC supply chain while maintaining the integrity of the system. We develop a system monitor which filters the IO of untrusted digital ICs for a set of patterns, which we refer to as digital signal signatures, to verify the operation of the devices

Cybersecurity: Past, Present and Future

The digital transformation has created a new digital space known as cyberspace. This new cyberspace has improved the workings of businesses, organizations, governments, society as a whole, and day to day life of an individual. With these improvements come new challenges, and one of the main challenges is security. The security of the new cyberspace is called cybersecurity. Cyberspace has created new technologies and environments such as cloud computing, smart devices, IoTs, and several others. To keep pace with these advancements in cyber technologies there is a need to expand research and develop new cybersecurity methods and tools to secure these domains and environments. This book is an effort to introduce the reader to the field of cybersecurity, highlight current issues and challenges, and provide future directions to mitigate or resolve them. The main specializations of cybersecurity covered in this book are software security, hardware security, the evolution of malware, biometrics, cyber intelligence, and cyber forensics. We must learn from the past, evolve our present and improve the future. Based on this objective, the book covers the past, present, and future of these main specializations of cybersecurity. The book also examines the upcoming areas of research in cyber intelligence, such as hybrid augmented and explainable artificial intelligence (AI). Human and AI collaboration can significantly increase the performance of a cybersecurity system. Interpreting and explaining machine learning models, i.e., explainable AI is an emerging field of study and has a lot of potentials to improve the role of AI in cybersecurity.Comment: Author's copy of the book published under ISBN: 978-620-4-74421-