When a Patch is Not Enough - HardFails: Software-Exploitable Hardware Bugs

In this paper, we take a deep dive into microarchitectural security from a hardware designer's perspective by reviewing the existing approaches to detect hardware vulnerabilities during the design phase. We show that a protection gap currently exists in practice that leaves chip designs vulnerable to software-based attacks. In particular, existing verification approaches fail to detect specific classes of vulnerabilities, which we call HardFails: these bugs evade detection by current verification techniques while being exploitable from software. We demonstrate such vulnerabilities in real-world SoCs using RISC-V to showcase and analyze concrete instantiations of HardFails. Patching these hardware bugs may not always be possible and can potentially result in a product recall. We base our findings on two extensive case studies: the recent Hack@DAC 2018 hardware security competition, where 54 independent teams of researchers competed world-wide over a period of 12 weeks to catch inserted security bugs in SoC RTL designs, and an in-depth systematic evaluation of state-of-the-art verification approaches. Our findings indicate that even combinations of techniques will miss high-impact bugs due to the large number of modules with complex interdependencies and fundamental limitations of current detection approaches. We also craft a real-world software attack that exploits one of the RTL bugs from Hack@DAC that evaded detection and discuss novel approaches to mitigate the growing problem of cross-layer bugs at design time

New Structure of Test Pattern Generator Stimulating Crosstalks in Bus-type Connections

The paper discloses the idea of a new structure for a Test Pattern Generator (TPG) for detection of crosstalk faults that may happen to bus-type interconnections between built-in blocks within a System on a Chip structure. The new idea is an improvement of the TPG design proposed by the author in one of previous studies. The TPG circuit is meant to generate test sequences that guarantee detection of all crosstalk faults with the capacitance nature that may occur between individual lines within an interconnecting bus. The study comprises a synthesizable and parameterized model developed for the presented TPG in the VLSI Hardware Description Language (VHDL) with further investigation of properties and features of the offered module. The significant advantages of the proposed TPG structure include less area occupied on a chip and higher operation frequency as compared to other solutions. In addition, the design demonstrates good scalability in terms of both the hardware overhead and the length of the generated test sequence

On the detection of always-on hardware trojans supported by a pre-silicon verification methodology

Hardware-based vulnerabilities are becoming a serious threat in the Integrated Circuit (IC) industry. Current System-on-Chip (SoC) designs are comprised of many Intellectual Property (IP) blocks coming from third-party vendors. These can maliciously insert additional hardware, commonly known as Hardware Trojans, aiming at degrading performance, altering functionality or even leaking secret information. According to their activation mechanism, Hardware Trojans are classified as triggered or always-on. While the detection approaches for the first class are widely explored even during the early stages of the IC design flow, the detection of always-on type mainly relies on side channel analyses, carried out after fabrication. This work presents a methodology oriented to detect always-on Hardware Trojans during the pre-silicon design stage. The proposed approach is able to detect suspicious intrusions by exploiting a signature mechanism developed during the RTL verification phase. The activity of carefully selected signals is spied to record and keep the state of the core. Finally, the efficacy of the technique has been validated on an open-source IP core with three different always-on Trojans

DIVAS: An LLM-based End-to-End Framework for SoC Security Analysis and Policy-based Protection

Securing critical assets in a bus-based System-On-Chip (SoC) is imperative to mitigate potential vulnerabilities and prevent unauthorized access, ensuring the integrity, availability, and confidentiality of the system. Ensuring security throughout the SoC design process is a formidable task owing to the inherent intricacies in SoC designs and the dispersion of assets across diverse IPs. Large Language Models (LLMs), exemplified by ChatGPT (OpenAI) and BARD (Google), have showcased remarkable proficiency across various domains, including security vulnerability detection and prevention in SoC designs. In this work, we propose DIVAS, a novel framework that leverages the knowledge base of LLMs to identify security vulnerabilities from user-defined SoC specifications, map them to the relevant Common Weakness Enumerations (CWEs), followed by the generation of equivalent assertions, and employ security measures through enforcement of security policies. The proposed framework is implemented using multiple ChatGPT and BARD models, and their performance was analyzed while generating relevant CWEs from the SoC specifications provided. The experimental results obtained from open-source SoC benchmarks demonstrate the efficacy of our proposed framework.Comment: 15 pages, 7 figures, 8 table

Integrating simultaneous bi-direction signalling in the test fabric of 3D stacked integrated circuits.

Jennions, Ian K. - Associate SupervisorThe world has seen significant advancements in electronic devices’ capabilities, most notably the ability to embed ultra-large-scale functionalities in lightweight, area and power-efficient devices. There has been an enormous push towards quality and reliability in consumer electronics that have become an indispensable part of human life. Consequently, the tests conducted on these devices at the final stages before these are shipped out to the customers have a very high significance in the research community. However, researchers have always struggled to find a balance between the test time (hence the test cost) and the test overheads; unfortunately, these two are inversely proportional. On the other hand, the ever-increasing demand for more powerful and compact devices is now facing a new challenge. Historically, with the advancements in manufacturing technology, electronic devices witnessed miniaturizing at an exponential pace, as predicted by Moore’s law. However, further geometric or effective 2D scaling seems complicated due to performance and power concerns with smaller technology nodes. One promising way forward is by forming 3D Stacked Integrated Circuits (SICs), in which the individual dies are stacked vertically and interconnected using Through Silicon Vias (TSVs) before being packaged as a single chip. This allows more functionality to be embedded with a reduced footprint and addresses another critical problem being observed in 2D designs: increasingly long interconnects and latency issues. However, as more and more functionality is embedded into a small area, it becomes increasingly challenging to access the internal states (to observe or control) after the device is fabricated, which is essential for testing. This access is restricted by the limited number of Chip Terminals (IC pins and the vertical Through Silicon Vias) that a chip could be fitted with, the power consumption concerns, and the chip area overheads that could be allocated for testing. This research investigates Simultaneous Bi-Directional Signaling (SBS) for use in Test Access Mechanism (TAM) designs in 3D SICs. SBS enables chip terminals to simultaneously send and receive test vectors on a single Chip Terminal (CT), effectively doubling the per-pin efficiency, which could be translated into additional test channels for test time reduction or Chip Terminal reduction for resource efficiency. The research shows that SBS-based test access methods have significant potential in reducing test times and/or test resources compared to traditional approaches, thereby opening up new avenues towards cost-effectiveness and reliability of future electronics.PhD in Manufacturin

Revealing the Secrets of Radio-Enabled Embedded Systems: on extraction of raw information from any on-board signal through RF

In this work we are interested in evaluating the possibility of extracting information from radio-enabled embedded-systems from a long distance. That is, our focus is capturing information from sources in the micrometer to tens of centimeters scale, such as intra- or inter- device busses, board-level routing traces etc. Moreover, we focus on distances in the range of millimeters to tens of centimeters from the (on-chip or on-board) embedded-system Tx Antenna to the signal source. Side-channels denotes presence of information in illegitimate channels. Side-channel analysis (SCA) attacks typically require statistical analysis and many leakage traces, focusing on micrometer level signals (sources) which emanate direct Near-Field information up to centimeters-level distances. In the same context (Near-Field and micrometer-level) simple power analysis (SPA) like attacks typically extract either direct raw information from one or few leakages or utilize statistical analysis on various samples from the same trace, similarly to horizontal attacks. Lately, radio-enabled systems were shown to emanate to a large distance (Far-Field), information from micrometer level sources, such as CPU processing, through the RF Tx Antenna: so far, SCA-like statistical analysis were shown. On the other hand, various reports exist on direct information eavesdropping/ sniffing or data exfiltration, emanated from centimeter to tens of centimeters scale sources, e.g., SATA, USB, Power-lines, Serial interface, Air-Gap systems, Screens and even optical fibers. All these elements are typically being used as a source and a direct Tx Antenna (huge, several to tens of centimeters) of the sensitive information. These antennas typically transmit information to short distances and the decay is very steep (proportional to $r^{-2}$-$r^{-3}$ depending on various factors and models). To the best of our knowledge, we report here for the first time an alarming security challenge: any signal in the embedded system, from serial ports, DMA-controlled memory-access, JTAG and SPI interfaces, on-board signals with galvanic connection to the Tx Antenna-chip and \emph{on-board signals without galvanic connection to the Tx Antenna-chip itself, all leak direct information up to tens of centimeters from source to the Tx Antenna}. This alarming situation induce signal-integrity implications within the embedded system, and significant implications relating to device-isolation and user-isolation, it may also affect standards and specifications for e.g., electromagnetic compatibility (EMC), on-board signal shielding, electromagnetic and RF interference (EMI, RFI), cross-talk, and generally design-for-manufacturing (DFM) guidelines for both intra-IC and PCB board. We demonstrate such direct readout of signals with commercial and low-cost equipment indicating how problematic the situation is. The existence of such leakage is demonstrated both over an ultra-low-cost platform such as the nRF52832(nRF) embedded-system and on a more advanced ESP32-c3-devkitc-02 board which is far more widespread in ISM radio applications and meets certification like FCC and CE (as compared to the nRF device). We have constructed an experiment to demonstrate leakage scenarios from (1) on- and (2) off-chip, on-board or (3) signals without galvanic connection to the RF front-end chip, showing the severity of the leakage, repetitively and systematic nature of the phenomena over various devices. We further demonstrate how sophisticated adversaries can build a code-injection Gadget which can carry sensitive-data and modulate it to be best extracted by the RF-channel. The main observation we push forward is that unless concrete interference and isolation standards appear with security metrics in mind, which are significantly different than ones needed for communication, it would be hard to prevent such leakages

A Framework for the Detection of Crosstalk Noise in FPGAs

In recent years, crosstalk noise has emerged a serious problem because more and more devices and wires have been packed on electronic chips. As integrated circuits are migrated to more advanced technologies, it has become clear that crosstalk noise is the important phenomenon that must be taken into account. Despite of being more immune to crosstalk noise than their ASIC (application specific integrated circuit) counterparts, the dense interconnected structures of FPGAs (field programmable gate arrays) invite more vulnerabilities with crosstalk noise. Due to the lack of electrical detail concerning FPGA devices it is quite difficult to test the faults affected by crosstalk noise. This paper proposes a new approach for detecting the effects such as glitches and delays in transition that are due to crosstalk noise in FPGAs. This approach is similar to the BIST (built-in self test) technique in that it incorporates the test pattern generator to generate the test vectors and the analyzer to analyze the crosstalk faults without any overhead for testing

Implementation of Static and Semi-Static Versions of a 24+8x8 Quad-rail NULL Convention Multiply and Accumulate Unit

This paper focuses on implementing a 2s complement 8x8 dual-rail bit-wise pipelined multiplier using the asynchronous null convention logic (NCL) paradigm. The design utilizes a Wallace tree for partial product summation, and is implemented and simulated in VHDL, the transistor level, and the physical level, using a 1.8V 0.18mum TSMC CMOS process. The multiplier is realized using both static and semi-static versions of the NCL gates; and these two implementations are compared in terms of area, power, and speed

Remote Attacks on FPGA Hardware

Immer mehr Computersysteme sind weltweit miteinander verbunden und über das Internet zugänglich, was auch die Sicherheitsanforderungen an diese erhöht. Eine neuere Technologie, die zunehmend als Rechenbeschleuniger sowohl für eingebettete Systeme als auch in der Cloud verwendet wird, sind Field-Programmable Gate Arrays (FPGAs). Sie sind sehr flexible Mikrochips, die per Software konfiguriert und programmiert werden können, um beliebige digitale Schaltungen zu implementieren. Wie auch andere integrierte Schaltkreise basieren FPGAs auf modernen Halbleitertechnologien, die von Fertigungstoleranzen und verschiedenen Laufzeitschwankungen betroffen sind. Es ist bereits bekannt, dass diese Variationen die Zuverlässigkeit eines Systems beeinflussen, aber ihre Auswirkungen auf die Sicherheit wurden nicht umfassend untersucht. Diese Doktorarbeit befasst sich mit einem Querschnitt dieser Themen: Sicherheitsprobleme die dadurch entstehen wenn FPGAs von mehreren Benutzern benutzt werden, oder über das Internet zugänglich sind, in Kombination mit physikalischen Schwankungen in modernen Halbleitertechnologien. Der erste Beitrag in dieser Arbeit identifiziert transiente Spannungsschwankungen als eine der stärksten Auswirkungen auf die FPGA-Leistung und analysiert experimentell wie sich verschiedene Arbeitslasten des FPGAs darauf auswirken. In der restlichen Arbeit werden dann die Auswirkungen dieser Spannungsschwankungen auf die Sicherheit untersucht. Die Arbeit zeigt, dass verschiedene Angriffe möglich sind, von denen früher angenommen wurde, dass sie physischen Zugriff auf den Chip und die Verwendung spezieller und teurer Test- und Messgeräte erfordern. Dies zeigt, dass bekannte Isolationsmaßnahmen innerhalb FPGAs von böswilligen Benutzern umgangen werden können, um andere Benutzer im selben FPGA oder sogar das gesamte System anzugreifen. Unter Verwendung von Schaltkreisen zur Beeinflussung der Spannung innerhalb eines FPGAs zeigt diese Arbeit aktive Angriffe, die Fehler (Faults) in anderen Teilen des Systems verursachen können. Auf diese Weise sind Denial-of-Service Angriffe möglich, als auch Fault-Angriffe um geheime Schlüsselinformationen aus dem System zu extrahieren. Darüber hinaus werden passive Angriffe gezeigt, die indirekt die Spannungsschwankungen auf dem Chip messen. Diese Messungen reichen aus, um geheime Schlüsselinformationen durch Power Analysis Seitenkanalangriffe zu extrahieren. In einer weiteren Eskalationsstufe können sich diese Angriffe auch auf andere Chips auswirken die an dasselbe Netzteil angeschlossen sind wie der FPGA. Um zu beweisen, dass vergleichbare Angriffe nicht nur innerhalb FPGAs möglich sind, wird gezeigt, dass auch kleine IoT-Geräte anfällig für Angriffe sind welche die gemeinsame Spannungsversorgung innerhalb eines Chips ausnutzen. Insgesamt zeigt diese Arbeit, dass grundlegende physikalische Variationen in integrierten Schaltkreisen die Sicherheit eines gesamten Systems untergraben können, selbst wenn der Angreifer keinen direkten Zugriff auf das Gerät hat. Für FPGAs in ihrer aktuellen Form müssen diese Probleme zuerst gelöst werden, bevor man sie mit mehreren Benutzern oder mit Zugriff von Drittanbietern sicher verwenden kann. In Veröffentlichungen die nicht Teil dieser Arbeit sind wurden bereits einige erste Gegenmaßnahmen untersucht