Physically unclonable functions based on a controlled ring oscillator

Решается задача построения нового класса физически неклонируемых функций (ФНФ) на базе управляемого кольцевого осциллятора (УКО). Актуальность создания УКОФНФ связана с активным развитием физической криптографии, применяемой для целей идентификации электронных изделий и формирования криптографических ключей. Показано, что классические физически неклонируемые функции на основе кольцевых осцилляторов (КОФНФ) характеризуются большой аппаратурной избыточностью из-за необходимости реализовывать большое число КО, в силу того что, каждый бит ответа требует наличия независимой пары реальных КО. В тоже время КОФНФ характеризуются лучшими статистическими свойствами по сравнению с ФНФ типа арбитр и не требуют обеспечения идеальной симметричности и идентичности реализуемых КО. В качестве альтернативы КОФНФ предлагается новый класс физически неклонируемых функций, а именноУКОФНФ, использующий управляемые кольцевые осцилляторы, основанные на управлении частотой формируемых импульсов без изменения функциональности и структуры осциллятора. Важным достоинством УКО является возможность реализации на его основе множества КО,количество которых достигает 2m, где m есть количество разрядов осциллятора, и каждый из них определяется подаваемым запросом. В статье рассматриваются три альтернативных структуры предлагаемых ФНФ, а именно УКОФНФ1, УКОФНФ2 и УКОФНФ3. Показываются их основные достоинства и недостатки, в том числе, в случае двух вариантов реализации, а именно на программированной логике (FPGA) и произвольной логике (ASIC). В качестве базового варианта для реализации на FPGA рассматривается УКОФНФ2 менее подверженный межкристальной и, что более важно, внутрикристальной зависимости, вызванной технологическими особенностями производственного процесса. Практические исследования проводились путем реализации на современных FPGA УКОФНФ2, оценки ее работоспособности и основных ее характеристик. Экспериментально подтверждена работоспособность нового класса ФНФ при их реализации на программируемой логике, а также высокие показатели их основных статистических характеристик

Build Testbenches for Verification in Shift Register ICs using SystemVerilog

A testbench is built to verify a functionality of a shift register IC (Integrated Circuit) from stuck-at-faults, stuck-at-1 as well as stuck-at-0. The testbench is supported by components, i.e., generator, interface, driver, monitor, scoreboard, environment, test, and testbench top. The IC consists of sequential logic circuits of D-type flip-flops. The faults may occur at interconnects between the circuits inside the IC. In order to examine the functionality from the faults, both the testbench and the IC are designed using SystemVerilog and simulated using Questasim simulator. Simulation results show the faults may be detected by the testbench. Moreover, the detected faults may be indicated by error statements in transcript results of the simulato

Techniques for Improving Security and Trustworthiness of Integrated Circuits

The integrated circuit (IC) development process is becoming increasingly vulnerable to malicious activities because untrusted parties could be involved in this IC development flow. There are four typical problems that impact the security and trustworthiness of ICs used in military, financial, transportation, or other critical systems: (i) Malicious inclusions and alterations, known as hardware Trojans, can be inserted into a design by modifying the design during GDSII development and fabrication. Hardware Trojans in ICs may cause malfunctions, lower the reliability of ICs, leak confidential information to adversaries or even destroy the system under specifically designed conditions. (ii) The number of circuit-related counterfeiting incidents reported by component manufacturers has increased significantly over the past few years with recycled ICs contributing the largest percentage of the total reported counterfeiting incidents. Since these recycled ICs have been used in the field before, the performance and reliability of such ICs has been degraded by aging effects and harsh recycling process. (iii) Reverse engineering (RE) is process of extracting a circuit’s gate-level netlist, and/or inferring its functionality. The RE causes threats to the design because attackers can steal and pirate a design (IP piracy), identify the device technology, or facilitate other hardware attacks. (iv) Traditional tools for uniquely identifying devices are vulnerable to non-invasive or invasive physical attacks. Securing the ID/key is of utmost importance since leakage of even a single device ID/key could be exploited by an adversary to hack other devices or produce pirated devices. In this work, we have developed a series of design and test methodologies to deal with these four challenging issues and thus enhance the security, trustworthiness and reliability of ICs. The techniques proposed in this thesis include: a path delay fingerprinting technique for detection of hardware Trojans, recycled ICs, and other types counterfeit ICs including remarked, overproduced, and cloned ICs with their unique identifiers; a Built-In Self-Authentication (BISA) technique to prevent hardware Trojan insertions by untrusted fabrication facilities; an efficient and secure split manufacturing via Obfuscated Built-In Self-Authentication (OBISA) technique to prevent reverse engineering by untrusted fabrication facilities; and a novel bit selection approach for obtaining the most reliable bits for SRAM-based physical unclonable function (PUF) across environmental conditions and silicon aging effects

Towards trustworthy computing on untrustworthy hardware

Historically, hardware was thought to be inherently secure and trusted due to its obscurity and the isolated nature of its design and manufacturing. In the last two decades, however, hardware trust and security have emerged as pressing issues. Modern day hardware is surrounded by threats manifested mainly in undesired modifications by untrusted parties in its supply chain, unauthorized and pirated selling, injected faults, and system and microarchitectural level attacks. These threats, if realized, are expected to push hardware to abnormal and unexpected behaviour causing real-life damage and significantly undermining our trust in the electronic and computing systems we use in our daily lives and in safety critical applications. A large number of detective and preventive countermeasures have been proposed in literature. It is a fact, however, that our knowledge of potential consequences to real-life threats to hardware trust is lacking given the limited number of real-life reports and the plethora of ways in which hardware trust could be undermined. With this in mind, run-time monitoring of hardware combined with active mitigation of attacks, referred to as trustworthy computing on untrustworthy hardware, is proposed as the last line of defence. This last line of defence allows us to face the issue of live hardware mistrust rather than turning a blind eye to it or being helpless once it occurs. This thesis proposes three different frameworks towards trustworthy computing on untrustworthy hardware. The presented frameworks are adaptable to different applications, independent of the design of the monitored elements, based on autonomous security elements, and are computationally lightweight. The first framework is concerned with explicit violations and breaches of trust at run-time, with an untrustworthy on-chip communication interconnect presented as a potential offender. The framework is based on the guiding principles of component guarding, data tagging, and event verification. The second framework targets hardware elements with inherently variable and unpredictable operational latency and proposes a machine-learning based characterization of these latencies to infer undesired latency extensions or denial of service attacks. The framework is implemented on a DDR3 DRAM after showing its vulnerability to obscured latency extension attacks. The third framework studies the possibility of the deployment of untrustworthy hardware elements in the analog front end, and the consequent integrity issues that might arise at the analog-digital boundary of system on chips. The framework uses machine learning methods and the unique temporal and arithmetic features of signals at this boundary to monitor their integrity and assess their trust level

A Framework for Facilitating Secure Design and Development of IoT Systems

The term Internet of Things (IoT) describes an ever-growing ecosystem of physical objects or things interconnected with each other and connected to the Internet. IoT devices consist of a wide range of highly heterogeneous inanimate and animate objects. Thus, a thing in the context of the IoT can even mean a person with blood pressure or heart rate monitor implant or a pet with a biochip transponder. IoT devices range from ordinary household appliances, such as smart light bulbs or smart coffee makers, to sophisticated tools for industrial automation. IoT is currently leading a revolutionary change in many industries and, as a result, a lot of industries and organizations are adopting the paradigm to gain a competitive edge. This allows them to boost operational efficiency and optimize system performance through real-time data management, which results in an optimized balance between energy usage and throughput. Another important application area is the Industrial Internet of Things (IIoT), which is the application of the IoT in industrial settings. This is also referred to as the Industrial Internet or Industry 4.0, where Cyber- Physical Systems (CPS) are interconnected using various technologies to achieve wireless control as well as advanced manufacturing and factory automation. IoT applications are becoming increasingly prevalent across many application domains, including smart healthcare, smart cities, smart grids, smart farming, and smart supply chain management. Similarly, IoT is currently transforming the way people live and work, and hence the demand for smart consumer products among people is also increasing steadily. Thus, many big industry giants, as well as startup companies, are competing to dominate the market with their new IoT products and services, and hence unlocking the business value of IoT. Despite its increasing popularity, potential benefits, and proven capabilities, IoT is still in its infancy and fraught with challenges. The technology is faced with many challenges, including connectivity issues, compatibility/interoperability between devices and systems, lack of standardization, management of the huge amounts of data, and lack of tools for forensic investigations. However, the state of insecurity and privacy concerns in the IoT are arguably among the key factors restraining the universal adoption of the technology. Consequently, many recent research studies reveal that there are security and privacy issues associated with the design and implementation of several IoT devices and Smart Applications (smart apps). This can be attributed, partly, to the fact that as some IoT device makers and smart apps development companies (especially the start-ups) reap business value from the huge IoT market, they tend to neglect the importance of security. As a result, many IoT devices and smart apps are created with security vulnerabilities, which have resulted in many IoT related security breaches in recent years. This thesis is focused on addressing the security and privacy challenges that were briefly highlighted in the previous paragraph. Given that the Internet is not a secure environ ment even for the traditional computer systems makes IoT systems even less secure due to the inherent constraints associated with many IoT devices. These constraints, which are mainly imposed by cost since many IoT edge devices are expected to be inexpensive and disposable, include limited energy resources, limited computational and storage capabilities, as well as lossy networks due to the much lower hardware performance compared to conventional computers. While there are many security and privacy issues in the IoT today, arguably a root cause of such issues is that many start-up IoT device manufacturers and smart apps development companies do not adhere to the concept of security by design. Consequently, some of these companies produce IoT devices and smart apps with security vulnerabilities. In recent years, attackers have exploited different security vulnerabilities in IoT infrastructures which have caused several data breaches and other security and privacy incidents involving IoT devices and smart apps. These have attracted significant attention from the research community in both academia and industry, resulting in a surge of proposals put forward by many researchers. Although research approaches and findings may vary across different research studies, the consensus is that a fundamental prerequisite for addressing IoT security and privacy challenges is to build security and privacy protection into IoT devices and smart apps from the very beginning. To this end, this thesis investigates how to bake security and privacy into IoT systems from the onset, and as its main objective, this thesis particularly focuses on providing a solution that can foster the design and development of secure IoT devices and smart apps, namely the IoT Hardware Platform Security Advisor (IoT-HarPSecA) framework. The security framework is expected to provide support to designers and developers in IoT start-up companies during the design and implementation of IoT systems. IoT-HarPSecA framework is also expected to facilitate the implementation of security in existing IoT systems. To accomplish the previously mentioned objective as well as to affirm the aforementioned assertion, the following step-by-step problem-solving approach is followed. The first step is an exhaustive survey of different aspects of IoT security and privacy, including security requirements in IoT architecture, security threats in IoT architecture, IoT application domains and their associated cyber assets, the complexity of IoT vulnerabilities, and some possible IoT security and privacy countermeasures; and the survey wraps up with a brief overview of IoT hardware development platforms. The next steps are the identification of many challenges and issues associated with the IoT, which narrowed down to the abovementioned fundamental security/privacy issue; followed by a study of different aspects of security implementation in the IoT. The remaining steps are the framework design thinking process, framework design and implementation, and finally, framework performance evaluation. IoT-HarPSecA offers three functionality features, namely security requirement elicitation security best practice guidelines for secure development, and above all, a feature that recommends specific Lightweight Cryptographic Algorithms (LWCAs) for both software and hardware implementations. Accordingly, IoT-HarPSecA is composed of three main components, namely Security Requirements Elicitation (SRE) component, Security Best Practice Guidelines (SBPG) component, and Lightweight Cryptographic Algorithms Recommendation (LWCAR) component, each of them servicing one of the aforementioned features. The author has implemented a command-line tool in C++ to serve as an interface between users and the security framework. This thesis presents a detailed description, design, and implementation of the SRE, SBPG, and LWCAR components of the security framework. It also presents real-world practical scenarios that show how IoT-HarPSecA can be used to elicit security requirements, generate security best practices, and recommend appropriate LWCAs based on user inputs. Furthermore, the thesis presents performance evaluation of the SRE, SBPG, and LWCAR components framework tools, which shows that IoT-HarPSecA can serve as a roadmap for secure IoT development.O termo Internet das coisas (IoT) é utilizado para descrever um ecossistema, em expansão, de objetos físicos ou elementos interconetados entre si e à Internet. Os dispositivos IoT consistem numa gama vasta e heterogénea de objetos animados ou inanimados e, neste contexto, podem pertencer à IoT um indivíduo com um implante que monitoriza a frequência cardíaca ou até mesmo um animal de estimação que tenha um biochip. Estes dispositivos variam entre eletrodomésticos, tais como máquinas de café ou lâmpadas inteligentes, a ferramentas sofisticadas de uso na automatização industrial. A IoT está a revolucionar e a provocar mudanças em várias indústrias e muitas adotam esta tecnologia para incrementar as suas vantagens competitivas. Este paradigma melhora a eficiência operacional e otimiza o desempenho de sistemas através da gestão de dados em tempo real, resultando num balanço otimizado entre o uso energético e a taxa de transferência. Outra área de aplicação é a IoT Industrial (IIoT) ou internet industrial ou Indústria 4.0, ou seja, uma aplicação de IoT no âmbito industrial, onde os sistemas ciberfísicos estão interconectados a diversas tecnologias de forma a obter um controlo de rede sem fios, bem como fabricações avançadas e automatização fabril. As aplicações da IoT estão a crescer e a tornarem-se predominantes em muitos domínios de aplicação inteligentes como sistemas de saúde, cidades, redes, agricultura e sistemas de fornecimento. Da mesma forma, a IoT está a transformar estilos de vida e de trabalho e assim, a procura por produtos inteligentes está constantemente a aumentar. As grandes indústrias e startups competem entre si de forma a dominar o mercado com os seus novos serviços e produtos IoT, desbloqueando o valor de negócio da IoT. Apesar da sua crescente popularidade, benefícios e capacidades comprovadas, a IoT está ainda a dar os seus primeiros passos e é confrontada com muitos desafios. Entre eles, problemas de conectividade, compatibilidade/interoperabilidade entre dispositivos e sistemas, falta de padronização, gestão das enormes quantidades de dados e ainda falta de ferramentas para investigações forenses. No entanto, preocupações quanto ao estado de segurança e privacidade ainda estão entre os fatores adversos à adesão universal desta tecnologia. Estudos recentes revelaram que existem questões de segurança e privacidade associadas ao design e implementação de vários dispositivos IoT e aplicações inteligentes (smart apps.), isto pode ser devido ao facto, em parte, de que alguns fabricantes e empresas de desenvolvimento de dispositivos (especialmente startups) IoT e smart apps., recolham o valor de negócio dos grandes mercados IoT, negligenciando assim a importância da segurança, resultando em dispositivos IoT e smart apps. com carências e violações de segurança da IoT nos últimos anos. Esta tese aborda os desafios de segurança e privacidade que foram supra mencionados. Visto que a Internet e os sistemas informáticos tradicionais são por vezes considerados inseguros, os sistemas IoT tornam-se ainda mais inseguros, devido a restrições inerentes a tais dispositivos. Estas restrições são impostas devido ao custo, uma vez que se espera que muitos dispositivos de ponta sejam de baixo custo e descartáveis, com recursos energéticos limitados, bem como limitações na capacidade de armazenamento e computacionais, e redes com perdas devido a um desempenho de hardware de qualidade inferior, quando comparados com computadores convencionais. Uma das raízes do problema é o facto de que muitos fabricantes, startups e empresas de desenvolvimento destes dispositivos e smart apps não adiram ao conceito de segurança por construção, ou seja, logo na conceção, não preveem a proteção da privacidade e segurança. Assim, alguns dos produtos e dispositivos produzidos apresentam vulnerabilidades na segurança. Nos últimos anos, hackers maliciosos têm explorado diferentes vulnerabilidades de segurança nas infraestruturas da IoT, causando violações de dados e outros incidentes de privacidade envolvendo dispositivos IoT e smart apps. Estes têm atraído uma atenção significativa por parte das comunidades académica e industrial, que culminaram num grande número de propostas apresentadas por investigadores científicos. Ainda que as abordagens de pesquisa e os resultados variem entre os diferentes estudos, há um consenso e pré-requisito fundamental para enfrentar os desafios de privacidade e segurança da IoT, que buscam construir proteção de segurança e privacidade em dispositivos IoT e smart apps. desde o fabrico. Para esta finalidade, esta tese investiga como produzir segurança e privacidade destes sistemas desde a produção, e como principal objetivo, concentra-se em fornecer soluções que possam promover a conceção e o desenvolvimento de dispositivos IoT e smart apps., nomeadamente um conjunto de ferramentas chamado Consultor de Segurança da Plataforma de Hardware da IoT (IoT-HarPSecA). Espera-se que o conjunto de ferramentas forneça apoio a designers e programadores em startups durante a conceção e implementação destes sistemas ou que facilite a integração de mecanismos de segurança nos sistemas préexistentes. De modo a alcançar o objetivo proposto, recorre-se à seguinte abordagem. A primeira fase consiste num levantamento exaustivo de diferentes aspetos da segurança e privacidade na IoT, incluindo requisitos de segurança na arquitetura da IoT e ameaças à sua segurança, os seus domínios de aplicação e os ativos cibernéticos associados, a complexidade das vulnerabilidades da IoT e ainda possíveis contramedidas relacionadas com a segurança e privacidade. Evolui-se para uma breve visão geral das plataformas de desenvolvimento de hardware da IoT. As fases seguintes consistem na identificação dos desafios e questões associadas à IoT, que foram restringidos às questões de segurança e privacidade. As demais etapas abordam o processo de pensamento de conceção (design thinking), design e implementação e, finalmente, a avaliação do desempenho. O IoT-HarPSecA é composto por três componentes principais: a Obtenção de Requisitos de Segurança (SRE), Orientações de Melhores Práticas de Segurança (SBPG) e a recomendação de Componentes de Algoritmos Criptográficos Leves (LWCAR) na implementação de software e hardware. O autor implementou uma ferramenta em linha de comandos usando linguagem C++ que serve como interface entre os utilizadores e a IoT-HarPSecA. Esta tese apresenta ainda uma descrição detalhada, desenho e implementação das componentes SRE, SBPG, e LWCAR. Apresenta ainda cenários práticos do mundo real que demostram como o IoT-HarPSecA pode ser utilizado para elicitar requisitos de segurança, gerar boas práticas de segurança (em termos de recomendações de implementação) e recomendar algoritmos criptográficos leves apropriados com base no contributo dos utilizadores. De igual forma, apresenta-se a avaliação do desempenho destes três componentes, demonstrando que o IoT-HarPSecA pode servir como um roteiro para o desenvolvimento seguro da IoT