A Survey on Integrated Circuit Trojans

Traditionally, computer security has been associated with the software security, or the information-data security. Surprisingly, the hardware on which the software executes or the information stored-processed-transmitted has been assumed to be a trusted base of security. The main building blocks of any electronic device are Integrated circuits (ICs) which form the fabric of a computer system. Lately, the use of ICs has expanded from handheld calculators and personal computers (PCs) to smartphones, servers, and Internet-of-Things (IoT) devices. However, this significant growth in the IC market created intense competition among IC vendors, leading to new trends in IC manufacturing. System-on-chip (SoC) design based on intellectual property (IP), a globally spread supply chain of production and distribution of ICs are the foremost of these trends. The emerging trends have resulted in many security and trust weaknesses and vulnerabilities, in computer systems. This includes Hardware Trojans attacks, side-channel attacks, Reverse-engineering, IP piracy, IC counterfeiting, micro probing, physical tampering, and acquisition of private or valuable assets by debugging and testing. IC security and trust vulnerabilities may cause loss of private information, modified/altered functions, which may cause a great economical hazard and big damage to society. Thus, it is crucial to examine the security and trust threats existing in the IC lifecycle and build defense mechanisms against IC Trojan threats. In this article, we examine the IC supply chain and define the possible IC Trojan threats for the parties involved. Then we survey the latest progress of research in the area of countermeasures against the IC Trojan attacks and discuss the challenges and expectations in this area. Keywords: IC supply chain, IC security, IP privacy, hardware trojans, IC trojans DOI: 10.7176/CEIS/12-2-01 Publication date: April 30th 202

DeMiST: Detection and Mitigation of Stealthy Analog Hardware Trojans

The global semiconductor supply chain involves design and fabrication at various locations, which leads to multiple security vulnerabilities, e.g., Hardware Trojan (HT) insertion. Although most HTs target digital circuits, HTs can be inserted in analog circuits. Therefore, several techniques have been developed for HT insertions in analog circuits. Capacitance-based Analog Hardware Trojan (AHT) is one of the stealthiest HT that can bypass most existing HT detection techniques because it uses negligible charge accumulation in the capacitor to generate stealthy triggers. To address the charge sharing and accumulation issues, we propose a novel way to detect such capacitance-based AHT in this paper. Secondly, we critically analyzed existing AHTs to highlight their respective limitations. We proposed a stealthier capacitor-based AHT (fortified AHT) that can bypass our novel AHT detection technique by addressing these limitations. Finally, by critically analyzing the proposed fortified AHT and existing AHTs, we developed a robust two-phase framework (DeMiST) in which a synchronous system can mitigate the effects of capacitance-based stealthy AHTs by turning off the triggering capability of AHT. In the first phase, we demonstrate how the synchronous system can avoid the AHT during run-time by controlling the supply voltage of the intermediate combinational circuits. In the second phase, we proposed a supply voltage duty cycle-based validation technique to detect capacitance-based AHTs. Furthermore, DeMiST amplified the switching activity for charge accumulation to such a degree that it can be easily detectable using existing switching activity-based HT detection techniques.Comment: Accepted at ACM Hardware and Architectural Support for Security and Privacy (HASP) 202

An On-chip PVT Resilient Short Time Measurement Technique

As the CMOS technology nodes continue to shrink, the challenges of developing manufacturing tests for integrated circuits become more difficult to address. To detect parametric faults of new generation of integrated circuits such as 3D ICs, on-chip short-time intervals have to be accurately measured. The accuracy of an on-chip time measurement module is heavily affected by Process, supply Voltage, and Temperature (PVT) variations. This work presents a new on-chip time measurement scheme where the undesired effects of PVT variations are attenuated significantly. To overcome the effects of PVT variations on short-time measurement, phase locking methodology is utilized to implement a robust Vernier delay line. A prototype Time-to-Digital Converter (TDC) has been fabricated using TSMC 0.180 µm CMOS technology and experimental measurements have been carried out to verify the performance parameters of the TDC. The measurement results indicate that the proposed solution reduces the effects of PVT variations by more than tenfold compared to a conventional on-chip TDC. A coarse-fine time interval measurement scheme which is resilient to the PVT variations is also proposed. In this approach, two Delay Locked Loops (DLLs) are utilized to minimize the effects of PVT on the measured time intervals. The proposed scheme has been implemented using CMOS 65nm technology. Simulation results using Advanced Design System (ADS) indicate that the measurement resolution varies by less than 0.1ps with ±15% variations of the supply voltage. The proposed method also presents a robust performance against process and temperature variations. The measurement accuracy changes by a maximum of 0.05ps from slow to fast corners. The implemented TDC presents a robust performance against temperature variations too and its measurement accuracy varies a few femto-seconds from -40 ºC to +100 ºC. The principle of robust short-time measurement was used in practice to design and implement a state-of-the-art Coordinate Measuring Machine (CMM) for an industry partner to measure geometrical features of transmission parts with micrometer resolution. The solution developed for the industry partner has resulted in a patent and a product in the market. The on-chip short-time measurement technology has also been utilized to develop a solution to detect Hardware Trojans

Techniques for Improving Security and Trustworthiness of Integrated Circuits

The integrated circuit (IC) development process is becoming increasingly vulnerable to malicious activities because untrusted parties could be involved in this IC development flow. There are four typical problems that impact the security and trustworthiness of ICs used in military, financial, transportation, or other critical systems: (i) Malicious inclusions and alterations, known as hardware Trojans, can be inserted into a design by modifying the design during GDSII development and fabrication. Hardware Trojans in ICs may cause malfunctions, lower the reliability of ICs, leak confidential information to adversaries or even destroy the system under specifically designed conditions. (ii) The number of circuit-related counterfeiting incidents reported by component manufacturers has increased significantly over the past few years with recycled ICs contributing the largest percentage of the total reported counterfeiting incidents. Since these recycled ICs have been used in the field before, the performance and reliability of such ICs has been degraded by aging effects and harsh recycling process. (iii) Reverse engineering (RE) is process of extracting a circuit’s gate-level netlist, and/or inferring its functionality. The RE causes threats to the design because attackers can steal and pirate a design (IP piracy), identify the device technology, or facilitate other hardware attacks. (iv) Traditional tools for uniquely identifying devices are vulnerable to non-invasive or invasive physical attacks. Securing the ID/key is of utmost importance since leakage of even a single device ID/key could be exploited by an adversary to hack other devices or produce pirated devices. In this work, we have developed a series of design and test methodologies to deal with these four challenging issues and thus enhance the security, trustworthiness and reliability of ICs. The techniques proposed in this thesis include: a path delay fingerprinting technique for detection of hardware Trojans, recycled ICs, and other types counterfeit ICs including remarked, overproduced, and cloned ICs with their unique identifiers; a Built-In Self-Authentication (BISA) technique to prevent hardware Trojan insertions by untrusted fabrication facilities; an efficient and secure split manufacturing via Obfuscated Built-In Self-Authentication (OBISA) technique to prevent reverse engineering by untrusted fabrication facilities; and a novel bit selection approach for obtaining the most reliable bits for SRAM-based physical unclonable function (PUF) across environmental conditions and silicon aging effects