Persistent monitoring of digital ICs to verify hardware trust

The specialization of the semiconductor industry has resulted in a global Integrated Circuit (IC) supply chain that is susceptible to hardware Trojans - malicious circuitry that is embedded into the chip during the design cycle. This nefarious attack could compromise the missioncritical systems which implement these devices. While a trusted domestic IC supply chain exists with resources such as the Trusted Foundry Program, it\u27s highly desirable to utilize the high yield, fast turn-around time, low cost, and leading-edge technology of the global IC supply chain. Research into the verification of hardware trust has made significant progress in recent years but is still far from a single, comprehensive solution. Most proposed solutions are one-time implementable methods that attempt to detect hardware Trojans during the verification stage of the IC development process. While this is a desirable solution, it\u27s not realistic given the current limitations of hardware Trojan detection techniques. We propose a more comprehensive solution that involves the persistent verification of hardware trust in the field, in addition to several one-time methods implemented during IC verification. We define a persistent verification framework that involves the use of a few ICs from a secure process flow to persistently monitor and verify the operation of several untrusted ICs from the global supply chain. This allows the system integrator to realize the benefits of the global IC supply chain while maintaining the integrity of the system. We develop a system monitor which filters the IO of untrusted digital ICs for a set of patterns, which we refer to as digital signal signatures, to verify the operation of the devices

A Survey on Integrated Circuit Trojans

Traditionally, computer security has been associated with the software security, or the information-data security. Surprisingly, the hardware on which the software executes or the information stored-processed-transmitted has been assumed to be a trusted base of security. The main building blocks of any electronic device are Integrated circuits (ICs) which form the fabric of a computer system. Lately, the use of ICs has expanded from handheld calculators and personal computers (PCs) to smartphones, servers, and Internet-of-Things (IoT) devices. However, this significant growth in the IC market created intense competition among IC vendors, leading to new trends in IC manufacturing. System-on-chip (SoC) design based on intellectual property (IP), a globally spread supply chain of production and distribution of ICs are the foremost of these trends. The emerging trends have resulted in many security and trust weaknesses and vulnerabilities, in computer systems. This includes Hardware Trojans attacks, side-channel attacks, Reverse-engineering, IP piracy, IC counterfeiting, micro probing, physical tampering, and acquisition of private or valuable assets by debugging and testing. IC security and trust vulnerabilities may cause loss of private information, modified/altered functions, which may cause a great economical hazard and big damage to society. Thus, it is crucial to examine the security and trust threats existing in the IC lifecycle and build defense mechanisms against IC Trojan threats. In this article, we examine the IC supply chain and define the possible IC Trojan threats for the parties involved. Then we survey the latest progress of research in the area of countermeasures against the IC Trojan attacks and discuss the challenges and expectations in this area. Keywords: IC supply chain, IC security, IP privacy, hardware trojans, IC trojans DOI: 10.7176/CEIS/12-2-01 Publication date: April 30th 202

Design, Fabrication, and Run-time Strategies for Hardware-Assisted Security

Today, electronic computing devices are critically involved in our daily lives, basic infrastructure, and national defense systems. With the growing number of threats against them, hardware-based security features offer the best chance for building secure and trustworthy cyber systems. In this dissertation, we investigate ways of making hardware-based security into a reality with primary focus on two areas: Hardware Trojan Detection and Physically Unclonable Functions (PUFs). Hardware Trojans are malicious modifications made to original IC designs or layouts that can jeopardize the integrity of hardware and software platforms. Since most modern systems critically depend on ICs, detection of hardware Trojans has garnered significant interest in academia, industry, as well as governmental agencies. The majority of existing detection schemes focus on test-time because of the limited hardware resources available at run-time. In this dissertation, we explore innovative run-time solutions that utilize on-chip thermal sensor measurements and fundamental estimation/detection theory to expose changes in IC power/thermal profile caused by Trojan activation. The proposed solutions are low overhead and also generalizable to many other sensing modalities and problem instances. Simulation results using state-of-the-art tools on publicly available Trojan benchmarks verify that our approaches can detect Trojans quickly and with few false positives. Physically Unclonable Functions (PUFs) are circuits that rely on IC fabrication variations to generate unique signatures for various security applications such as IC authentication, anti-counterfeiting, cryptographic key generation, and tamper resistance. While the existence of variations has been well exploited in PUF design, knowledge of exactly how variations come into existence has largely been ignored. Yet, for several decades the Design-for-Manufacturability (DFM) community has actually investigated the fundamental sources of these variations. Furthermore, since manufacturing variations are often harmful to IC yield, the existing DFM tools have been geared towards suppressing them (counter-intuitive for PUFs). In this dissertation, we make several improvements over current state-of-the-art work in PUFs. First, our approaches exploit existing DFM models to improve PUFs at physical layout and mask generation levels. Second, our proposed algorithms reverse the role of standard DFM tools and extend them towards improving PUF quality without harming non-PUF portions of the IC. Finally, since our approaches occur after design and before fabrication, they are applicable to all types of PUFs and have little overhead in terms of area, power, etc. The innovative and unconventional techniques presented in this dissertation should act as important building blocks for future work in cyber security

A Unified Submodular Framework for Multimodal IC Trojan Detection

Abstract. This paper presents a unified formal framework for inte-grated circuits (IC) Trojan detection that can simultaneously employ multiple noninvasive measurement types. Hardware Trojans refer to modifications, alterations, or insertions to the original IC for adversarial purposes. The new framework formally defines the IC Trojan detection for each measurement type as an optimization problem and discusses the complexity. A formulation of the problem that is applicable to a large class of Trojan detection problems and is submodular is devised. Based on the objective function properties, an efficient Trojan detection method with strong approximation and optimality guarantees is intro-duced. Signal processing methods for calibrating the impact of inter-chip and intra-chip correlations are presented. We propose a number of meth-ods for combining the detections of the different measurement types. Experimental evaluations on benchmark designs reveal the low-overhead and effectiveness of the new Trojan detection framework and provides a comparison of different detection combining methods.

Analog hardware security and hardware authentication

Hardware security and hardware authentication have become more and more important concerns in the manufacture of trusted integrated circuits. In this dissertation, a detailed study of hardware Trojans in analog circuits characterized by the presence of extra operating points or modes is presented. In a related study, a counterfeit countermeasure method based upon PUF authentication circuits is proposed for addressing the growing proliferation of counterfeit integrated circuits in the supply chain. Most concerns about hardware Trojans in semiconductor devices are based upon an implicit assumption that attackers will focus on embedding Trojans in digital hardware by making malicious modifications to the Boolean operation of a circuit. In stark contrast, hardware Trojans can be easily embedded in some of the most basic analog circuits. In this work, a particularly insidious class of analog hardware Trojans that require no architectural modifications, no area or power overhead, and prior to triggering, that leave no signatures in any power domains or delay paths is introduced. The Power/Architecture/Area/Signature Transparent (PAAST) characteristics help the Trojan “hide” and make them very difficult to detect with existing hardware Trojan detection methods. Cleverly hidden PAAST Trojans are nearly impossible to detect with the best simulation and verification tools, even if a full and accurate disclosure of the circuit schematic and layout is available. Aside from the work of the author of this dissertation and her classmates, the literature is void of discussions of PAAST analog hardware Trojans. In this work, examples of circuits showing the existence of PAAST analog hardware Trojans are given, the PAAST characteristics of these types of hardware Trojans are discussed, and heuristic detection methods that can help to detect these analog hardware Trojans are proposed. Another major and growing problem in the modern IC supply chain is the proliferation of counterfeit chips that are often characterized by different or inferior performance characteristics and reduced reliability when compared with authentic parts. A counterfeit countermeasure method is proposed that should lower the entry barrier for major suppliers of commercial off the shelf (COTS) parts to offer authenticated components to the military and other customers that have high component reliability requirements. The countermeasure is based upon a PUF authentication circuit that requires no area, pin, or power overhead, and causes no degradation of performance of existing and future COTS components

Modeling and model-aware signal processing methods for enhancement of optical systems

Theoretical and numerical modeling of optical systems are increasingly being utilized in a wide range of areas in physics and engineering for characterizing and improving existing systems or developing new methods. This dissertation focuses on determining and improving the performance of imaging and non-imaging optical systems through modeling and developing model-aware enhancement methods. We evaluate the performance, demonstrate enhancements in terms of resolution and light collection efficiency, and improve the capabilities of the systems through changes to the system design and through post-processing techniques. We consider application areas in integrated circuit (IC) imaging for fault analysis and malicious circuitry detection, and free-form lens design for creating prescribed illumination patterns. The first part of this dissertation focuses on sub-surface imaging of ICs for fault analysis using a solid immersion lens (SIL) microscope. We first derive the Green's function of the microscope and use it to determine its resolution limits for bulk silicon and silicon-on-insulator (SOI) chips. We then propose an optimization framework for designing super-resolving apodization masks that utilizes the developed model and demonstrate the trade-offs in designing such masks. Finally, we derive the full electromagnetic model of the SIL microscope that models the image of an arbitrary sub-surface structure. With the rapidly shrinking dimensions of ICs, we are increasingly limited in resolving the features and identifying potential modifications despite the resolution improvements provided by the state-of-the-art microscopy techniques and enhancement methods described here. In the second part of this dissertation, we shift our focus away from improving the resolution and consider an optical framework that does not require high resolution imaging for detecting malicious circuitry. We develop a classification-based high-throughput gate identification method that utilizes the physical model of the optical system. We then propose a lower-throughput system to increase the detection accuracy, based on higher resolution imaging to supplement the former method. Finally, we consider the problem of free-form lens design for forming prescribed illumination patterns as a non-imaging application. Common methods that design free-form lenses for forming patterns consider the input light source to be a point source, however using extended light sources with such lenses lead to significant blurring in the resulting pattern. We propose a deconvolution-based framework that utilizes the lens geometry to model the blurring effects and eliminates this degradation, resulting in sharper patterns