23 research outputs found
Towards trustworthy computing on untrustworthy hardware
Historically, hardware was thought to be inherently secure and trusted due to its
obscurity and the isolated nature of its design and manufacturing. In the last two
decades, however, hardware trust and security have emerged as pressing issues.
Modern day hardware is surrounded by threats manifested mainly in undesired
modifications by untrusted parties in its supply chain, unauthorized and pirated
selling, injected faults, and system and microarchitectural level attacks. These threats,
if realized, are expected to push hardware to abnormal and unexpected behaviour
causing real-life damage and significantly undermining our trust in the electronic and
computing systems we use in our daily lives and in safety critical applications. A
large number of detective and preventive countermeasures have been proposed in
literature. It is a fact, however, that our knowledge of potential consequences to
real-life threats to hardware trust is lacking given the limited number of real-life
reports and the plethora of ways in which hardware trust could be undermined. With
this in mind, run-time monitoring of hardware combined with active mitigation of
attacks, referred to as trustworthy computing on untrustworthy hardware, is proposed
as the last line of defence. This last line of defence allows us to face the issue of live
hardware mistrust rather than turning a blind eye to it or being helpless once it occurs.
This thesis proposes three different frameworks towards trustworthy computing
on untrustworthy hardware. The presented frameworks are adaptable to different
applications, independent of the design of the monitored elements, based on
autonomous security elements, and are computationally lightweight. The first
framework is concerned with explicit violations and breaches of trust at run-time,
with an untrustworthy on-chip communication interconnect presented as a potential
offender. The framework is based on the guiding principles of component guarding,
data tagging, and event verification. The second framework targets hardware elements
with inherently variable and unpredictable operational latency and proposes a
machine-learning based characterization of these latencies to infer undesired latency
extensions or denial of service attacks. The framework is implemented on a DDR3
DRAM after showing its vulnerability to obscured latency extension attacks. The
third framework studies the possibility of the deployment of untrustworthy hardware
elements in the analog front end, and the consequent integrity issues that might arise
at the analog-digital boundary of system on chips. The framework uses machine
learning methods and the unique temporal and arithmetic features of signals at this
boundary to monitor their integrity and assess their trust level
Understanding Quantum Technologies 2022
Understanding Quantum Technologies 2022 is a creative-commons ebook that
provides a unique 360 degrees overview of quantum technologies from science and
technology to geopolitical and societal issues. It covers quantum physics
history, quantum physics 101, gate-based quantum computing, quantum computing
engineering (including quantum error corrections and quantum computing
energetics), quantum computing hardware (all qubit types, including quantum
annealing and quantum simulation paradigms, history, science, research,
implementation and vendors), quantum enabling technologies (cryogenics, control
electronics, photonics, components fabs, raw materials), quantum computing
algorithms, software development tools and use cases, unconventional computing
(potential alternatives to quantum and classical computing), quantum
telecommunications and cryptography, quantum sensing, quantum technologies
around the world, quantum technologies societal impact and even quantum fake
sciences. The main audience are computer science engineers, developers and IT
specialists as well as quantum scientists and students who want to acquire a
global view of how quantum technologies work, and particularly quantum
computing. This version is an extensive update to the 2021 edition published in
October 2021.Comment: 1132 pages, 920 figures, Letter forma
Energy Harvesting and Sensor Based Hardware Security Primitives for Cyber-Physical Systems
The last few decades have seen a large proliferation in the prevalence of cyber-physical systems. Although cyber-physical systems can offer numerous advantages to society, their large scale adoption does not come without risks. Internet of Things (IoT) devices can be considered a significant component within cyber-physical systems. They can provide network communication in addition to controlling the various sensors and actuators that exist within the larger cyber-physical system. The adoption of IoT features can also provide attackers with new potential avenues to access and exploit a system\u27s vulnerabilities. Previously, existing systems could more or less be considered a closed system with few potential points of access for attackers. Security was thus not typically a core consideration when these systems were originally designed. The cumulative effect is that these systems are now vulnerable to new security risks without having native security countermeasures that can easily address these vulnerabilities. Even just adding standard security features to these systems is itself not a simple task. The devices that make up these systems tend to have strict resource constraints in the form of power consumption and processing power. In this dissertation, we explore how security devices known as Physically Unclonable Functions (PUFs) could be used to address these concerns.
PUFs are a class of circuits that are unique and unclonable due to inherent variations caused by the device manufacturing process. We can take advantage of these PUF properties by using the outputs of PUFs to generate secret keys or pseudonyms that are similarly unique and unclonable. Existing PUF designs are commonly based around transistor level variations in a special purpose integrated circuit (IC). Integrating these designs within a system would still require additional hardware along with system modification to interact with the device. We address these concerns by proposing a novel PUF design methodology for the creation of PUFs whose integration within these systems would minimize the cost of redesigning the system by reducing the need to add additional hardware. This goal is achieved by creating PUF designs from components that may already exist within these systems.
A PUF designed from existing components creates the possibility of adding a PUF (and thus security features) to the system without actually adding any additional hardware. This could allow PUFs to become a more attractive security option for integration with resource constrained devices. Our proposed approach specifically targets sensors and energy harvesting devices since they can provide core functions within cyber-physical systems such as power generation and sensing capabilities. These components are known to exhibit variations due to the manufacturing process and could thus be utilized to design a PUF. Our first contribution is the proposal of a novel PUF design methodology based on using components which are already commonly found within cyber-physical systems. The proposed methodology uses eight sensors or energy harvesting devices along with a microcontroller.
It is unlikely that single type of sensor or energy harvester will exist in all possible cyber-physical systems. Therefore, it is important to create a range of designs in order to reach a greater portion of cyber-physical systems. The second contribution of this work is the design of a PUF based on piezo sensors. Our third contribution is the design of a PUF that utilizes thermistor temperature sensors. The fourth contribution of this work is a proposed solar cell based PUF design. Furthermore, as a fifth contribution of this dissertation we evaluate a selection of common solar cell materials to establish which type of solar cell would be best suited to the creation of a PUF based on the operating conditions. The viability of the proposed designs is evaluated through testing in terms of reliability and uniformity. In addition, Monte Carlo simulations are performed to evaluate the uniqueness property of the designs.
For our final contribution we illustrate the security benefits that can be achieved through the adoption of PUFs by cyber-physical systems. For this purpose we chose to highlight vehicles since they are a very popular example of a cyber-physical system and they face unique security challenges which are not readily solvable by standard solutions. Our contribution is the proposal of a novel controller area network (CAN) security framework that is based on PUFs. The framework does not require any changes to the underlying CAN protocol and also minimizes the amount of additional message passing overhead needed for its operation. The proposed framework is a good example of how the cost associated with implementing such a framework could be further reduced through the adoption of our proposed PUF designs. The end result is a method which could introduce security to an inherently insecure system while also making its integration as seamless as possible by attempting to minimize the need for additional hardware
Intelligent Circuits and Systems
ICICS-2020 is the third conference initiated by the School of Electronics and Electrical Engineering at Lovely Professional University that explored recent innovations of researchers working for the development of smart and green technologies in the fields of Energy, Electronics, Communications, Computers, and Control. ICICS provides innovators to identify new opportunities for the social and economic benefits of society. This conference bridges the gap between academics and R&D institutions, social visionaries, and experts from all strata of society to present their ongoing research activities and foster research relations between them. It provides opportunities for the exchange of new ideas, applications, and experiences in the field of smart technologies and finding global partners for future collaboration. The ICICS-2020 was conducted in two broad categories, Intelligent Circuits & Intelligent Systems and Emerging Technologies in Electrical Engineering
Smart Wireless Sensor Networks
The recent development of communication and sensor technology results in the growth of a new attractive and challenging area - wireless sensor networks (WSNs). A wireless sensor network which consists of a large number of sensor nodes is deployed in environmental fields to serve various applications. Facilitated with the ability of wireless communication and intelligent computation, these nodes become smart sensors which do not only perceive ambient physical parameters but also be able to process information, cooperate with each other and self-organize into the network. These new features assist the sensor nodes as well as the network to operate more efficiently in terms of both data acquisition and energy consumption. Special purposes of the applications require design and operation of WSNs different from conventional networks such as the internet. The network design must take into account of the objectives of specific applications. The nature of deployed environment must be considered. The limited of sensor nodes� resources such as memory, computational ability, communication bandwidth and energy source are the challenges in network design. A smart wireless sensor network must be able to deal with these constraints as well as to guarantee the connectivity, coverage, reliability and security of network's operation for a maximized lifetime. This book discusses various aspects of designing such smart wireless sensor networks. Main topics includes: design methodologies, network protocols and algorithms, quality of service management, coverage optimization, time synchronization and security techniques for sensor networks
Recent Application in Biometrics
In the recent years, a number of recognition and authentication systems based on biometric measurements have been proposed. Algorithms and sensors have been developed to acquire and process many different biometric traits. Moreover, the biometric technology is being used in novel ways, with potential commercial and practical implications to our daily activities. The key objective of the book is to provide a collection of comprehensive references on some recent theoretical development as well as novel applications in biometrics. The topics covered in this book reflect well both aspects of development. They include biometric sample quality, privacy preserving and cancellable biometrics, contactless biometrics, novel and unconventional biometrics, and the technical challenges in implementing the technology in portable devices. The book consists of 15 chapters. It is divided into four sections, namely, biometric applications on mobile platforms, cancelable biometrics, biometric encryption, and other applications. The book was reviewed by editors Dr. Jucheng Yang and Dr. Norman Poh. We deeply appreciate the efforts of our guest editors: Dr. Girija Chetty, Dr. Loris Nanni, Dr. Jianjiang Feng, Dr. Dongsun Park and Dr. Sook Yoon, as well as a number of anonymous reviewers
Securing Critical Infrastructures
1noL'abstract è presente nell'allegato / the abstract is in the attachmentopen677. INGEGNERIA INFORMATInoopenCarelli, Albert
Segurança de computadores por meio de autenticação intrínseca de hardware
Orientadores: Guido Costa Souza de Araújo, Mario Lúcio Côrtes e Diego de Freitas AranhaTese (doutorado) - Universidade Estadual de Campinas, Instituto de ComputaçãoResumo: Neste trabalho apresentamos Computer Security by Hardware-Intrinsic Authentication (CSHIA), uma arquitetura de computadores segura para sistemas embarcados que tem como objetivo prover autenticidade e integridade para código e dados. Este trabalho está divido em três fases: Projeto da Arquitetura, sua Implementação, e sua Avaliação de Segurança. Durante a fase de projeto, determinamos como integridade e autenticidade seriam garantidas através do uso de Funções Fisicamente Não Clonáveis (PUFs) e propusemos um algoritmo de extração de chaves criptográficas de memórias cache de processadores. Durante a implementação, flexibilizamos o projeto da arquitetura para fornecer diferentes possibilidades de configurações sem comprometimento da segurança. Então, avaliamos seu desempenho levando em consideração o incremento em área de chip, aumento de consumo de energia e memória adicional para diferentes configurações. Por fim, analisamos a segurança de PUFs e desenvolvemos um novo ataque de canal lateral que circunvê a propriedade de unicidade de PUFs por meio de seus elementos de construçãoAbstract: This work presents Computer Security by Hardware-Intrinsic Authentication (CSHIA), a secure computer architecture for embedded systems that aims at providing authenticity and integrity for code and data. The work encompassed three phases: Design, Implementation, and Security Evaluation. In design, we laid out the basic ideas behind CSHIA, namely, how integrity and authenticity are employed through the use of Physical Unclonable Functions (PUFs), and we proposed an algorithm to extract cryptographic keys from the intrinsic memories of processors. In implementation, we made CSHIA¿s design more flexible, allowing different configurations without compromising security. Then, we evaluated CSHIA¿s performance and overheads, such as area, energy, and memory, for multiple configurations. Finally, we evaluated security of PUFs, which led us to develop a new side-channel-based attack that enabled us to circumvent PUFs¿ uniqueness property through their architectural elementsDoutoradoCiência da ComputaçãoDoutor em Ciência da Computação2015/06829-2; 2016/25532-3147614/2014-7FAPESPCNP
Security assessment for automotive controllers using side channel and fault injection attacks
Embedded security is nowadays a hot topic. With the arrival of Internet of Things and the increasing presence of embedded electronics in automotive systems, security has become an important factor in product design. This work is aimed to test the security capabilities of automotive electronic devices, using physical attacks such as fault injection and other side-channel techniques. Modern integrated circuits implement countermeasures to such attacks, but it has been proven that those countermeasures were designed with safety in mind, as automotive applications usually requiEmbedded security is nowadays a hot topic. With the arrival of Internet of Things and the increasing demand of connectivity for embedded systems in many industrial markets, including automotive systems, security has become an important factor in product design. This thesis is aimed to test the security capabilities of automotive electronic devices, using physical attacks known as fault injection. Although other industries have been using countermeasures against physical attacks for decades, these are rarely used in automotive embedded systems. Automotive industry efforts have been focused in improving safety and reliability (e.g. ISO 26262 ASIL certification) instead of security. Previous research proved the risk of fault injection attacks on automotive SoCs, but these works were limited to small testing applications running on evaluation boards and not real automotive systems. The current work aims to assess the security of off-the-shelf automotive systems running real applications. More specifically, fault injection attacks are used to bypass the authentication mechanism of the Unified Diagnostic System (ISO 14229) present in two different commercial car dashboards. The findings are exposed in order to suggest design improvements and recommendations for a more secure automotive embedded systems and SoCs