3D Integration: Another Dimension Toward Hardware Security

We review threats and selected schemes concerning hardware security at design and manufacturing time as well as at runtime. We find that 3D integration can serve well to enhance the resilience of different hardware security schemes, but it also requires thoughtful use of the options provided by the umbrella term of 3D integration. Toward enforcing security at runtime, we envision secure 2.5D system-level integration of untrusted chips and "all around" shielding for 3D ICs.Comment: IEEE IOLTS 201

Circuit Design Obfuscation for Hardware Security

Nowadays, chip design and chip fabrication are normally conducted separately by independent companies. Most integrated circuit (IC) design companies are now adopting a fab-less model: they outsource the chip fabrication to offshore foundries while concentrating their effort and resource on the chip design. Although it is cost-effective, the outsourced design faces various security threats since the offshore foundries might not be trustworthy. Attacks on the outsourced IC design can take on many forms, such as piracy, counterfeiting, overproduction and malicious modification, which are referred to as IC supply chain attacks. In this work, we investigate several circuit design obfuscation techniques to prevent the IC supply chain attacks by untrusted foundries. Logic locking is a gate-level design obfuscation technique that's proposed to protect the outsourced IC designs from piracy and counterfeiting by untrusted foundries. A locked IC preserves the correct functionality only when a correct key is provided. Recently, the security of logic locking is threatened by a strong attack called SAT attack, which can decipher the correct key of most logic locking techniques within a few hours even for a reasonably large key-size. In this dissertation, we investigate design techniques to improve the security of logic locking in three directions. Firstly, we propose a new locking technique called Anti-SAT to thwart the SAT attack. The Anti-SAT can make the complexity of SAT attack grow exponentially in key-size, hence making the attack computationally infeasible. Secondly, we consider an approximate version of SAT attack and investigate its application on fault-tolerant hardware such as neural network chips. Countermeasure to this approximate SAT attack is proposed and validated with rigorous proof and experiments. Lastly, we explore new opportunities in obfuscating the parametric characteristics of a circuit design (e.g. timing) so that another layer of defense can be added to existing countermeasures. Split fabrication based on 3D integration technology is another approach to obfuscate the outsourced IC designs. 3D integration is a technology that integrates multiple 2D dies to create a single high-performance chip, referred to as 3D IC. With 3D integration, a designer can choose a portion of IC design at his discretion and send them to a trusted foundry for secure fabrication while outsourcing the rest to untrusted foundries for advanced fabrication technology. In this dissertation, we propose a security-aware physical design flow for interposer-based 3D IC (also known as 2.5D IC). The design flow consists of security-aware partitioning and placement phases, which aim at obfuscating the circuit while preventing potential attacks such as proximity attack. Simulation results show that our proposed design flow is effective for producing secure chip layouts against the IC supply chain attacks. The circuit design obfuscation techniques presented in this dissertation enable future chip designers to take security into consideration at an early phase while optimizing the chip's performance, power, and reliability

A Survey on Integrated Circuit Trojans

Traditionally, computer security has been associated with the software security, or the information-data security. Surprisingly, the hardware on which the software executes or the information stored-processed-transmitted has been assumed to be a trusted base of security. The main building blocks of any electronic device are Integrated circuits (ICs) which form the fabric of a computer system. Lately, the use of ICs has expanded from handheld calculators and personal computers (PCs) to smartphones, servers, and Internet-of-Things (IoT) devices. However, this significant growth in the IC market created intense competition among IC vendors, leading to new trends in IC manufacturing. System-on-chip (SoC) design based on intellectual property (IP), a globally spread supply chain of production and distribution of ICs are the foremost of these trends. The emerging trends have resulted in many security and trust weaknesses and vulnerabilities, in computer systems. This includes Hardware Trojans attacks, side-channel attacks, Reverse-engineering, IP piracy, IC counterfeiting, micro probing, physical tampering, and acquisition of private or valuable assets by debugging and testing. IC security and trust vulnerabilities may cause loss of private information, modified/altered functions, which may cause a great economical hazard and big damage to society. Thus, it is crucial to examine the security and trust threats existing in the IC lifecycle and build defense mechanisms against IC Trojan threats. In this article, we examine the IC supply chain and define the possible IC Trojan threats for the parties involved. Then we survey the latest progress of research in the area of countermeasures against the IC Trojan attacks and discuss the challenges and expectations in this area. Keywords: IC supply chain, IC security, IP privacy, hardware trojans, IC trojans DOI: 10.7176/CEIS/12-2-01 Publication date: April 30th 202

ToSHI - Towards Secure Heterogeneous Integration: Security Risks, Threat Assessment, and Assurance

The semiconductor industry is entering a new age in which device scaling and cost reduction will no longer follow the decades-long pattern. Packing more transistors on a monolithic IC at each node becomes more difficult and expensive. Companies in the semiconductor industry are increasingly seeking technological solutions to close the gap and enhance cost-performance while providing more functionality through integration. Putting all of the operations on a single chip (known as a system on a chip, or SoC) presents several issues, including increased prices and greater design complexity. Heterogeneous integration (HI), which uses advanced packaging technology to merge components that might be designed and manufactured independently using the best process technology, is an attractive alternative. However, although the industry is motivated to move towards HI, many design and security challenges must be addressed. This paper presents a three-tier security approach for secure heterogeneous integration by investigating supply chain security risks, threats, and vulnerabilities at the chiplet, interposer, and system-in-package levels. Furthermore, various possible trust validation methods and attack mitigation were proposed for every level of heterogeneous integration. Finally, we shared our vision as a roadmap toward developing security solutions for a secure heterogeneous integration

Hardware Attacks and Mitigation Techniques

Today, electronic devices have been widely deployed in our daily lives, basic infrastructure such as financial and communication systems, and military systems. Over the past decade, there have been a growing number of threats against them, posing great danger on these systems. Hardware-based countermeasures offer a low-performance overhead for building secure systems. In this work, we investigate what hardware-based attacks are possible against modern computers and electronic devices. We then explore several design and verification techniques to enhance hardware security with primary focus on two areas: hardware Trojans and side-channel attacks. Hardware Trojans are malicious modifications to the original integrated circuits (ICs). Due to the trend of outsourcing designs to foundries overseas, the threat of hardware Trojans is increasing. Researchers have proposed numerous detection methods, which either take place at test-time or monitor the IC for unexpected behavior at run-time. Most of these methods require the possession of a Trojan-free IC, which is hard to obtain. In this work, we propose an innovative way to detect Trojans using reverse-engineering. Our method eliminates the need for a Trojan-free IC. In addition, it avoids the costly and error-prone steps in the reverse-engineering process and achieves significantly good detection accuracy. We also notice that in the current literature, very little effort has been made to design-time strategies that help to make test-time or run-time detection of Trojans easier. To address this issue, we develop techniques that can improve the sensitivity of designs to test-time detection approaches. Experiments show that using our method, we could detect a lot more Trojans with very small power/area overhead and no timing violations. Side-channel attack (SCA) is another form of hardware attack in which the adversary measures some side-channel information such as power, temperature, timing, etc. and deduces some critical information about the underlying system. We first investigate countermeasures for timing SCAs on cache. These attacks have been demonstrated to be able to successfully break many widely-used modern ciphers. Existing hardware countermeasures usually have heavy performance overhead. We innovatively apply 3D integration techniques to solve the problem. We investigate the implication of 3D integration on timing SCAs on cache and propose several countermeasures that utilize 3D integration techniques. Experimental results show that our countermeasures increase system security significantly while still achieving some performance gain over a 2D baseline system. We also investigate the security of Oblivious RAM (ORAM), which is a newly proposed hardware primitive to hide memory access patterns. We demonstrate both through simulations and on FPGA board that timing SCAs can break many ORAM protocols. Some general guidelines in secure ORAM implementations are also provided. We hope that our findings will motivate a new line of research in making ORAMs more secure

Design, Extraction, and Optimization Tool Flows and Methodologies for Homogeneous and Heterogeneous Multi-Chip 2.5D Systems

Chip and packaging industries are making significant progress in 2.5D design as a result of increasing popularity of their application. In advanced high-density 2.5D packages, package redistribution layers become similar to chip Back-End-of-Line routing layers, and the gap between them scales down with pin density improvement. Chiplet-package interactions become significant and severely affect system performance and reliability. Moreover, 2.5D integration offers opportunities to apply novel design techniques. The traditional die-by-die design approach neither carefully considers these interactions nor fully exploits the cross-boundary design opportunities. This thesis presents chiplet-package cross-boundary design, extraction, analysis, and optimization tool flows and methodologies for high-density 2.5D packaging technologies. A holistic flow is presented that can capture all parasitics from chiplets and the package and improve system performance through iterative optimizations. Several design techniques are demonstrated for agile development and quick turn-around time. To validate the flow in silicon, a chip was taped out and studied in TSMC 65nm technology. As the holistic flow cannot handle heterogeneous technologies, in-context flows are presented. Three different flavors of the in-context flow are presented, which offer trade-offs between scalability and accuracy in heterogeneous 2.5D system designs. Inductance is an inseparable part of a package design. A holistic flow is presented that takes package inductance into account in timing analysis and optimization steps. Custom CAD tools are developed to make these flows compatible with the industry standard tools and the foundry model. To prove the effectiveness of the flows several design cases of an ARM Cortex-M0 are implemented for comparitive study

TAO: Techniques for algorithm-level obfuscation during high-level synthesis

Intellectual Property (IP) theft costs semiconductor design companies billions of dollars every year. Unauthorized IP copies start from reverse engineering the given chip. Existing techniques to protect against IP theft aim to hide the IC's functionality, but focus on manipulating the HDL descriptions. We propose TAO as a comprehensive solution based on high-level synthesis to raise the abstraction level and apply algorithmic obfuscation automatically. TAO includes several transformations that make the component hard to reverse engineer during chip fabrication, while a key is later inserted to unlock the functionality. Finally, this is a promising approach to obfuscate large-scale designs despite the hardware overhead needed to implement the obfuscation