DOCSLIB.ORG

Infrastructure and Primitives for Hardware Security in Integrated Circuits

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

INFRASTRUCTURE AND PRIMITIVES FOR HARDWARE SECURITY IN INTEGRATED CIRCUITS by ABHISHEK BASAK Submitted in partial fulfillment for the degree of Doctor of Philosophy in Electrical Engineering and Computer Science CASE WESTERN RESERVE UNIVERSITY May 2016 CASE WESTERN RESERVE UNIVERSITY SCHOOL OF GRADUATE STUDIES We hereby approve the dissertation of ABHSIHEK BASAK Candidate for the degree of Doctor of Philosophy Committee Chair Swarup Bhunia Committee Member Frank Merat Committee Member Soumyajit Mandal Committee Member Ming-Chun Huang Committee Member Sandip Ray Date of Defense 03/15/2016 We also certify that any written approval has been obtained for any proprietary material contained therein. To my Family and Friends i Contents List of Tables vi List of Figures viii Abbreviations xii Acknowledgements xiv Abstract xvi 1 Introduction 1 1.1 What are Counterfeit ICs? . 3 1.2 Related Work on Countermeasures against Counterfeit ICs . 6 1.3 Major Contributions of Research (Part I) . 8 1.4 System-on-Chip (SoC) Security . 11 1.4.1 Background on SoC Security Policies . 13 1.4.2 Issues with Current SoC Design Trends . 15 1.4.3 Related Work . 17 1.5 Major Contributions of Research (Part II) . 18 1.6 Organization of Thesis . 21 2 Antifuse based Active Protection against Counterfeit ICs 22 2.1 C-Lock Methodology . 23 2.1.1 Business Model . 25 2.1.2 Pin Lock Structure . 26 2.1.3 Lock Insertion in I/O Port Circuitry . 27 2.1.4 Programming the Key . 28 2.1.5 Design Circuitry for Chip Unlocking . 29 2.1.5.1 Lock/Unlock Controller State Transitions . 30 2.2 Security and Overhead Analysis of C-Lock . 31 2.2.1 Security Analysis . 31 ii Table of Contents iii 2.2.1.1 Resistance against Side Channel Attacks . 32 2.2.1.2 Why not FSM based Unlocking ? . 32 2.2.2 Overhead Analysis . 33 2.2.3 Comparison with PUF and Aging Sensors . 34 2.3 Discussion . 35 2.4 P-Val Methodology . 36 2.5 P-Val Implementation . 39 2.5.1 Important AF Properties . 39 2.5.2 P-Val Component Selection . 40 2.5.2.1 Effect of AF/TF on Normal Pin Operation . 40 2.5.2.2 Antifuse (AF) Selection . 42 2.5.2.3 Test Fuse (TF) Selection . 43 2.5.2.4 Package Level Fabrication . 43 2.6 Pin Locking and IC Authentication in P-Val . 45 2.6.1 Pin Locking . 45 2.6.2 IC Authentication Methodology . 46 2.6.3 Signature Generation . 48 2.7 Security Analysis . 49 2.7.1 P-Val Security against Recycled Chips . 50 2.7.2 Security of P-Val against Cloned chips . 51 2.7.2.1 Precision Resistance Insertion . 52 2.7.2.2 AF Integration in Cloned ICs . 53 2.7.2.3 Protection against Overproduced ICs . 55 2.7.3 Uniqueness and Robustness of Signature . 55 2.7.3.1 Simulation Setup & Metrics . 56 2.7.3.2 Results . 57 2.7.4 Sample Cloning and Overhead Values . 57 2.8 Conclusion . 58 3 Nearly Free of Cost Protection against Cloned ICs 60 3.1 PiRA Methodology . 61 3.2 Implementation of PiRA . 64 3.2.1 Sources of Entropy . 64 3.2.2 Measurement Scheme . 65 3.2.3 Signature Generation . 67 3.3 Security Analysis . 70 3.3.1 PiRA Security . 70 3.3.2 Uniqueness and Robustness of Signature . 71 3.3.3 Discussion . 75 3.4 Conclusion . 76 4 A Flexible Architecture for Systematic Implementation of SoC Security Policies 78 4.1 Architecture . 79 Table of Contents iv 4.1.1 IP Security Wrappers . 81 4.1.2 Security Wrapper Implementation . 82 4.1.3 Security Policy Controller . 83 4.1.4 Secure Authenticated Policy Upgrades . 85 4.1.5 Policy Implementation in SoC Integration . 86 4.1.6 Alleviation of Issues . 86 4.2 Use Case Scenarios . 87 4.2.1 Use Case I: Secure Crypto . 88 4.2.2 Use Case II: Access Control . 90 4.3 Overhead Analysis . 92 4.4 Conclusion . 94 5 Exploiting Design-for-Debug in SoC Security Policy Architecture 95 5.1 On-Chip Debug Infrastructure . 96 5.2 Methodology . 98 5.3 DfD-Based Security Architecture . 100 5.3.1 Debug-Aware IP Security Wrapper . 100 5.3.2 SPC-Debug Infrastructure Interface . 101 5.3.3 Design Methodology . 103 5.4 Use Case Analysis . 104 5.4.1 An Illustrative Policy Implementation . 104 5.4.2 On-Field Policy Implementation/Patch . 105 5.5 Experimental Results . 106 5.6 Related Work . 109 5.7 Hardware Patch in SoCs . 109 5.8 Conclusion . 112 6 Security Assurance in SoC in presence of Untrusted IP Blocks 113 6.1 Problem of Untrustworthy IPs . 113 6.2 Background and Related Work . 116 6.3 System-level Security Issues Caused by Untrusted IPs . 118 6.4 SoC Security Architecture Resilient to Untrusted IP . 125 6.4.1 Assumptions . 125 6.4.2 Untrustworthy Security Wrappers . 127 6.4.2.1 Solution Methodology . 129 6.4.2.2 Implementation Details . 131 6.4.3 Untrustworthy IP Cores . 133 6.4.3.1 IP-Trust Aware Security Monitors: . 135 6.4.3.2 IP-Trust Aware Interface Triggers . 140 6.4.3.3 IP-Trust Aware Security Policies . 144 6.5 Use Case Analysis . 146 6.6 Overhead Analysis . 150 6.6.1 Security Monitor Implementations . 151 6.6.2 Results . 151 Table of Contents v 6.7 Conclusion . 153 7 Conclusion and Future Work 155 Bibliography 159 List of Tables 2.1 Major Electrical Properties of the Antifuse based Lock [1] . 26 2.2 Security & Area Overhead of proposed Locking at 45 nm . 33 2.3 Qualitative Comparison with Alternative Approaches . 34 2.4 Area Overhead Comparison at 45 nm. Process Technology . 34 2.5 Major Properties of the P-Val MIM Antifuse . 42 2.6 Security & Estimated Package Area Overhead of P-Val . 58 4.1 Representative set of security critical events according to IP type . 81 4.2 Policies for Usage Case Analysis . 87 4.3 Area & Power Overhead of IP Security Wrapper (at 32nm) . 93 4.4 Area & Power of Central Security Controller(at 32 nm) . 93 4.5 Die Area Overhead of Central Controller(at 32 nm) . 94 5.1 Typical Security Critical Events detected by DfD Trace Cell in Pro- cessor Core . 99 5.2 Example DfD Instrumentation Features by IP Type in SoC Model 107 5.3 Area (µm2), Power (µW) of DAP (SoC Area- ∼ 1:42X106µm2; SoC Power- > 30 mW )...........................107 5.4 Area (µm2), Power (µW) Overhead of DfD Trace Macrocells in SoC 107 5.5 Area (µm2) Savings of IP Security Wrapper . 108 5.6 Power (mW) Analysis in SoC on implementation of Debug Reuse . 109 6.1 Current trends in Trojan Research and Scope of this Work . 118 6.2 Assumptions Regarding Trustworthiness of Associated Components in Solution Methodology with respect to an Untrusted IP . 126 6.3 Categorization of MCE and Policies by IP Types . 137 6.4 Representative Interface Triggers for an Untrustworthy Processor . 144 6.5 Different Scenarios of Trojan (represented by payload) Coverage by Insertion of Security Monitors in three IP Cores of our framework . 150 6.6 Area & Power Overhead of Security Monitors in Processor IP (Orig. Area and Power with 1 KB inst., data memory at 32 nm - 352405 µm2 , 12.56 mW) . 152 6.7 Area & Power Overhead of Security Monitors in Memory Controller (MC) IP and SPI Controller IP (Orig. Area and Power of MC and SPI with wrappers at 32 nm - 629433 µm2, 13.81 mW;; 5456 µm2, 0.298 mW) . 152 vi List of Tables vii 6.8 Die Area Overhead (OVH) of Security Monitors (SMs) with maxi- mum Trojan coverage wrt. to our SoC framework (Area - 13.1X106), Apple A5 APL2498 (Area - 69.6X106), Intel Atom Z2520 (Area - 40.2X106), all at 32 nm process technology . 153 List of Figures 1.1 Different security threats in the modern electronic system design process, addressed by approaches proposed in this dissertation. 2 1.2 a) Present semiconductor business model; (b) possible sneak paths for adversaries to insert counterfeit ICs into the supply chain. 4 1.3 Percentage of reported counterfeit incidences by IC type in 2011 [2]; (b) Counterfeit ICs sold by VisionTech for different critical appli- cations, under name of various semiconductor vendors. 5 1.4 Classification of existing anti-counterfeiting protection schemes. 7 1.5 Some typical current application/usage scenarios where SoCs are utilized for implementing the corresponding electronic systems . 12 1.6 Schematic of a typical representative SoC architecture with the pro- posed framework for security policies . 12 1.7 Stages of a typical SoC front end (till fabrication) design process where system level security policies may be defined, refined or mod- ified. 16 2.1 Major stages of programming a Metal-Insulator-Metal antifuse with associated parameter values. 23 2.2 Schematic of the implementation of the proposed on-die locking mechanism in an IC. 24 2.3 a) Incorporation of the security mechanism in the current IC design cycle and b) the semiconductor business model to protect against diverse counterfeiting attacks. 25 2.4 Implementation of MIM antifuse in a 2 metal process. 26 2.5 Insertion of the lock unit in a general purpose input-output (GPIO) port of a state of the art microcontroller [3]. 27 2.6.
Recommended publications
  • ESC-470: ARM 9 Instruction Set Architecture with Performance

    ESC-470: ARM 9 Instruction Set Architecture with Performance

    ARM 9 Instruction Set Architecture Introduction with Performance Perspective Joe-Ming Cheng, Ph.D. ARM-family processors are positioned among the leaders in key embedded applications. Many presentations and short lectures have already addressed the ARM’s applications and capabilities. In this introduction, we intend to discuss the ARM’s instruction set uniqueness from the performance prospective. This introduction is also trying to follow the approaches established by two outstanding textbooks of David Patterson and John Hennessey [PetHen00] [HenPet02]. 1.0 ARM Instruction Set Architecture Processor instruction set architecture (ISA) choices have evolved from accumulator, stack, register-to- memory, to register-register (load-store) organization. ARM 9 ISA is a load-store machine. ARM 9 ISA takes advantage of its smaller set of registers (16 vs. many 32-register processors) to incorporate more direct controls and achieve high encoding density. ARM’s load or store multiple register instruction, for example , allows enlisting of all possible registers and conditional execution in one instruction. The Thumb mode instruction set is another exa mple of how ARM ISA facilitates higher encode density. Rather than compressing the code, Thumb -mode instructions are two 16-bit instructions packed in a 32-bit ARM-mode instruction space. The Thumb -mode instructions are a subset of ARM instructions. When executing in Thumb mode, a single 32-bit instruction fetch cycle effectively brings in two instructions. Thumb code reduces access bandwidth, code size, and improves instruction cache hit rate. Another way ARM achieves cycle time reduction is by using Harvard architecture. The architecture facilitates independent data and instruction buses.
  • RISC-V Geneology

    RISC-V Geneology

    RISC-V Geneology Tony Chen David A. Patterson Electrical Engineering and Computer Sciences University of California at Berkeley Technical Report No. UCB/EECS-2016-6 http://www.eecs.berkeley.edu/Pubs/TechRpts/2016/EECS-2016-6.html January 24, 2016 Copyright © 2016, by the author(s). All rights reserved. Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission. Introduction RISC-V is an open instruction set designed along RISC principles developed originally at UC Berkeley1 and is now set to become an open industry standard under the governance of the RISC-V Foundation (www.riscv.org). Since the instruction set architecture (ISA) is unrestricted, organizations can share implementations as well as open source compilers and operating systems. Designed for use in custom systems on a chip, RISC-V consists of a base set of instructions called RV32I along with optional extensions for multiply and divide (RV32M), atomic operations (RV32A), single-precision floating point (RV32F), and double-precision floating point (RV32D). The base and these four extensions are collectively called RV32G. This report discusses the historical precedents of RV32G. We look at 18 prior instruction set architectures, chosen primarily from earlier UC Berkeley RISC architectures and major proprietary RISC instruction sets. Among the 122 instructions in RV32G: ● 6 instructions do not have precedents among the selected instruction sets, ● 98 instructions of the 116 with precedents appear in at least three different instruction sets.
  • A CAD Tool for Synthesizing Optimized Variants of Altera's Nios II Soft-Core Processor

    A CAD Tool for Synthesizing Optimized Variants of Altera's Nios II Soft-Core Processor

    A CAD Tool for Synthesizing Optimized Variants of Altera's Nios II Soft-Core Processor By Omar Al Rayahi A Thesis Submitted to the Faculty of Graduate Studies through Electrical and Computer Engineering in Partial Fulfillment of the Requirements for the Degree of Master of Applied Science at the University of Windsor Windsor, Ontario, Canada 2008 Library and Bibliotheque et 1*1 Archives Canada Archives Canada Published Heritage Direction du Branch Patrimoine de I'edition 395 Wellington Street 395, rue Wellington Ottawa ON K1A0N4 Ottawa ON K1A0N4 Canada Canada Your file Votre reference ISBN: 978-0-494-47050-3 Our file Notre reference ISBN: 978-0-494-47050-3 NOTICE: AVIS: The author has granted a non­ L'auteur a accorde une licence non exclusive exclusive license allowing Library permettant a la Bibliotheque et Archives and Archives Canada to reproduce, Canada de reproduire, publier, archiver, publish, archive, preserve, conserve, sauvegarder, conserver, transmettre au public communicate to the public by par telecommunication ou par Plntemet, prefer, telecommunication or on the Internet, distribuer et vendre des theses partout dans loan, distribute and sell theses le monde, a des fins commerciales ou autres, worldwide, for commercial or non­ sur support microforme, papier, electronique commercial purposes, in microform, et/ou autres formats. paper, electronic and/or any other formats. The author retains copyright L'auteur conserve la propriete du droit d'auteur ownership and moral rights in et des droits moraux qui protege cette these. this thesis. Neither the thesis Ni la these ni des extraits substantiels de nor substantial extracts from it celle-ci ne doivent etre imprimes ou autrement may be printed or otherwise reproduits sans son autorisation.
  • Small Soft Core up Inventory ©2019 James Brakefield Opencore and Other Soft Core Processors Reverse-U16 A.T

    Small Soft Core up Inventory ©2019 James Brakefield Opencore and Other Soft Core Processors Reverse-U16 A.T

    tool pip _uP_all_soft opencores or style / data inst repor com LUTs blk F tool MIPS clks/ KIPS ven src #src fltg max max byte adr # start last secondary web status author FPGA top file chai e note worthy comments doc SOC date LUT? # inst # folder prmary link clone size size ter ents ALUT mults ram max ver /inst inst /LUT dor code files pt Hav'd dat inst adrs mod reg year revis link n len Small soft core uP Inventory ©2019 James Brakefield Opencore and other soft core processors reverse-u16 https://github.com/programmerby/ReVerSE-U16stable A.T. Z80 8 8 cylcone-4 James Brakefield11224 4 60 ## 14.7 0.33 4.0 X Y vhdl 29 zxpoly Y yes N N 64K 64K Y 2015 SOC project using T80, HDMI generatorretro Z80 based on T80 by Daniel Wallner copyblaze https://opencores.org/project,copyblazestable Abdallah ElIbrahimi picoBlaze 8 18 kintex-7-3 James Brakefieldmissing block622 ROM6 217 ## 14.7 0.33 2.0 57.5 IX vhdl 16 cp_copyblazeY asm N 256 2K Y 2011 2016 wishbone extras sap https://opencores.org/project,sapstable Ahmed Shahein accum 8 8 kintex-7-3 James Brakefieldno LUT RAM48 or block6 RAM 200 ## 14.7 0.10 4.0 104.2 X vhdl 15 mp_struct N 16 16 Y 5 2012 2017 https://shirishkoirala.blogspot.com/2017/01/sap-1simple-as-possible-1-computer.htmlSimple as Possible Computer from Malvinohttps://www.youtube.com/watch?v=prpyEFxZCMw & Brown "Digital computer electronics" blue https://opencores.org/project,bluestable Al Williams accum 16 16 spartan-3-5 James Brakefieldremoved clock1025 constraint4 63 ## 14.7 0.67 1.0 41.1 X verilog 16 topbox web N 4K 4K N 16 2 2009
  • Design of the RISC-V Instruction Set Architecture

    Design of the RISC-V Instruction Set Architecture

    Design of the RISC-V Instruction Set Architecture Andrew Waterman Electrical Engineering and Computer Sciences University of California at Berkeley Technical Report No. UCB/EECS-2016-1 http://www.eecs.berkeley.edu/Pubs/TechRpts/2016/EECS-2016-1.html January 3, 2016 Copyright © 2016, by the author(s). All rights reserved. Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission. Design of the RISC-V Instruction Set Architecture by Andrew Shell Waterman A dissertation submitted in partial satisfaction of the requirements for the degree of Doctor of Philosophy in Computer Science in the Graduate Division of the University of California, Berkeley Committee in charge: Professor David Patterson, Chair Professor Krste Asanovi´c Associate Professor Per-Olof Persson Spring 2016 Design of the RISC-V Instruction Set Architecture Copyright 2016 by Andrew Shell Waterman 1 Abstract Design of the RISC-V Instruction Set Architecture by Andrew Shell Waterman Doctor of Philosophy in Computer Science University of California, Berkeley Professor David Patterson, Chair The hardware-software interface, embodied in the instruction set architecture (ISA), is arguably the most important interface in a computer system. Yet, in contrast to nearly all other interfaces in a modern computer system, all commercially popular ISAs are proprietary.
  • A VHDL Model of a Superscalar Implementation of the DLX Instruction Set Architcture

    A VHDL Model of a Superscalar Implementation of the DLX Instruction Set Architcture

    Rochester Institute of Technology RIT Scholar Works Theses 10-1-1996 A VHDL model of a superscalar implementation of the DLX instruction set architcture Paul Ferno Follow this and additional works at: https://scholarworks.rit.edu/theses Recommended Citation Ferno, Paul, "A VHDL model of a superscalar implementation of the DLX instruction set architcture" (1996). Thesis. Rochester Institute of Technology. Accessed from This Thesis is brought to you for free and open access by RIT Scholar Works. It has been accepted for inclusion in Theses by an authorized administrator of RIT Scholar Works. For more information, please contact [email protected]. A VHDL MODEL OF A SUPERSCALAR IMPLEMENTATION OF THE DLX INSTRUCTION SET ARCHITECTURE by Paul A. Femo A thesis submitted in partial fulfillment ofthe requirements for the degree of Masters ofScience in Computer Engineering Department ofComputer Engineering College ofEngineering Rochester Institute ofTechnology Rochester, New York October, 1996 Approvedby _ Dr. Kevin Shank, Assistant Professor Dr. Tony Chang, Professor Dr. Roy Czemikowski, Dept. Head and Professor THESIS RELEASE PERMISSION FORM ROCHESTER INSTITUTE OF TECHNOLOGY COLLEGE OF ENGINEERING Title: A VHDL Model ofa Superscalar Implementation ofthe DLX Instruction Set Architecture I, Paul A. Femo, hereby grant permission to the Wallace Memorial Library to reproduce my thesis in whole or part. Signature: _ Date: I(t-?£ ii Abstract The complexity of today's microprocessors demands that designers have an extensive knowledge of superscalar design techniques; this knowledge is difficult to acquire outside of a professional design team. Presently, there are a limited number of adequate resources available for the student, both in textual and model form.
  • Open-Source 32-Bit RISC Soft-Core Processors

    Open-Source 32-Bit RISC Soft-Core Processors

    IOSR Journal of VLSI and Signal Processing (IOSR-JVSP) Volume 2, Issue 4 (May. – Jun. 2013), PP 43-46 e-ISSN: 2319 – 4200, p-ISSN No. : 2319 – 4197 www.iosrjournals.org Open-Source 32-Bit RISC Soft-Core Processors Rahul R.Balwaik, Shailja R.Nayak, Prof. Amutha Jeyakumar Department of Electrical Engineering, VJTI, Mumbai-19, INDIA Abstract: A soft-core processor build using a Field-Programmable Gate Array (FPGA)’s general-purpose logic represents an embedded processor commonly used for implementation. In a large number of applications; soft-core processors play a vital role due to their ease of usage. Soft-core processors are more advantageous than their hard-core counterparts due to their reduced cost, flexibility, platform independence and greater immunity to obsolescence. This paper presents a survey of a considerable number of soft core processors available from the open-source communities. Some real world applications of these soft-core processors are also discussed followed by the comparison of their several features and characteristics. The increasing popularity of these soft-core processors will inevitably lead to more widespread usage in embedded system design. This is due to the number of significant advantages that soft-core processors hold over their hard-core counterparts. Keywords: Field-Programmable Gate Array (FPGA), Application-Specific Integrated Circuit (ASIC), open- source, soft-core processors. I. INTRODUCTION Field-Programmable Gate Array (FPGA) has grown in capacity and performance, and is now one of the main implementation fabrics for designs, particularly where the products do not demand for custom integrated circuits. And in recent past due to the increased capacity and falling cost of the FPGA’s relatively fast and high density devices are today becoming available to the general public.
  • Computer Architecture Instruction Set Architecture

    Computer Architecture Instruction Set Architecture

    Computer Architecture Instruction Set Architecture Virendra Singh Associate Professor Computer Architecture and Dependable Systems Lab Department of Electrical Engineering Indian Institute of Technology Bombay http://www.ee.iitb.ac.in/~viren/ E-mail: [email protected] CS-683: Advanced Computr Architcture Lecture 2 (26 July 2013) CADSL What Are the Components of an ISA? • Some&mes known as The Programmer’s Model of the machine • Storage cells Ø General and special purpose registers in the CPU Ø Many general purpose cells of same size in memory Ø Storage associated with I/O devices • The machine instruc&on set Ø The instruc&on set is the en&re repertoire of machine operaons Ø Makes use of storage cells, formats, and results of the fetch/ execute cycle Ø i.e., register transfers 26 July 2013 CS683@IITB 2 CADSL What Are the Components of an ISA? • The instruc&on format Ø Size and meaning of fields within the instruc&on • The nature of the fetch-execute cycle Ø Things that are done before the operaon code is known 26 July 2013 CS683@IITB 3 CADSL Instruction • C Statement f = (g+h) – (i+j) Ø Assembly instruc&ons add t0, g, h add t1, I, j sub f, t0, t1 • Opcode/mnemonic, operand , source/ des&naon 26 July 2013 CS683@IITB 4 CADSL Why not Bigger Instructions? • Why not “f = (g+h) – (i+j)” as one instruc&on? • Church’s thesis: A very primi&ve computer can compute anything that a fancy computer can compute – you need only logical func&ons, read and write to memory, and data dependent decisions • Therefore, ISA selec&on is for prac&cal reasons – Performance and cost not computability • Regularity tends to improve both – E.g, H/W to handle arbitrary number of operands is complex and slow, and UNNECESSARY 26 July 2013 CS683@IITB 5 CADSL What Must an Instruction Specify?(I) Data Flow • Which operaon to perform add r0, r1, r3 – Ans: Op code: add, load, branch, etc.
  • RISC + Pipelines.Pdf

    RISC + Pipelines.Pdf

    RISC AND PIPELINING RISC vs CISC • Reduced Instruction Set Computer vs Complex Instruction Set Computers • for a given benchmark the performance of a particular computer: where P = time to execute 1 I = number of instructions executed P = 1 퐼∗퐶∗ 푆 C = clock cycles per instruction S = clock speed • RISC approach attempts to reduce C • CISC approach attempts to reduce I • assuming identical clock speeds: CRISC < CCISC [both < 1 with superscalar designs] a RISC will execute more instructions for a given benchmark than a CISC [10..30%] CSU34021 © 2019 [email protected] School of Computer Science and Statistics, Trinity College Dublin 31-Oct-19 1 RISC AND PIPELINING RISC-I • history • RISC-1 designed by MSc students under the direction of David Patterson and Carlo H. Séquin at UCLA Berkeley • released in 1982 • first RISC now accepted to be the IBM 801 [1980], but design not made public at the time • John Cocke later won both the Turing award and the Presidential Medal of Science for his work on the 801 • RISC-1 similar to SPARC [Sun, Oracle] and DLX/MIPS [discussing its pipeline later] • http://www.eecs.berkeley.edu/Pubs/TechRpts/1982/CSD-82-106.pdf CSU34021 © 2019 [email protected] School of Computer Science and Statistics, Trinity College Dublin 31-Oct-19 2 RISC AND PIPELINING RISC-I Design Criteria For an effective single chip solution artificially placed the following design constraints: • execute one instruction per cycle [instructions must be simple to be executed in one clock cycle] • make all instructions the same size [simplifies instruction decoding] • access main memory with load and store instructions [load/store architecture] • ONLY one addressing mode [indexed] • limited support for high level languages [which means C and hence Unix] procedure calling, local variables, constants, … CSU34021 © 2019 [email protected] School of Computer Science and Statistics, Trinity College Dublin 31-Oct-19 3 RISC AND PIPELINING RISC-I architecture • 32 x 32 bit registers r0 .
  • A Thesis Entitled Design of a Hardware Security PUF Immune To

    A Thesis Entitled Design of a Hardware Security PUF Immune To

    A Thesis Entitled Design of a Hardware Security PUF Immune to Machine Learning Attacks By Nitin K. Pundir Submitted to the Graduate Faculty as partial fulfillment of the requirements for the Master of Science Degree in Electrical Engineering ________________________________________ Dr. Mohammed Niamat, Committee Chair ________________________________________ Dr. Mansoor Alam, Committee Member ________________________________________ Dr. Hong Wang, Committee Member ________________________________________ Dr. Amanda Bryant-Friedrich, Dean College of Graduate Studies The University of Toledo December 2017 Copyright 2017, Nitin K. Pundir This document is copyrighted material. Under copyright law, no parts of this document may be reproduced without the expressed permission of the author. An Abstract of Design of a Hardware Security PUF Immune to Machine Learning Attacks By Nitin K. Pundir Submitted to the Graduate Faculty as partial fulfillment of the requirements for the Master of Science Degree in Electrical Engineering The University of Toledo December 2017 The technology and cyberspace sector is losing billions each year to hardware security threats. The incidents of usage of counterfeiting chips are doubling each year. The Electronic Resellers Association International (ERAI) reported that in the year 2011 more than 1300 counterfeits were reported. The incidents were double of what were reported in 2008. The report from Federal Contracts acknowledges the threats emanating from counterfeit chips and says it threatens the successful operations of US Weapon Systems. Meanwhile, electronic counterfeiting of chips continues to be a very profitable business on the dark web by crooked operatives. Physical Unclonable Functions (PUFs) are emerging as hardware security primitives to deal with security issues such as cloning, hacking, copying, and detection of Trojans.
  • Chapter 13 the ISA of a Simplified

    Chapter 13 the ISA of a Simplified

    Chapter 13 The ISA of a simplified DLX In this chapter we describe a specification of a simple microprocessor called the simplified DLX. The specification is called an instruction set architecture (ISA). The ISA consists of objects and a machine language which is simply a list of instructions. The ISA describes the set of objects (memory and registers) and how they are manipulated by the machine language instructions. 13.1 Why use abstractions? The term architecture according to the Collins Dictionary means the art of planning, designing, and constructing buildings. Computer architecture refers to computers rather than buildings. Computers are rather complicated; even a very simple microprocessor is built from tens of thousands of gates and an operating system spans thousands of lines of code. To simplify things, people focus at a given time on certain aspects of computers and ignore other aspects. For example, the hardware designer ignores questions such as: which programs will be executed by the computer? The programmer, on the other hand, often does not even know exactly which type of computer will be executing the program she is writing. It is the task of the architect to be aware of different aspects so that the designed system meets certain price and performance goals. To facilitate focusing on certain aspects, abstractions are used. Several abstractions are used in computer systems. For example, the C programmer uses the abstraction of a computer that runs C programs, owns a private memory, and has access to various peripheral devices (such as a printer, a monitor, a keyboard, etc.). Supporting this abstraction requires software tools (e.g., editor, compiler, linker, loader, debugger).
  • Is Hardware More Secure Than Software?

    Is Hardware More Secure Than Software?

    Is Hardware More Secure than Software? Lianying Zhao Carleton University David Lie University of Toronto Abstract—Computer hardware is usually perceived as more secure than software. However, recent trends lead us to reexamine this belief. We draw attention to the “firmwarization” of hardware and argue for revisiting the role of hardware and software in systems security. TRADITIONALLY, computer systems can be quick search on Google Scholar returns at least thought of as composed of two types of compo- 1,750 academic papers with the title containing nents: hardware and software. Hardware refers to both “hardware” and “security” as of the time the physical components that perform a fixed set of writing. While this is a conservative under- of operations. Software on the other hand, defines approximation of the actual number of such pa- logical components, instantiated as data and in- pers (as it only checks the title), and regardless structions, which can specify arbitrary sequences of whether these papers propose a larger role of hardware operations, as well as inputs to those of hardware in security, or seek to examine the operations. A function can be implemented using vulnerability of hardware to security attacks, the a various mixes of hardware and software compo- sheer number informally illustrates that the se- nents (or even entirely in hardware). The mix of curity community has a strong interest in the hardware and software can have implications on relationship between computer hardware and se- certain properties of the function implementation curity. Another recent trend is the implementation (e.g., performance or security). of hardware mechanisms to address well-known Hardware Security.