DOCSLIB.ORG

Hardware Trojans – Prevention, Detection, Countermeasures (A Literature Review)

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Hardware Trojans – Prevention, Detection, Countermeasures (A Literature Review) UNCLASSIFIED Hardware Trojans – Prevention, Detection, Countermeasures (A Literature Review) Mark Beaumont, Bradley Hopkins and Tristan Newby Command, Control, Communications and Intelligence Division Defence Science and Technology Organisation DSTO–TN–1012 ABSTRACT A Hardware Trojan is a malicious, undesired, intentional modification of an electronic circuit or design, resulting in the incorrect behaviour of an electronic device when in operation – a back-door that can be inserted into hardware. A Hardware Trojan may be able to defeat any and all security mechanisms (software or hardware-based) and subvert or augment the normal operation of an infected device. This may result in modifications to the functionality or specification of the hardware, the leaking of sensitive information, or a Denial of Service (DoS) attack. Understanding Hardware Trojans is vital when developing next generation de- fensive mechanisms for the development and deployment of electronics in the presence of the Hardware Trojan threat. Research over the past five years has primarily focussed on detecting the presence of Hardware Trojans in infected devices. This report reviews the state-of-the-art in Hardware Trojans, from the threats they pose through to modern prevention, detection and countermeasure techniques. APPROVED FOR PUBLIC RELEASE UNCLASSIFIED DSTO–TN–1012 UNCLASSIFIED Published by DSTO Defence Science and Technology Organisation PO Box 1500 Edinburgh, South Australia 5111, Australia Telephone: (08) 7389 5555 Facsimile: (08) 7389 6567 c Commonwealth of Australia 2011 AR No. 015-008 July, 2011 APPROVED FOR PUBLIC RELEASE ii UNCLASSIFIED UNCLASSIFIED DSTO–TN–1012 Hardware Trojans – Prevention, Detection, Countermeasures (A Literature Review) Executive Summary Electronic systems have proliferated over the past few decades to the point that most aspects of daily life are aided or affected by the automation, control, monitoring, or com- putational power provided by Integrated Circuits (ICs). The ability to trust these ICs to perform their specified operation (and only their specified operation) has always been a security concern and has recently become a more active topic of research. ICs are the building blocks for all modern electronic systems, they form the information backbone of many critical sectors including the financial, military, industrial, and transportation sec- tors. Without trust in these ICs, the systems they support cannot necessarily be trusted to perform as specified and may even be susceptible to attack by a malicious adversary. A Hardware Trojan is a malicious, undesired, intentional modification of an electronic circuit or design, resulting in the undesired behaviour of an electronic device when in operation. It is like a back-door that can be inserted into hardware – a foothold that an adversary can leverage to attack a system. ICs that are “infected” by a Hardware Trojan may experience modifications to their functionality or specification, the leaking of sensitive information, or a Denial of Service (DoS) attack. Hardware Trojan insertion into an IC can occur at any stage during the design and manufacturing process, including the specification, design, verification and manufacturing stages. Hardware Trojans may even be retro-fitted to existing ICs post-manufacture. Maintaining tight control over the IC design life-cycle is costly; the current trend is towards separation of design from manufacture, increasing use of third-party Electronic Design Automation (EDA) tools and third-party Intellectual Property (IP) cores, and outsourcing to contract-design houses. For a country like Australia, and even more so for the small Defence industry, keeping the entire design and manufacturing process in-house is infeasible for all but the smallest Application Specific Integrated Circuit (ASIC) designs. Our reliance on the globalisation of the electronics industry is critical for developing both our commercial and military capa- bilities. The Hardware Trojan threat must therefore be taken seriously and our approach must ensure that we are able to either trust the operation of ICs used or, better still, to safely utilise Commercial-Off-The-Shelf (COTS) electronic devices and ICs regardless of the presence of Hardware Trojans. Understanding Hardware Trojans is vital when developing next generation defensive mechanisms for the development and deployment of electronics in the presence of the Hardware Trojan threat. Research over the past five years has focussed on detecting the presence of Hardware Trojans in infected devices. As part of the Cyber CERP (Corporate Enabling Research Program) work program a literature review of Hardware Trojans was undertaken. This report reviews the state-of-the-art in Hardware Trojans, including the threats they pose and how they are commanded, through to modern prevention, detec- tion and countermeasure techniques. Importantly, there are currently no known catch-all countermeasures that can ensure that a device or system is free from Hardware Trojans, or allow a system to operate in the presence of Hardware Trojans. UNCLASSIFIED iii DSTO–TN–1012 UNCLASSIFIED THIS PAGE IS INTENTIONALLY BLANK iv UNCLASSIFIED UNCLASSIFIED DSTO–TN–1012 Authors Mark R G Beaumont Command Control Communications and Intelligence Division Mark Beaumont was awarded a B.E. (1st class Hons) in Elec- tronic and Computer Engineering in 1998 from the University of Tasmania, and an M.IT. from the University of Adelaide in 2010. He now works within Information Operations Branch. Bradley D Hopkins Command Control Communications and Intelligence Division Bradley Hopkins was awarded a B.E. (Hons) in Electronic and Electrical Engineering in 1997 from the Flinders University of South Australia. He now works within Information Operations Branch. Tristan Newby Command Control Communications and Intelligence Division Tristan Newby was awarded a B.Sc. in Mathematics and Com- puter Science in 1998 from the University of Adelaide, and an M.Sc. from the same university in 2008. He now works within Information Operations Branch. UNCLASSIFIED v DSTO–TN–1012 UNCLASSIFIED THIS PAGE IS INTENTIONALLY BLANK vi UNCLASSIFIED UNCLASSIFIED DSTO–TN–1012 Contents Glossary ix 1 Introduction 1 2 Threats 3 2.1 Insertion Phase and Location ......................... 4 2.2 Hardware Trojan Actions ........................... 5 2.2.1 Modify Functionality ......................... 6 2.2.2 Modify Specification ......................... 6 2.2.3 Leak Information ........................... 7 2.2.4 Denial of Service ........................... 7 2.3 Hardware Trojan Implementations ...................... 7 2.3.1 Illinois Malicious Processor ...................... 8 2.3.2 Cyber Security Awareness Week ................... 8 2.3.3 Malicious Off-chip Leakage Enabled by Side-channels ....... 8 2.3.4 Cryptographic Hardware Trojans .................. 9 2.3.5 Exploiting Semiconductor Properties ................ 9 3 Trigger Mechanisms 10 3.1 Internally Triggered .............................. 10 3.1.1 Combinational Activation ...................... 10 3.1.2 Sequential Activation ......................... 11 3.2 Externally Triggered .............................. 12 3.3 Always On ................................... 12 3.4 Trigger Design Issues .............................. 13 4 Prevention 14 4.1 Prevention at Design .............................. 14 4.2 Prevention at Fabrication ........................... 15 4.3 Prevention at Post-Fabrication ........................ 15 UNCLASSIFIED vii DSTO–TN–1012 UNCLASSIFIED 5 Detection 17 5.1 Destructive ................................... 17 5.2 Non-destructive ................................. 18 5.2.1 Invasive ................................ 19 5.2.2 Non-invasive .............................. 19 5.2.2.1 Runtime .......................... 20 5.2.2.2 Logic Testing ....................... 20 5.2.2.3 Side-Channel Analysis .................. 21 6 Countermeasures 23 6.1 Data Guards .................................. 23 6.1.1 Generic Guards ............................ 23 6.1.2 Specific Bus Guards ......................... 25 6.2 Novel RTL-Level Architectures ........................ 26 6.3 Reconfigurable Architectures ......................... 28 6.4 Replication, Fragmentation, and Voting ................... 29 7 Summary 32 References 33 viii UNCLASSIFIED UNCLASSIFIED DSTO–TN–1012 Glossary AES Advanced Encryption Standard symmetric cryptography algorithm ATA AT Attachment bus standard AFRL Air Force Research Laboratories ALU Arithmetic Logic Unit AMBA Advanced Micro-controller Bus Architecture ASIC Application Specific Integrated Circuit CAD Computer Aided Design CLB Configurable Logic Block CMOS Complementary Metal-Oxide-Semiconductor COTS Commercial-Off-The-Shelf CPU Central Processing Unit CSAW Cyber Security Awareness Week DES Data Encryption Standard symmetric cryptography algorithm DMA Direct Memory Access DoS Denial of Service DSP Digital Signal Processor DARPA Defense Advanced Research Programs Agency EDA Electronic Design Automation EM Electron Migration EMI Electro-Magnetic Interference FPGA Field programmable Gate Array HCI Hot Carrier Injection HDL Hardware Description Language IC Integrated Circuit IO Input/Output IP Intellectual Property JTAG Joint Test Action Group specified IC test interface UNCLASSIFIED ix DSTO–TN–1012 UNCLASSIFIED NBTI Negative Bias Temperature Instability OB Oxide Breakdown PCIe Peripheral Component Interconnect Express RF Radio Frequency RSA An encryption algorithm developed by Rivest, Shamir, and Adleman RTL Register Transfer Level
Load more

Recommended publications
  • Detecting Hardware Trojans Inserted by Untrusted Foundry Using Physical Inspection and Advanced Image Processing
    Noname manuscript No. (will be inserted by the editor) Detecting Hardware Trojans Inserted by Untrusted Foundry using Physical Inspection and Advanced Image Processing Nidish Vashistha · M Tanjidur Rahman · Haoting Shen · Damon L Woodard · Navid Asadizanjani · Mark Tehranipoor Received: date / Accepted: date Abstract Hardware Trojans are malicious changes to Trojan. Here, we are only concerned with untrusted the design of integrated circuits (ICs) at different stages foundry problem, where it is assumed the end-user has of the design and fabrication process. Different approac- access to a golden layout/image of the IC. This is a hes have been developed to detect Trojans namely: non- common threat model for those organizations that fully destructive (electrical tests like run-time monitoring, design their IC but need access to untrusted foundry functional and structural tests) and destructive testing for fabrication. SEM image from a backside thinned (full chip reverse engineering). However, none of the golden IC is compared with a low-quality SEM image of previously developed methods can be used to detect all an IC under authentication (IUA). We perform image types of Trojans and they all suffer from a number of dis- processing to both golden IC & IUA images to remove advantages such as low speed of detection, low accuracy, noise. We develop a computer vision based algorithm low confidence level and poor coverage of Trojan types. to detect hardware Trojans based on their structural Based on our literature survey of Trojan benchmarks, similarity. The results demonstrate that our technique majority of the hardware Trojans implemented in an IC is quite effective at detecting Trojans and significantly will leave a footprint at the active layer.
    [Show full text]
  • Leveraging Logic Masking to Facilitate Hardware Trojan Detection Methods Arash Nejat
    Leveraging Logic Masking to Facilitate Hardware Trojan Detection Methods Arash Nejat To cite this version: Arash Nejat. Leveraging Logic Masking to Facilitate Hardware Trojan Detection Methods. Mi- cro and nanotechnologies/Microelectronics. Université Grenoble Alpes, 2019. English. NNT : 2019GREAT004. tel-03132626 HAL Id: tel-03132626 https://tel.archives-ouvertes.fr/tel-03132626 Submitted on 5 Feb 2021 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. THÈSE Pour obtenir le grade de DOCTEUR DE LA COMMUNAUTÉ UNIVERSITÉ GRENOBLE ALPES Spécialité : NANO ELECTRONIQUE ET NANO TECHNOLOGIES Arrêté ministériel : 25 mai 2016 Présentée par Arash NEJAT Thèse dirigée par Vincent BEROULLE , Enseignant-chercheur, Grenoble INP et codirigée par David HELY, Maitre de Conférence, Grenoble INP préparée au sein du Laboratoire Laboratoire de conception et d'intégration des systèmes dans l'École Doctorale Electronique, Electrotechnique, Automatique, Traitement du Signal (EEATS) Tirer parti du masquage logique pour faciliter les méthodes de détection des chevaux de Troie
    [Show full text]
  • Hardware Security and VLSI Design Optimization
    Wright State University CORE Scholar Browse all Theses and Dissertations Theses and Dissertations 2018 Hardware Security and VLSI Design Optimization Hao Xue Wright State University Follow this and additional works at: https://corescholar.libraries.wright.edu/etd_all Part of the Engineering Commons Repository Citation Xue, Hao, "Hardware Security and VLSI Design Optimization" (2018). Browse all Theses and Dissertations. 2206. https://corescholar.libraries.wright.edu/etd_all/2206 This Dissertation is brought to you for free and open access by the Theses and Dissertations at CORE Scholar. It has been accepted for inclusion in Browse all Theses and Dissertations by an authorized administrator of CORE Scholar. For more information, please contact [email protected]. HARDWARE SECURITY AND VLSI DESIGN OPTIMIZATION A dissertation submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy By HAO XUE M.S.Eg., Wright State University, USA, 2013 B.S., Taiyuan University of Technology, China, 2010 2018 Wright State University WRIGHT STATE UNIVERSITY GRADUATE SCHOOL December 4, 2018 I HEREBY RECOMMEND THAT THE DISSERTATION PREPARED UNDER MY SUPERVISION BY Hao Xue ENTITLED Hardware Security and VLSI Design Optimization BE ACCEPTED IN PARTIAL FULFILLMENT OF THE REQUIREMENTS FOR THE DEGREE OF Doctor of Philosophy. ___________________________ Saiyu Ren, Ph.D. Dissertation Director ___________________________ Arnab K. Shaw, Ph.D. Director, Electrical Engineering Ph.D. Program ___________________________ Barry Milligan, Ph.D. Interim Dean of the Graduate School Committee on Final Examination ___________________________ Saiyu Ren, Ph.D. ___________________________ Ray Siferd, Ph.D. ___________________________ Marty Emmert, Ph.D. ___________________________ Marian Kazimierczuk, Ph.D. ___________________________ Yan Zhuang, Ph.D.
    [Show full text]
  • IEEE Paper Template in A4
    INTERNATIONAL JOURNAL OF SCIENTIFIC & TECHNOLOGY RESEARCH VOLUME 9, ISSUE 06, JUNE 2020 ISSN 2277-8616 Reduction Of Hardware Trojan Effect Using Multipath Authentication P. Bosebabu, K. Siva Nagaraju, B. Chanikya, P. Ritish Kumar Abstract: with increase of Integrated Circuit (IC) manufacturing foundries and fabrication units, security of an IC gains its importance. The manufacturing of IC is having many stages like designing, assembling, packaging, etc. Hardware Trojans can be implantable at any of these stages by the foundries or third-party vendors. Hardware Trojan is a malicious, undesired, intentional, modification of an electronic circuit or design, resulting leakage of data or incorrect behaviour of an electronic device. The Cryptographic algorithms play an important role in information security and protection of data from unauthorised usage. The proposed AES crypto processor model is having a authentication monitoring which will detect hardware Trojan triggering, alerts the user and takes necessary actions for retrieving original data. With help of proposed system, the reduction of effect of hardware Trojan can be achievable. Keywords: Hardware Trojan, Cryptography, IC security, AES. ———————————————————— 1. INTRODUCTION 2. RELATED WORK In recent years, the usage of semiconductor devices has rapidly increased. Integrated Circuit (IC) has become the A. Hardware Trojan foremost part of every stream like military, government, Hardware Trojan consist of two parts, trigger and payload. commercialization, etc. Chip manufacturing cycle involves Trigger is an activation condition or event that triggers the Specification, Architectural design, Functional and Logical payload in active state. Payload is an activity that executed design, Circuit design, Physical design, Fabrication, Packaging whenever Trojan is activated or triggered.
    [Show full text]
  • Trojans in Early Design Steps—An Emerging Threat
    Trojans in Early Design Steps—An Emerging Threat Ilia Polian∗, Georg T. Beckery, and Francesco Regazzoniz ∗Universitat¨ Passau, Germany yHorst Gortz¨ Institute for IT Security, Ruhr-Universitat¨ Bochum, Germany zALARI, University of Lugano, Switzerland Abstract—Hardware Trojans inserted by malicious foundries II. BACKGROUND during integrated circuit manufacturing have received substantial attention in recent years. In this paper, we focus on a different The term “hardware Trojans” historically referred to threats type of hardware Trojan threats: attacks in the early steps of associated with outsourcing of advanced semiconductor man- design process. We show that third-party intellectual property ufacturing into potentially untrustworthy countries [1]. The cores and CAD tools constitute realistic attack surfaces and that foundry would receive circuit layout information (in GDS II even system specification can be targeted by adversaries. We or a similar format) and, possibly, further design data, in order discuss the devastating damage potential of such attacks, the to produce masks and manufacture the circuit. The alleged applicable countermeasures against them and their deficiencies. threat consists in an intentional—and malicious—modification I. INTRODUCTION of the circuit by the foundry before manufacturing, such that the fabricated chip has critical deviations from its layout as Historically, IT security concentrated on attack scenarios provided by its author. targeting software and communication networks, but more recently, the system hardware moved into the focus of attack- However, the modern understanding of hardware Trojans ers. Hardware-related threats are relevant even for extremely includes all malicious modifications of a circuit during its cre- software-dominated systems, which still contain some amount ation: by an untrusted foundry (as discussed above), but also by of hardware on which the software runs; compromising this rogue in-house designers, by third-party intellectual-property hardware makes the entire system vulnerable.
    [Show full text]
  • Design and Validation for Fpga Trust Under Hardware Trojan Attacks 3
    1 186 186 186 IEEEIEEE TRANSACTIONS TRANSACTIONS ON MULTI-SCALE ON MULTI-SCALEIEEE COMPUTING TRANSACTIONS COMPUTING SYSTEMS, SYSTEMS, ON MULTI-SCALE VOL. VOL. 2, NO. 2, COMPUTING 3,NO. JULY-SEPTEMBER 3, JULY-SEPTEMBER SYSTEMS, 2016 VOL. 2016 2, NO. 3, JULY-SEPTEMBER 2016 DesignDesign andDesign and ValidationDesign Validation and and Validation for for Validation FPGA FPGA for Trust Trust for FPGA FPGA Trust Trust under underunder Hardware HardwareunderHardware Trojan Trojan Hardware Attacks Attacks Trojan Trojan Attacks Attacks Sanchita Mal-Sarkar, Member, IEEE, Robert Karam, Student Member, IEEE, SanchitaSanchita Mal-Sarkar, Mal-Sarkar,Member,Member,SeetharamSanchita IEEE IEEE Mal-Sarkar,, Robert Narasimhan,, Robert Karam, Karam,Member,Member,StudentStudent IEEE IEEEMember,, RobertMember,, Anandaroop IEEE Karam, IEEE, ,Student Ghosh, Member, Aswin Krishna, IEEE, SeetharamSeetharam Narasimhan, Narasimhan,Member,SeetharamMember, IEEEand IEEE Narasimhan,, Swarup Anandaroop, Anandaroop Bhunia,Member, Ghosh, Ghosh,Senior IEEE Member,, Anandaroop IEEE Ghosh, AswinAswin Krishna, Krishna,StudentStudent Member,Aswin Member, Krishna, IEEE IEEE, and,Student and Swarup Swarup Member, Bhunia, Bhunia, IEEESeniorSenior, and Member, Member,Swarup IEEE Bhunia, IEEE Senior Member, IEEE Abstract—Field programmable gate arrays (FPGAs) are being increasingly used in a wide range of critical applications, including industrial, automotive, medical, and military systems. Since FPGA vendors are typically fabless, it is more economical to outsource Abstract—Abstract—FieldField programmable programmable gate gateAbstract— arrays arrays (FPGAs) (FPGAs)Field areprogrammable beingare being increasingly increasingly gate arrays used used (FPGAs) in a inwide a wide are range being range of critical increasingly of critical applications, applications, used in including a wide including range of critical applications, including device production to off-shore facilities.
    [Show full text]
  • TPAD: Hardware Trojan Prevention and Detection for Trusted Integrated Circuits Tony F
    TCAD-2015-0006 1 TPAD: Hardware Trojan Prevention and Detection for Trusted Integrated Circuits Tony F. Wu, Student Member, Karthik Ganesan, Student Member, Yunqing Alexander Hu, Student Member, H.-S. Philip Wong, Fellow, Simon Wong, Fellow, Subhasish Mitra, Fellow Abstract— There are increasing concerns about possible we stop a hardware Trojan from being inserted. Part of the malicious modifications of integrated circuits (ICs) used in challenge in detecting or preventing hardware Trojans arises critical applications. Such attacks are often referred to as from the fact that the methods for inserting Trojan attacks are hardware Trojans. While many techniques focus on hardware numerous (e.g., [2][5] for a comprehensive list). Trojan detection during IC testing, it is still possible for attacks out to go undetected. Using a combination of new design techniques a) c) Vdd Vdd and new memory technologies, we present a new approach that + in detects a wide variety of hardware Trojans during IC testing and out Vdd/2 b) D Q also during system operation in the field. Our approach can also in prevent a wide variety of attacks during synthesis, clk 0 Vdd/2 Vdd place-and-route, and fabrication of ICs. It can be applied to any Fig. 1. Examples of hardware Trojans. a) Modification of functional behavior digital system, and can be tuned for both traditional and through logic changes; b) Electrical changes such as changing timing split-manufacturing methods. We demonstrate its applicability characteristics; c) Reliability changes such as accelerating aging with NBTI. for both ASICs and FPGAs. Using fabricated test chips with Trojan emulation capabilities and also using simulations, we Trojan insertion methods include (but are not limited to): demonstrate: 1.
    [Show full text]
  • Hardware Trojan Detection Solutions and Design-For-Trust Challenges
    RESEARCH FEATURE Hardware Trojan Detection Solutions and Design-for-Trust Challenges Mohammad Tehranipoor, Hassan Salmani, Xuehui Zhang, and Xiaoxiao Wang University of Connecticut Ramesh Karri, Jeyavijayan Rajendran, and Kurt Rosenfeld Polytechnic Institute of New York University Globalization of the semiconductor industry and evolving fabrication processes have made integrated circuits increasingly vulnerable to Trojans. Researchers must expand efforts to verify trust in intellectual property cores and ICs. ulnerabilities in the current integrated circuit (IC) a trusted design center and foundry, it is expensive and development process have raised serious concerns economically infeasible given current trends in the glo- about possible threats from hardware Trojans balization of IC design and fabrication. On the other hand, to military, financial, transportation, and other verifying trustworthiness requires a postmanufacturing V 1-4 critical systems. An adversary can introduce a Trojan step to validate conformance of the fabricated IC to the through an IC that will disable or destroy a system at some original functional and performance specifications. specific future time. Alternatively, an attacker can design a wire or some other IC component to survive the testing HARDWARE TROJANS phase but fail before the expected lifetime. A hardware A system-on-chip (SoC) design can contain several lay- Trojan can also covertly cause a system to leak confiden- ered and interconnecting functional components, including tial information or secret keys.
    [Show full text]
  • Interdiction in Practice – Hardware Trojan Against a High-Security USB Flash Drive
    Interdiction in Practice { Hardware Trojan Against a High-Security USB Flash Drive Pawel Swierczynski1, Marc Fyrbiak1, Philipp Koppe1, Amir Moradi1, Christof Paar1,2 IEEE Fellow Abstract As part of the revelations about the NSA Keywords hardware Trojan, · real world attack, · activities, the notion of interdiction has become known FPGA security, · AES to the public: the interception of deliveries to manipu- late hardware in a way that backdoors are introduced. Manipulations can occur on the firmware or at hard- 1 Introduction ware level. With respect to hardware, FPGAs are par- ticular interesting targets as they can be altered by In this section we provide an overview of our research manipulating the corresponding bitstream which con- and related previous works in the area of hardware Tro- figures the device. In this paper, we demonstrate the jans and Field Programmable Gate Array (FPGA) se- first successful real-world FPGA hardware Trojan in- curity. sertion into a commercial product. On the target de- vice, a FIPS-140-2 level 2 certified USB flash drive from Kingston, the user data is encrypted using AES-256 in 1.1 Motivation XTS mode, and the encryption/decryption is processed by an off-the-shelf SRAM-based FPGA. Our investiga- As a part of the revelations by Edward Snowden, it be- tion required two reverse-engineering steps, related to came known that the National Security Agency (NSA) the proprietary FPGA bitstream and to the firmware allegedly intercepts communication equipment during of the underlying ARM CPU. In our Trojan insertion shipment in order to install backdoors [28]. For instance, scenario the targeted USB flash drive is intercepted be- Glenn Greenwald claims that firmware modifications fore being delivered to the victim.
    [Show full text]
  • Hardware Security and Trust: a New Battlefield of Information
    Hardware Security and Trust: A New Battlefield of Information Gang Qu University of Maryland, College Park, MD 20742, USA [email protected] Abstract. Hardware security and trust has received a lot of attention in the past 25 years. The purpose of this paper is to introduce the fundamental problems related to hardware security and trust to audiences who do not necessarily have hardware design background. In order to do that, we first discuss the evolving roles of hardware in security from an enable to an enhancer and now an enforcer as it get involves more and more in system security. Then we review the following key problems in hardware security, physical attacks, side channel analysis, intellectual property protection, hardware Trojan, hardware security primitives, and applications in security and trust. We provide a novel view of these problems and the corresponding solutions from the perspective of information battle between the attackers and designers, where we consider three types of information: data collected, processed, and stored by the hardware; information hidden in the design as watermark, fingerprint, and Trojans; and the chip fabrication variations that can be extracted and utilized. It is interesting to see how the hardware security and trust problems can be unified under this framework of information battle (stealing and protection). Unfortunately, there are more unknowns and challenges than what we have discovered on this framework as we illustrated in the section of open problems. However, the emerging Internet of Things and cyber physical systems have provided a large application field for researchers and practitioners to work on hardware based lightweight security.
    [Show full text]
  • 6 Hardware Trojans: Lessons Learned After One Decade of Research
    Hardware Trojans: Lessons Learned after One Decade of Research K. XIAO, ECE Department, University of Connecticut D. FORTE, ECE Department, University of Florida Y. J I N , EECS Department, University of Central Florida R. KARRI, ECE Department, Polytechnic Institute of New York University S. BHUNIA and M. TEHRANIPOOR, ECE Department, University of Florida Given the increasing complexity of modern electronics and the cost of fabrication, entities from around the globe have become more heavily involved in all phases of the electronics supply chain. In this environment, hardware Trojans (i.e., malicious modifications or inclusions made by untrusted third parties) pose major security concerns, especially for those integrated circuits (ICs) and systems used in critical applications and cyber infrastructure. While hardware Trojans have been explored significantly in academia over the last decade, there remains room for improvement. In this article, we examine the research on hardware Trojans from the last decade and attempt to capture the lessons learned. A comprehensive adversarial model taxonomy is introduced and used to examine the current state of the art. Then the past countermeasures and publication trends are categorized based on the adversarial model and topic. Through this analysis, we identify what has been covered and the important problems that are underinvestigated. We also identify the most critical lessonsr for those new to the field and suggest a roadmap for future hardware Trojan research. CCS Concepts: Hardware → Safety critical systems Additional Key Words and Phrases: Hardware security and trust, hardware Trojan attacks, countermea- sures, attack model ACM Reference Format: K. Xiao, D. Forte, Y. Jin, R.
    [Show full text]
  • Hardware Trojan Identification and Detection
    International Journal on Cryptography and Information Security (IJCIS), Vol. 7, No. 2, June 2017 HARDWARE TROJAN IDENTIFICATION AND DETECTION Samer Moein 1, Fayez Gebali 1, T. Aaron Gulliver 1, And Abdulrahman Alkandari 2 1Department of Electrical and Computer Engineering, University of Victoria, Victoria, BC, Canada 2Department of Computer Science, Public Authority for Applied Education and Training, Kuwait City, Kuwait ABSTRACT The majority of techniques developed to detect hardware trojans are based on specific attributes. Further, the ad hoc approaches employed to design methods for trojan detection are largely ineffective. Hardware trojans have a number of attributes which can be used to systematically develop detection techniques. Based on this concept, a detailed examination of current trojan detection techniques and the characteristics of existing hardware trojans is presented. This is used to develop a new approach to hardware trojan identification and classification. This identification can be used to compare trojan risk or severity and trojan detection effectiveness. Identification vectors are generated for each hardware trojan and trojan detection technique based on the corresponding attributes. Vectors are also defined which represent trojan risk or severity and trojan detection effectiveness. KEYWORDS Hardware trojan detection, hardware trojan identification, trojan severity, trojan risk, trojan detection effectiveness 1. INTRODUCTION With the increasing globalization of Integrated Circuit (IC) design and production, hardware trojans have become a serious threat to manufacturers as well as consumers. The use of ICs in critical applications makes the effects of these trojans a very dangerous problem. Unfortunately, the use of untrusted foundries and design tools cannot be eliminated since the complexity of ICs and the sophistication of their manufacture has grown significantly.
    [Show full text]