DOCSLIB.ORG

Principles of Secure Processor Architecture Design

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Principles of Secure Processor Architecture Design Principles of Secure Processor Architecture Design Slides and information available at: http://caslab.csl.yale.edu/tutorials/ Tutorial on Principles of Secure Processor Architecture Design 1 © Jakub Szefer (ver. HOST 2018) Principles of Secure Processor Architecture Design Jakub Szefer Assistant Professor Dept. of Electrical Engineering Yale University HOST 2018 -- April 30th, 2018 Tutorial on Principles of Secure Processor Architecture Design 2 © Jakub Szefer (ver. HOST 2018) Tutorial Outline 9:30 – 9:50 Secure Processor Architectures 9:50 – 10:10 Trusted Execution Environments 10:10 – 10:30 Hardware Roots of Trust 10:30 – 10:50 Memory Protection 10:50 – 11:00 Multiprocessor and Many-core Protections 11:00 – 11:30 Side-Channels Threats and Protections 11:30 – 12:00 Principles of Secure Processor Architecture Design Tutorial on Principles of Secure Processor Architecture Design © Jakub Szefer (ver. HOST 2018) 3 Upcoming Book Jakub Szefer, ”Principles of Secure Processor Architecture Design,” in Synthesis Lectures on Computer Architecture, Morgan & Claypool Publishers Coming Summer 2018 Tutorial on Principles of Secure Processor Architecture Design © Jakub Szefer (ver. HOST 2018) 4 Secure Processor Architectures Trusted Execution Environments Hardware Roots of Trust Memory Protection Multiprocessor and Many-core Protections Side-Channels Threats and Protections Principles of Secure Processor Architecture Design Tutorial on Principles of Secure Processor Architecture Design © Jakub Szefer (ver. HOST 2018) 5 Typical Processor Architecture A simplified view of a processor and the software stack in a general-purpose computer: Processor Chip App App App AppApp App App App App Core Core … $ $ $ $ Guest Guest … Guest OS OS OS $ Hypervisor (VMM) Uncore Hardware Memory I/O Devices Tutorial on Principles of Secure Processor Architecture Design © Jakub Szefer (ver. HOST 2018) 6 Typical Trust Hierarchy (Software) Typical ring-based protection scheme gives most privileges (and most trust) to the lowest levels of the system: App App Compromised or malicious App AppApp App Ring 3 App App App OS can attack all the applications in the system. Guest Guest … Guest Ring 0 OS OS OS Compromised or malicious Hypervisor can attack all Ring -1 Hypervisor (VMM) the OSes in the system. Hardware Image: https://commons.wikimedia.org/wiki/File:Priv_rings.svg Tutorial on Principles of Secure Processor Architecture Design © Jakub Szefer (ver. HOST 2018) 7 Typical Trust Hierarchy (Hardware) Typically a computer system (predating architectures such as Intel SGX or AMD SEV) considers all the components as trusted: Processor Chip Information can be extracted Core Core from memory or memory … $ $ $ $ contents can be modified. $ Snooping on the system bus is possible to extract Uncore information. Compromised or malicious devices can attack other Memory I/O Devices components of the system. Tutorial on Principles of Secure Processor Architecture Design © Jakub Szefer (ver. HOST 2018) 8 Potential Attack Threats Hardware and software that implements the Trusted Computing Base (TCB) can be attacked through numerous attack vectors: Most attacks today are software on software, Software Software Software but importance of others Local on on is growing. Software Hardware Software Remote Attacks Attacks Hardware Hardware Hardware Attack Vectors Attack Local on on Hardware Hardware Software Remote Attacks Attacks TCB TCB Protected Hardware Software Software Attack Targets Tutorial on Principles of Secure Processor Architecture Design © Jakub Szefer (ver. HOST 2018) 9 Hardware Attacks without Physical Access Possibilities for hardware attacks with dedicated tools and lots of money are infinite. However, many non-software attacks that require with no physical access are possible today: Repeated accesses to DRAM rows can cause bits to flip in adjacent DRAM rows, e.g. • Rowhammer to change protection bits in a page table. • Meltdown Out-of-order execution and incorrect checking of protection bits + cache side channel attacks can leak information about protected memory contents. • Spectre Speculative execution + cache side channel attacks can be used to extract data from an application. • ClkScrew Abusing Dynamic Voltage and Frequency Scaling (DVFS) features can allow attacker • … to introduce faults into a system. Tutorial on Principles of Secure Processor Architecture Design © Jakub Szefer (ver. HOST 2018) 10 Protecting from Software and Hardware Attacks Secure Processor Architectures add new hardware and software features to provide Trusted Execution Environments (TEEs) wherein software executes protected from some of the software and hardware threats. • Enhance general-purpose processor with new protection features • Provide new or alternate privilege levels • Utilize software and hardware changes • Facilitate attestation of the protected software Tutorial on Principles of Secure Processor Architecture Design © Jakub Szefer (ver. HOST 2018) 11 New Privilege Levels Modern computer systems define protections in terms of privilege level or protection rings, new privilege levels are defined to provide added protections. Ring 3 Application code, least privileged. Rings 2 and 1 Device drivers and other semi-privileged code, although rarely used. Ring 0 Operating system kernel. Ring -1 Hypervisor or virtual machine monitor (VMM), most privileged mode that a typical system administrator has access to. Ring -2 System management mode (SMM), typically locked down by processor manufacturer Ring -3 Platform management engine, retroactively named “ring -3”, actually runs on a separate management processor. Image: https://commons.wikimedia.org/wiki/File:Priv_rings.svg Tutorial on Principles of Secure Processor Architecture Design © Jakub Szefer (ver. HOST 2018) 12 Extend Linear Trust with New Protection Levels The hardware is most privileged as it is the lowest level in the system. • There is a linear relationship between App App protection ring and privilege (lower ring App AppApp App App is more privileged) Ring 3 App App Guest Guest … Guest • Each component trusts all the software Ring 0 OS OS OS “below” it Ring -1 Hypervisor (VMM) Ring -2 SMM Ring -3 SecE Security Engine (SecE) Hardware can be something like Intel’s ME or AMD’s PSP. Tutorial on Principles of Secure Processor Architecture Design © Jakub Szefer (ver. HOST 2018) 13 Add Horizontal Privilege Separation New privileges can be made orthogonal to existing protection rings. Normal Privileged • E.g. ARM’s “normal” and “secure” worlds Operation Operation • Need privilege level (ring number) and normal / secure privilege Security levels from a lattice: Ring -1 Privileged Ring -1 Ring 0 Normal Privileged Ring 0 Normal Ring 3 Privileged Ring 3 Normal Image: https://commons.wikimedia.org/wiki/File:Priv_rings.svg Tutorial on Principles of Secure Processor Architecture Design © Jakub Szefer (ver. HOST 2018) 14 Breaking Linear Hierarchy of Protection Rings Examples of architectures that do and don’t have a linear relationship between privileges and protection ring level: App App App App App App AppEncl App TSM Ring 3 App Ring 3 App Ring 3 Appave Ring 3 App Guest Guest Guest Guest Ring 0 OS Ring 0 OS Ring 0 OS Ring 0 OS Ring -1 HV Ring -1 HV Ring -1 HV Ring -1 HV Ring -2 SMM Ring -2 SMM Ring -2 SMM Ring -2 SMM Ring -3 SecE Ring -3 SecE Ring -3 SecE Ring -3 SecE Hardware Hardware Hardware Hardware Normal Computer E.g. Bastion E.g. SGX E.g. SEV Tutorial on Principles of Secure Processor Architecture Design © Jakub Szefer (ver. HOST 2018) 15 Example Secure Architecture: Intel SGX Simplified schematic of Intel SGX architecture and the protected Enclave. Processor Chip App App App App App AppEncl App App Appave Core Core … $ $ $ $ Guest Guest … Guest OS OS OS $ Hypervisor (VMM) ME Uncore SMM SecE Hardware Memory I/O Devices Emoji Image: https://www.emojione.com/emoji/1f479 Tutorial on Principles of Secure Processor Architecture Design © Jakub Szefer (ver. HOST 2018) 16 Example Secure Architecture: AMD SEV Simplified schematic of AMD SEV architecture and the protected Virtual Machines. Processor Chip App App App AppApp App App App App Core Core … $ $ $ $ Guest Guest … Guest OS OS OS $ Hypervisor (VMM) PSP Uncore SMM SecE Hardware Memory I/O Devices Emoji Image: https://www.emojione.com/emoji/1f479 Tutorial on Principles of Secure Processor Architecture Design © Jakub Szefer (ver. HOST 2018) 17 Trusted Processor Chip Assumption Key to most secure processor architecture designs is the trusted processor chip assumption. Processor Chip Core Core Whole processor chip is … $ $ $ $ trusted. $ Memory is untrusted. Uncore System bus is untrusted. Devices are untrusted. Memory I/O Devices Tutorial on Principles of Secure Processor Architecture Design © Jakub Szefer (ver. HOST 2018) 18 Trusted Computing Base Trusted Computing Base, or TCB, is the sum total of all the hardware and software which work together to realize the protections offered by the system. • TCB is trusted • TCB may not be trustworthy, if is not verified or is not bug free TCB contains: • All trusted hardware – typically the processor chip • All trusted software – some software levels may be untrusted (e.g. OS in SGX) Tutorial on Principles of Secure Processor Architecture Design © Jakub Szefer (ver. HOST 2018) 19 TCB Example: Intel SGX TCB of the Intel SGX contains the processor chip, and privileged software controlling the protection mechanisms. Processor Chip App App App App App AppEncl Protections are not App App Appave Core Core guaranteed if there is … $ $ $ $ hardware or
Load more

Recommended publications
  • Efficient Checker Processor Design
    Efficient Checker Processor Design Saugata Chatterjee, Chris Weaver, and Todd Austin Electrical Engineering and Computer Science Department University of Michigan {saugatac,chriswea,austin}@eecs.umich.edu Abstract system works to increase test space coverage by proving a design is correct, either through model equivalence or assertion. The approach is significantly more efficient The design and implementation of a modern micro- than simulation-based testing as a single proof can ver- processor creates many reliability challenges. Design- ify correctness over large portions of a design’s state ers must verify the correctness of large complex systems space. However, complex modern pipelines with impre- and construct implementations that work reliably in var- cise state management, out-of-order execution, and ied (and occasionally adverse) operating conditions. In aggressive speculation are too stateful or incomprehen- our previous work, we proposed a solution to these sible to permit complete formal verification. problems by adding a simple, easily verifiable checker To further complicate verification, new reliability processor at pipeline retirement. Performance analyses challenges are materializing in deep submicron fabrica- of our initial design were promising, overall slowdowns tion technologies (i.e. process technologies with mini- due to checker processor hazards were less than 3%. mum feature sizes below 0.25um). Finer feature sizes However, slowdowns for some outlier programs were are generally characterized by increased complexity, larger. more exposure to noise-related faults, and interference In this paper, we examine closely the operation of the from single event radiation (SER). It appears the current checker processor. We identify the specific reasons why advances in verification (e.g., formal verification, the initial design works well for some programs, but model-based test generation) are not keeping pace with slows others.
    [Show full text]
  • Three-Dimensional Integrated Circuit Design: EDA, Design And
    Integrated Circuits and Systems Series Editor Anantha Chandrakasan, Massachusetts Institute of Technology Cambridge, Massachusetts For other titles published in this series, go to http://www.springer.com/series/7236 Yuan Xie · Jason Cong · Sachin Sapatnekar Editors Three-Dimensional Integrated Circuit Design EDA, Design and Microarchitectures 123 Editors Yuan Xie Jason Cong Department of Computer Science and Department of Computer Science Engineering University of California, Los Angeles Pennsylvania State University [email protected] [email protected] Sachin Sapatnekar Department of Electrical and Computer Engineering University of Minnesota [email protected] ISBN 978-1-4419-0783-7 e-ISBN 978-1-4419-0784-4 DOI 10.1007/978-1-4419-0784-4 Springer New York Dordrecht Heidelberg London Library of Congress Control Number: 2009939282 © Springer Science+Business Media, LLC 2010 All rights reserved. This work may not be translated or copied in whole or in part without the written permission of the publisher (Springer Science+Business Media, LLC, 233 Spring Street, New York, NY 10013, USA), except for brief excerpts in connection with reviews or scholarly analysis. Use in connection with any form of information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed is forbidden. The use in this publication of trade names, trademarks, service marks, and similar terms, even if they are not identified as such, is not to be taken as an expression of opinion as to whether or not they are subject to proprietary rights. Printed on acid-free paper Springer is part of Springer Science+Business Media (www.springer.com) Foreword We live in a time of great change.
    [Show full text]
  • Understanding Performance Numbers in Integrated Circuit Design Oprecomp Summer School 2019, Perugia Italy 5 September 2019
    Understanding performance numbers in Integrated Circuit Design Oprecomp summer school 2019, Perugia Italy 5 September 2019 Frank K. G¨urkaynak [email protected] Integrated Systems Laboratory Introduction Cost Design Flow Area Speed Area/Speed Trade-offs Power Conclusions 2/74 Who Am I? Born in Istanbul, Turkey Studied and worked at: Istanbul Technical University, Istanbul, Turkey EPFL, Lausanne, Switzerland Worcester Polytechnic Institute, Worcester MA, USA Since 2008: Integrated Systems Laboratory, ETH Zurich Director, Microelectronics Design Center Senior Scientist, group of Prof. Luca Benini Interests: Digital Integrated Circuits Cryptographic Hardware Design Design Flows for Digital Design Processor Design Open Source Hardware Integrated Systems Laboratory Introduction Cost Design Flow Area Speed Area/Speed Trade-offs Power Conclusions 3/74 What Will We Discuss Today? Introduction Cost Structure of Integrated Circuits (ICs) Measuring performance of ICs Why is it difficult? EDA tools should give us a number Area How do people report area? Is that fair? Speed How fast does my circuit actually work? Power These days much more important, but also much harder to get right Integrated Systems Laboratory The performance establishes the solution space Finally the cost sets a limit to what is possible Introduction Cost Design Flow Area Speed Area/Speed Trade-offs Power Conclusions 4/74 System Design Requirements System Requirements Functionality Functionality determines what the system will do Integrated Systems Laboratory Finally the cost sets a limit
    [Show full text]
  • CSE 141L: Design Your Own Processor What You'll
    CSE 141L: Design your own processor What you’ll do: - learn Xilinx toolflow - learn Verilog language - propose new ISA - implement it - optimize it (for FPGA) - compete with other teams Grading 15% lab participation – webboard 85% various parts of the labs CSE 141L: Design your own processor Teams - two people - pick someone with similar goals - you keep them to the end of the class - more on the class website: http://www.cse.ucsd.edu/classes/sp08/cse141L/ Course Staff: 141L Instructor: Michael Taylor Email: [email protected] Office Hours: EBU 3b 4110 Tuesday 11:30-12:20 TA: Saturnino Email: [email protected] ebu 3b b260 Lab Hours: TBA (141 TA: Kwangyoon) Æ occasional cameos in 141L http://www-cse.ucsd.edu/classes/sp08/cse141L/ Class Introductions Stand up & tell us: -Name - How long until graduation - What you want to do when you “hit the big time” - What kind of thing you find intellectually interesting What is an FPGA? Next time: (Tuesday) Start working on Xilinx assignment (due next Tuesday) - should be posted Sat will give a tutorial on Verilog today Check the website regularly for updates: http://www.cse.ucsd.edu/classes/sp08/cse141L/ CSE 141: 0 Computer Architecture Professor: Michael Taylor UCSD Department of Computer Science & Engineering RF http://www.cse.ucsd.edu/classes/sp08/cse141/ Computer Architecture from 10,000 feet foo(int x) Class of { .. } application Physics Computer Architecture from 10,000 feet foo(int x) Class of { .. } application An impossibly large gap! In the olden days: “In 1942, just after the United States entered World War II, hundreds of women were employed around the country as Physics computers...” (source: IEEE) The Great Battles in Computer Architecture Are About How to Refine the Abstraction Layers foo(int x) { .
    [Show full text]
  • Processor Architecture Design Using 3D Integration Technology
    Processor Architecture Design Using 3D Integration Technology Yuan Xie Pennsylvania State University Computer Science and Engineering Department University Park, PA, 16802, USA [email protected] Abstract (4)Smaller form factor, which results in higher pack- ing density and smaller footprint due to the addition of The emerging three-dimensional (3D) chip architec- a third dimension to the conventional two dimensional tures, with their intrinsic capability of reducing the wire layout, and potentially results in a lower cost design. length, is one of the promising solutions to mitigate This tutorial paper first presents the background on the interconnect problem in modern microprocessor de- 3D integration technology, and then reviews various ap- signs. 3D memory stacking also enables much higher proaches to design future 3D microprocessors, which memory bandwidth for future chip-multiprocessor de- leverage the benefits of fast latency, higher bandwidth, sign, mitigating the “memory wall” problem. In addi- and heterogeneous integration capability that are offered tion, heterogenous integration enabled by 3D technol- by 3D technology. The challenges for future 3D archi- ogy can also result in innovation designs for future mi- tecture design are also discussed in the last section. croprocessors. This paper serves as a survey of various approaches to design future 3D microprocessors, lever- 2. 3D Integration Technology aging the benefits of fast latency, higher bandwidth, and The 3D integration technologies [25,26] can be clas- heterogeneous integration capability that are offered by sified into one of the two following categories. (1) 3D technology. 1 Monolithic approach. This approach involves sequen- tial device process. The frontend processing (to build the 1.
    [Show full text]
  • Processor Design:System-On-Chip Computing For
    Processor Design Processor Design System-on-Chip Computing for ASICs and FPGAs Edited by Jari Nurmi Tampere University of Technology Finland A C.I.P. Catalogue record for this book is available from the Library of Congress. ISBN 978-1-4020-5529-4 (HB) ISBN 978-1-4020-5530-0 (e-book) Published by Springer, P.O. Box 17, 3300 AA Dordrecht, The Netherlands. www.springer.com Printed on acid-free paper All Rights Reserved © 2007 Springer No part of this work may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, microfilming, recording or otherwise, without written permission from the Publisher, with the exception of any material supplied specifically for the purpose of being entered and executed on a computer system, for exclusive use by the purchaser of the work. To Pirjo, Lauri, Eero, and Santeri Preface When I started my computing career by programming a PDP-11 computer as a freshman in the university in early 1980s, I could not have dreamed that one day I’d be able to design a processor. At that time, the freshmen were only allowed to use PDP. Next year I was given the permission to use the famous brand-new VAX-780 computer. Also, my new roommate at the dorm had got one of the first personal computers, a Commodore-64 which we started to explore together. Again, I could not have imagined that hundreds of times the processing power will be available in an everyday embedded device just a quarter of century later.
    [Show full text]
  • Design Software & Development Kit Selector Guide
    ® Design Software & Development Kit Selector Guide April 2004 Table of Contents Quartus II Design Software Leadership ................................ page 2 Selecting a Design Software Product ................................... page 5 System Design Technology Recommended System Configurations ................................. page 8 Altera’s Quartus II software is the industry’s only design Altera Programming Hardware........................................... page 8 environment that supports Intellectual Property (IP)-based Altera Development Kits................................................... page 10 system design—including complete and automated system definition and implementation—without requiring lower- Third-Party Solutions........................................................ page 10 level hardware description language (HDL) or schematics. This capability enables designers to turn their concepts into working systems in minutes. The Quartus II system design tools include: Quartus II Design Software SOPC Builder: A system development tool that automates Leadership adding, parameterizing, and linking IP cores—including Altera’s Quartus® II software leads the embedded processors, co-processors, peripherals, memories, industry as the most comprehensive and user-defined logic—without requiring lower-level HDL environment available for FPGA, CPLD, or schematics. (See Figure 1.) and structured ASIC designs, delivering DSP Builder: Shortens digital signal processing (DSP) design unmatched performance, efficiency, and ease-of-use.
    [Show full text]
  • Physical Design of a 3D-Stacked Heterogeneous Multi-Core Processor
    Physical Design of a 3D-Stacked Heterogeneous Multi-Core Processor Randy Widialaksono, Rangeen Basu Roy Chowdhury, Zhenqian Zhang, Joshua Schabel, Steve Lipa, Eric Rotenberg, W. Rhett Davis, Paul Franzon Department of Electrical and Computer Engineering North Carolina State University, Raleigh, NC, USA frhwidial, rbasuro, zzhang18, jcledfo3, slipa, ericro, wdavis, [email protected] Abstract—With the end of Dennard scaling, three dimensional TSV (I/O pads) stacking has emerged as a promising integration technique to Bulk improve microprocessor performance. In this paper we present Active First metal layer a 3D-SIC physical design methodology for a multi-core processor using commercial off-the-shelf tools. We explain the various Metal High-performance core flows involved and present the lessons learned during the design Last metal layer process. The logic dies were fabricated with GlobalFoundries Face-to-face micro-bumps 130 nm process and were stacked using the Ziptronix face-to- Metal Low-power core face (F2F) bonding technology. We also present a comparative analysis which highlights the benefits of 3D integration. Results indicate an order of magnitude decrease in wirelengths for critical Active inter-core components in the 3D implementation compared to 2D Bulk implementations. I. INTRODUCTION Fig. 1. Cross-section of the face-to-face bonded 3D-IC stack. As performance benefits from technology scaling slows The primary advantage of 3D-stacking comes from reduced down, computer architects are looking at various architectural wirelengths leading to an improvement in routability and signal techniques to maintain the trend of performance improvement, delays. On the other hand, going 3D also increases design while meeting the power budget.
    [Show full text]
  • Modern Processor Design: Fundamentals of Superscalar
    Fundamentals of Superscalar Processors John Paul Shen Intel Corporation Mikko H. Lipasti University of Wisconsin WAVELAND PRESS, INC. Long Grove, Illinois To Our parents: Paul and Sue Shen Tarja and Simo Lipasti Our spouses: Amy C. Shen Erica Ann Lipasti Our children: Priscilla S. Shen, Rachael S. Shen, and Valentia C. Shen Emma Kristiina Lipasti and Elias Joel Lipasti For information about this book, contact: Waveland Press, Inc. 4180 IL Route 83, Suite 101 Long Grove, IL 60047-9580 (847) 634-0081 info @ waveland.com www.waveland.com Copyright © 2005 by John Paul Shen and Mikko H. Lipasti 2013 reissued by Waveland Press, Inc. 10-digit ISBN 1-4786-0783-1 13-digit ISBN 978-1-4786-0783-0 All rights reserved. No part of this book may be reproduced, stored in a retrieval system, or transmitted in any form or by any means without permission in writing from the publisher. Printed in the United States of America 7 6 5 4 3 2 1 Table of Contents PrefaceAbout the Authors x ix 1 Processor Design 1 1.1 The Evolution of Microprocessors 2 1.21.2.1 Instruction Digital Set Systems Processor Design Design 44 1.2.2 Architecture,Realization Implementation, and 5 1.2.3 Instruction Set Architecture 6 1.2.4 Dynamic-Static Interface 8 1.3 Principles of Processor Performance 10 1.3.1 Processor Performance Equation 10 1.3.2 Processor Performance Optimizations 11 1.3.3 Performance Evaluation Method 13 1.4 Instruction-Level Parallel Processing 16 1.4.1 From Scalar to Superscalar 16 1.4.2 Limits of Instruction-Level Parallelism 24 1.51.4.3 Machines Summary for Instruction-Level
    [Show full text]
  • Designing Digital Circuits a Modern Approach
    Designing Digital Circuits a modern approach Jonathan Turner 2 Contents I First Half 5 1 Introduction to Designing Digital Circuits 7 1.1 Getting Started . .7 1.2 Gates and Flip Flops . .9 1.3 How are Digital Circuits Designed? . 10 1.4 Programmable Processors . 12 1.5 Prototyping Digital Circuits . 15 2 First Steps 17 2.1 A Simple Binary Calculator . 17 2.2 Representing Numbers in Digital Circuits . 21 2.3 Logic Equations and Circuits . 24 3 Designing Combinational Circuits With VHDL 33 3.1 The entity and architecture . 34 3.2 Signal Assignments . 39 3.3 Processes and if-then-else . 43 4 Computer-Aided Design 51 4.1 Overview of CAD Design Flow . 51 4.2 Starting a New Project . 54 4.3 Simulating a Circuit Module . 61 4.4 Preparing to Test on a Prototype Board . 66 4.5 Simulating the Prototype Circuit . 69 3 4 CONTENTS 4.6 Testing the Prototype Circuit . 70 5 More VHDL Language Features 77 5.1 Symbolic constants . 78 5.2 For and case statements . 81 5.3 Synchronous and Asynchronous Assignments . 86 5.4 Structural VHDL . 89 6 Building Blocks of Digital Circuits 93 6.1 Logic Gates as Electronic Components . 93 6.2 Storage Elements . 98 6.3 Larger Building Blocks . 100 6.4 Lookup Tables and FPGAs . 105 7 Sequential Circuits 109 7.1 A Fair Arbiter Circuit . 110 7.2 Garage Door Opener . 118 8 State Machines with Data 127 8.1 Pulse Counter . 127 8.2 Debouncer . 134 8.3 Knob Interface . 137 8.4 Two Speed Garage Door Opener .
    [Show full text]
  • A Thesis Entitled Design of a Hardware Security PUF Immune To
    A Thesis Entitled Design of a Hardware Security PUF Immune to Machine Learning Attacks By Nitin K. Pundir Submitted to the Graduate Faculty as partial fulfillment of the requirements for the Master of Science Degree in Electrical Engineering ________________________________________ Dr. Mohammed Niamat, Committee Chair ________________________________________ Dr. Mansoor Alam, Committee Member ________________________________________ Dr. Hong Wang, Committee Member ________________________________________ Dr. Amanda Bryant-Friedrich, Dean College of Graduate Studies The University of Toledo December 2017 Copyright 2017, Nitin K. Pundir This document is copyrighted material. Under copyright law, no parts of this document may be reproduced without the expressed permission of the author. An Abstract of Design of a Hardware Security PUF Immune to Machine Learning Attacks By Nitin K. Pundir Submitted to the Graduate Faculty as partial fulfillment of the requirements for the Master of Science Degree in Electrical Engineering The University of Toledo December 2017 The technology and cyberspace sector is losing billions each year to hardware security threats. The incidents of usage of counterfeiting chips are doubling each year. The Electronic Resellers Association International (ERAI) reported that in the year 2011 more than 1300 counterfeits were reported. The incidents were double of what were reported in 2008. The report from Federal Contracts acknowledges the threats emanating from counterfeit chips and says it threatens the successful operations of US Weapon Systems. Meanwhile, electronic counterfeiting of chips continues to be a very profitable business on the dark web by crooked operatives. Physical Unclonable Functions (PUFs) are emerging as hardware security primitives to deal with security issues such as cloning, hacking, copying, and detection of Trojans.
    [Show full text]
  • Infrastructure and Primitives for Hardware Security in Integrated Circuits
    INFRASTRUCTURE AND PRIMITIVES FOR HARDWARE SECURITY IN INTEGRATED CIRCUITS by ABHISHEK BASAK Submitted in partial fulfillment for the degree of Doctor of Philosophy in Electrical Engineering and Computer Science CASE WESTERN RESERVE UNIVERSITY May 2016 CASE WESTERN RESERVE UNIVERSITY SCHOOL OF GRADUATE STUDIES We hereby approve the dissertation of ABHSIHEK BASAK Candidate for the degree of Doctor of Philosophy Committee Chair Swarup Bhunia Committee Member Frank Merat Committee Member Soumyajit Mandal Committee Member Ming-Chun Huang Committee Member Sandip Ray Date of Defense 03/15/2016 We also certify that any written approval has been obtained for any proprietary material contained therein. To my Family and Friends i Contents List of Tables vi List of Figures viii Abbreviations xii Acknowledgements xiv Abstract xvi 1 Introduction 1 1.1 What are Counterfeit ICs? . 3 1.2 Related Work on Countermeasures against Counterfeit ICs . 6 1.3 Major Contributions of Research (Part I) . 8 1.4 System-on-Chip (SoC) Security . 11 1.4.1 Background on SoC Security Policies . 13 1.4.2 Issues with Current SoC Design Trends . 15 1.4.3 Related Work . 17 1.5 Major Contributions of Research (Part II) . 18 1.6 Organization of Thesis . 21 2 Antifuse based Active Protection against Counterfeit ICs 22 2.1 C-Lock Methodology . 23 2.1.1 Business Model . 25 2.1.2 Pin Lock Structure . 26 2.1.3 Lock Insertion in I/O Port Circuitry . 27 2.1.4 Programming the Key . 28 2.1.5 Design Circuitry for Chip Unlocking . 29 2.1.5.1 Lock/Unlock Controller State Transitions .
    [Show full text]