Domenic Forte

Hardware Trojans: Lessons Learned after One Decade of Research

Given the increasing complexity of modern electronics and the cost of fabrication, entities from around the globe have become more heavily involved in all phases of the electronics supply chain. In this environment, hardware Trojans (i.e., malicious modifications or inclusions made by untrusted third parties) pose major security concerns, especially for those integrated circuits (ICs) and systems used in critical applications and cyber infrastructure. While hardware Trojans have been explored significantly in academia over the last decade, there remains room for improvement. In this article, we examine the research on hardware Trojans from the last decade and attempt to capture the lessons learned. A comprehensive adversarial model taxonomy is introduced and used to examine the current state of the art. Then the past countermeasures and publication trends are categorized based on the adversarial model and topic. Through this analysis, we identify what has been covered and the important problems that are underinvestigated. We also identify the most critical lessons for those new to the field and suggest a roadmap for future hardware Trojan research.

ARO-PUF: An aging-resistant ring oscillator PUF design

Physically Unclonable Functions (PUFs) have emerged as a security block with the potential to generate chip-specific identifiers and cryptographic keys. However it has been shown that the stability of these identifiers and keys is heavily impacted by aging and environmental variations. Previous techniques have mostly focused on improving PUF robustness against supply noise and temperature but aging has been largely neglected. In this paper, we propose a new aging resistant design for the popular ring-oscillator (RO)-PUF. Simulation results demonstrate that our aging resistant RO-PUF (called ARO-PUF) can produce unique, random, and more reliable keys. Only 7.7% bits get flipped on average over 10 years operation period for an ARO-PUF due to aging where the value is 32% for a conventional RO-PUF. The ARO-PUF shows an average interchip HD of 49.67% (close to ideal value 50%) and better than the conventional RO-PUF (~45%). With lower error, ARO-PUF offers ~ 24X area reduction for a 128-bit key because of reduced ECC complexity and smaller PUF footprint.

Temperature tracking: an innovative run-time approach for hardware Trojan detection

The hardware Trojan threat has motivated development of Trojan detection schemes at all stages of the integrated circuit (IC) lifecycle. While the majority of existing schemes focus on ICs at test-time, there are many unique advantages offered by post-deployment/run-time Trojan detection. However, run-time approaches have been underutilized with prior work highlighting the challenges of implementing them with limited hardware resources. In this paper, we propose innovative low-overhead approaches for run-time Trojan detection which exploit the thermal sensors already available in many modern systems to detect deviations in power/thermal profiles caused by Trojan activation. Simulation results using state-of-the-art tools on publicly available Trojan benchmarks verify that our approaches can detect active Trojans quickly and with few false positives.

A Survey on Chip to System Reverse Engineering

The reverse engineering (RE) of electronic chips and systems can be used with honest and dishonest intentions. To inhibit RE for those with dishonest intentions (e.g., piracy and counterfeiting), it is important that the community is aware of the state-of-the-art capabilities available to attackers today. In this article, we will be presenting a survey of RE and anti-RE techniques on the chip, board, and system levels. We also highlight the current challenges and limitations of anti-RE and the research needed to overcome them. This survey should be of interest to both governmental and industrial bodies whose critical systems and intellectual property (IP) require protection from foreign enemies and counterfeiters who possess advanced RE capabilities.

Bit selection algorithm suitable for high-volume production of SRAM-PUF

Physically Unclonable Functions (PUFs) are impacted by environmental variations and aging which can reduce their acceptance in identification and authentication applications. Prior approaches to improve PUF reliability include bit analysis across environmental conditions, better design, and post-processing error correction, but these are of high cost in terms of test time and design overheads, making them unsuitable for high volume production. In this paper, we aim to address this issue for SRAM PUFs with novel bit analysis and bit selection algorithms. Our analysis of real SRAM PUFs reveals (i) critical conditions on which to select stable SRAM cells for PUF at low-cost (ii) unexplored spatial correlation between stable bits, i.e., cells that are the most stable tend to be surrounded by stable cells determined during enrollment. We develop a bit selection procedure around these observations that produces very stable bits for the PUF generated ID/key. Experimental data from real SRAM PUFs show that our approaches can effectively reduce number of errors in PUF IDs/keys with fewer enrollment steps.

On application of one-class SVM to reverse engineering-based hardware Trojan detection

Due to design and fabrication outsourcing to foundries, the problem of malicious modifications to integrated circuits known as hardware Trojans has attracted attention in academia as well as industry. To reduce the risks associated with Trojans, researchers have proposed different approaches to detect them. Among these approaches, test-time detection approaches have drawn the greatest attention and most approaches assume the existence of a “golden model”. Prior works suggest using reverse-engineering to identify such Trojan-free ICs for the golden model but they did not state how to do this efficiently. In this paper, we propose an innovative and robust reverseengineering approach to identify the Trojan-free ICs. We adapt a well-studied machine learning method, one-class support vector machine, to solve our problem. Simulation results using state-of-the-art tools on several publicly available circuits show that our approach can detect hardware Trojans with high accuracy rate across different modeling and algorithm parameters.

Memristor PUF—A Security Primitive: Theory and Experiment

Physical unclonable functions (PUFs) have emerged as a promising hardware security primitive, but existing CMOS PUFs suffer from issues related to reliability and susceptibility to modeling attacks. Memristors, leveraging nanotechnology fabrication process and highly nonlinear behavior, pose as an interesting alternative. In this paper, we report the first demonstration of memristor based PUFs. The six memristors we fabricated show a 50% uncertainty of PUF response and high reliability upon repeated interrogation. A physics based circuit model of memristors was also implemented to accurately determine the simulation time required for randomly selected polyominoes from a 3-D array of memristors. The proposed model provides higher degree of complexity and results in seven orders of increase in simulation time for an attacker than that reported by Rajendran , 2012.

Efficient and secure split manufacturing via obfuscated built-in self-authentication

The threats of reverse-engineering, IP piracy, and hardware Trojan insertion in the semiconductor supply chain are greater today than ever before. Split manufacturing has emerged as a viable approach to protect integrated circuits (ICs) fabricated in untrusted foundries, but has high cost and/or high performance overhead. Furthermore, split manufacturing cannot fully prevent untargeted hardware Trojan insertions. In this paper, we propose to insert additional functional circuitry called obfuscated built-in self-authentication (OBISA) in the chip layout with split manufacturing process, in order to prevent reverse-engineering and further prevent hardware Trojan insertion. Self-tests are performed to authenticate the trustworthiness of the OBISA circuitry. The OBISA circuit is connected to original design in order to increase the strength of obfuscation, thereby allowing a higher layer split and lower overall cost. Additional fan-outs are created in OBISA circuitry to improve obfuscation without losing testability. Our proposed gating mechanism and net selection method can ensure negligible overhead in terms of area, timing, and dynamic power. Experimental results demonstrate the effectiveness of the proposed technique in several benchmark circuits.

An Aging-Resistant RO-PUF for Reliable Key Generation

Physical unclonable functions (PUFs) have emerged as a promising security primitive for low-cost authentication and cryptographic key generation. However, PUF stability with respect to temporal variations still limits its utility and widespread acceptance. Previous techniques in the literature have focused on improving PUF robustness against voltage and temperature variations, but the issues associated with aging have been largely neglected. In this paper, we address aging in the popular ring oscillator (RO)-PUF. We propose a new aging-resistant design that reduces sensitivity to negative-bias temperature instability and hot-carrier injection stresses. Simulation results demonstrate that our aging-resistant RO-PUF (ARO-PUF) can produce unique, random, and more reliable keys. On an average, only 3.8% bits of an ARO-PUF flip over a ten-year operational period because of aging, compared with a 12.8% bit flip for a conventional RO-PUF. The proposed ARO-PUF allows us to eliminate the need for error correction by adding extra ROs. The result shows that an ARO-PUF saves ~32x area overhead compared with a conventional RO-PUF with required error correction schemes for a reliable key.

A Novel Built-In Self-Authentication Technique to Prevent Inserting Hardware Trojans

With the rapid globalization of the semiconductor industry, hardware Trojans have become a significant threat to government agencies and enterprises that require secure and reliable systems for their critical applications. Because of the diversity of hardware Trojans and the randomness associated with process variations, hardware Trojan detection is a challenging problem. In this paper, we propose a novel technique, called built-in self-authentication (BISA), which can be used to make hardware Trojan insertion by untrusted Graphic Data System (GDSII) developer and untrusted foundry considerably more difficult and easier to detect. The unused spaces in the circuit layout represent the best opportunity to insert Trojans by these entities. BISA works by eliminating this spare space and filling it with functional filler cells, instead of nonfunctional filler cells. A self-testing procedure generates a digital signature that will be different if any BISA cells are changed because of hardware Trojan insertion. We demonstrate that BISA can be applied to any flat or bottom-up hierarchical design with negligible overhead in terms of area, power, and timing.