James Bradley Wendt

Security of IoT systems: design challenges and opportunities

Computer-aided design (CAD), in its quest to facilitate new design revolutions, is again on the brink of changing its scope. Following both historical and recent technological and application trends, one can identify several emerging research and development directions in which CAD approaches and techniques may have major impacts. Among them, due to the potential to fundamentally alter everyday life as well as how science and engineering systems are designed and operated, the Internet of Things (IoT) stands out. IoT also poses an extraordinary system replete with conceptual and technical challenges. For instance, greatly reduced quantitative bounds on acceptable area and energy metrics require qualitative breakthroughs in design and optimization techniques. Most likely the most demanding of requirements for the widespread realization of many IoT visions is security. IoT security has an exceptionally wide scope in at least four dimensions. In terms of security scope it includes rarely addressed tasks such as trusted sensing, computation, communication, privacy, and digital forgetting. It also asks for new and better techniques for the protection of hardware, software, and data that considers the possibility of physical access to IoT devices. Sensors and actuators are common components of IoT devices and pose several unique security challenges including the integrity of physical signals and actuating events. Finally, during processing of collected data, one can envision many semantic attacks. Our strategic objective is to provide an impetus for the development of IoT CAD security techniques. We start by presenting a brief survey of IoT challenges and opportunities with an emphasis on security issues. Next, we discuss the potential of hardware-based IoT security approaches. Finally, we conclude with several case studies that advocate the use of stable PUFs and digital PPUFs for several IoT security protocols.

Nano Meets Security: Exploring Nanoelectronic Devices for Security Applications

Information security has emerged as an important system and application metric. Classical security solutions use algorithmic mechanisms that address a small subset of emerging security requirements, often at high-energy and performance overhead. Further, emerging side-channel and physical attacks can compromise classical security solutions. Hardware security solutions overcome many of these limitations with less energy and performance overhead. Nanoelectronics-based hardware security preserves these advantages while enabling conceptually new security primitives and applications. This tutorial paper shows how one can develop hardware security primitives by exploiting the unique characteristics such as complex device and system models, bidirectional operation, and nonvolatility of emerging nanoelectronic devices. This paper then explains the security capabilities of several emerging nanoelectronic devices: memristors, resistive random-access memory, contact-resistive random-access memory, phase change memories, spin torque-transfer random-access memory, orthogonal spin transfer random access memory, graphene, carbon nanotubes, silicon nanowire field-effect transistors, and nanoelectronic mechanical switches. Further, the paper describes hardware security primitives for authentication, key generation, data encryption, device identification, digital forensics, tamper detection, and thwarting reverse engineering. Finally, the paper summarizes the outstanding challenges in using emerging nanoelectronic devices for security.

Hardware obfuscation using PUF-based logic

There is a great need to develop universal and robust techniques for intellectual property protection of integrated circuits. In this paper, we introduce techniques for the obfuscation of an arbitrary circuit by using physical unclonable functions (PUFs) and programmable logic. Specifically, we introduce the notion of PUF-based logic which can be configured to be functionally equivalent to any arbitrary design, as well as a new architecture for wire merging that obfuscates signal paths exponentially. We systematically apply our techniques in such a way so as to maximize obfuscation while minimizing area and delay overhead. We analyze our techniques on popular benchmark circuits and show them to be resilient against very powerful reverse engineering attacks in which the adversary has knowledge of the complete netlist along with the ability to read and write to any flip-flop in the circuit.

Nanotechnology-based trusted remote sensing

We present a new nanotechnology PPUF-based architecture for trusted remote sensing. Current public physical unclonable function designs encompass complex circuits requiring high measurement accuracy and whose size slows down the authentication process. Our novel nanotechnology-based architecture ensures fast authentication through partial simulation while maintaining robust security. We authenticate over partitions in the design space in order to alleviate the authentication burden while still ensuring attack by simulation is entirely ineffective. We contribute new nanotechnology-based security protocols for authentication and time-stamping for trusted remote sensing.

Digital bimodal function: an ultra-low energy security primitive

We have developed a new security hardware primitive named digital bimodal function (DBF) that enables ultra low energy security protocols. DBF allows the computation of legitimate communicating sides to be compact and low-energy while it requires any attacker exponential computational effort and energy expense. Our new approach is competitive with the energy efficiency of traditional security key cryptographic security technique (e.g., AES) while more than three orders of magnitude more energy efficient than RSA. The implementation is demonstrated using the Xilinx FPGA platform.

Quo vadis, PUF?: Trends and challenges of emerging physical-disorder based security

The physical unclonable function (PUF) has emerged as a popular and widely studied security primitive based on the randomness of the underlying physical medium. To date, most of the research emphasis has been placed on finding new ways to measure randomness, hardware realization and analysis of a few initially proposed structures, and conventional secret-key based protocols. In this work, we present our subjective analysis of the emerging and future trends in this area that aim to change the scope, widen the application domain, and make a lasting impact. We emphasize on the development of new PUF-based primitives and paradigms, robust protocols, public-key protocols, digital PUFs, new technologies, implementations, metrics and tests for evaluation/validation, as well as relevant attacks and countermeasures.

Secure remote sensing and communication using digital pufs

Small form, mobile, and remote sensor network systems require secure and ultralow power data collection and communication solutions due to their energy constraints. The physical unclonable function (PUF) has emerged as a popular modern low power security primitive. However, current designs are analog in nature and susceptible to instability and difficult to integrate into existing circuitry. In this paper, we present the digital PUF which is stable in the same sense that digital logic is stable, has a very small footprint and very small timing overhead, and can be easily integrated into existing designs. We demonstrate the use of the digital PUF on two applications that are crucial for sensor networks: trusted remote sensing and logic obfuscation. We present our security analysis using standard randomness tests and confusion and diffusion analysis, and apply our new obfuscation approach on a set of standard design benchmarks.

Medical diagnostic-based sensor selection

Wearable sensing systems have facilitated a variety of applications in Wireless Health. Due to the considerable number of sensors and their constant monitoring these systems are often expensive and power hungry. Traditional approaches to sensor selection in large multisensory arrays attempt to alleviate these issues by removing redundant sensors while maintaining overall sensor predictability. However, predicting sensors is unnecessary if ultimately the system needs only to quantify diagnostic measurements specific to the application domain. We propose a new method for optimizing the design of medical sensor systems through diagnostic-based bottom-up sensor selection. We reduce the original sensor array from ninety nine to twelve sensors while maintaining a prediction error rate of less than 5% over all diagnostic metrics in our testing dataset.

Matched Digital PUFs for Low Power Security in Implantable Medical Devices

Wireless communication is widely used in Implantable Medical Devices (IMDs) to facilitate data transmission, device programming, and real time monitoring. However, wireless systems are easy targets for attackers to inspect and potentially breach. Thus, security and privacy have become principal design requirements for IMDs. The challenge in secure IMD design stems from the conflicting constraints of the IMD (e.g. Utility, safety, privacy, security, size, and low power). In this paper, we propose a new ultra low power approach for non-invasive and secure communication and operation of IMDs. We exploit the inherent process variations in an FPGAs SRAM cells to create a unique and random input-output mapping, which we then match in an ASIC design, thus, creating two matched digital physical unclonable functions (PUFs). The smaller design is embedded with the IMD while the FPGA remains with the programmer (e.g. Doctor). We present our architecture, introduce accompanying protocols for secure cryptographic communication and trusted remote computation, and provide an analysis of the systems resilience to various security attacks. Our system is the first hardware-based digital security system proposed for IMDs. It is orders of magnitude lower in delay and energy consumption that traditional cryptographic techniques.

The bidirectional polyomino partitioned PPUF as a hardware security primitive

Physical unclonable functions (PUFs) have demonstrated great potential as fast and robust hardware security primitives. Public physical unclonable functions (PPUFs) have removed the main conceptual limitations of PUFs by enabling the creation of public key protocols. Traditional methods of constructing PPUFs leverage intrinsic process variation in submicron integrated circuits. However, these implementations impose high power usage and require long simulation times, producing high latency protocols. We propose to use next generation CMOS-compatible technologies, such as memristors and nanowires, whose components exhibit non-linear circuit characteristics, for the creation of PPUFs. We utilize the bidirectional nature of these components and introduce a novel architecture of PPUF polyomino partitioning. Furthermore, we present new security protocols that authenticate orders of magnitude faster than their CMOS-based PPUF counterparts. We simulate the design and demonstrate its resilience to a host of attacks using SPICE circuit simulation.