Mark G. Karpovsky

On a new class of codes for identifying vertices in graphs

We investigate a new class of codes for the optimal covering of vertices in an undirected graph G such that any vertex in G can be uniquely identified by examining the vertices that cover it. We define a ball of radius t centered on a vertex /spl upsi/ to be the set of vertices in G that are at distance at most t from /spl upsi/. The vertex /spl upsi/ is then said to cover itself and every other vertex in the ball with center /spl upsi/. Our formal problem statement is as follows: given an undirected graph G and an integer t/spl ges/1, find a (minimal) set C of vertices such that every vertex in G belongs to a unique set of balls of radius t centered at the vertices in C. The set of vertices thus obtained constitutes a code for vertex identification. We first develop topology-independent bounds on the size of C. We then develop methods for constructing C for several specific topologies such as binary cubes, nonbinary cubes, and trees. We also describe the identification of sets of vertices using covering codes that uniquely identify single vertices. We develop methods for constructing optimal topologies that yield identifying codes with a minimum number of codewords. Finally, we describe an application of the theory developed in this paper to fault diagnosis of multiprocessor systems.

Covering radius---Survey and recent results

All known results on covering radius are presented, as well as some new results. There are a number of upper and lower bounds, including asymptotic results, a few exact determinations of covering radius, some extensive relations with other aspects of coding theory through the Reed-Muller codes, and new results on the least covering radius of any linear [n,k] code. There is also a recent result on the complexity of computing the covering radius.

A data compression technique for built-in self-test

A data compression technique called self-testable and error-propagating space compression is proposed and analyzed. Faults in a realization of Exclusive-OR and Exclusive-NOR gates are analyzed, and the use of these gates in the design of self-testing and error propagating space compressors is discussed. It is argued that the proposed data-compression technique reduce the hardware complexity in built-in self-test (BIST) logic designs using external tester environments. >

Robust protection against fault-injection attacks on smart cards implementing the advanced encryption standard

We present a method of protecting a hardware implementation of the advanced encryption standard (AES) against a side-channel attack known as differential fault analysis attack. The method uses systematic nonlinear (cubic) robust error detecting codes. Error-detecting capabilities of these codes depend not just on error patterns (as in the case of linear codes) but also on data at the output of the device which is protected by the code and this data is unknown to the attacker since it depends on the secret key. In addition to this, the proposed nonlinear (n,k)-codes reduce the fraction of undetectable errors from 2/sup -r/ to 2/sup -2r/ as compared to the corresponding (n,k) linear code (where n - k = r and k >= r). We also present results on a FPGA implementation of the proposed protection scheme for AES as well as simulation results on efficiency of the robust codes.

Application of network calculus to general topologies using turn-prohibition

Network calculus is known to apply in general only to feedforward routing networks, i.e., networks where routes do not create cycles of interdependent packet flows. In this paper, we address the problem of using network calculus in networks of arbitrary topology. For this purpose, we introduce a novel graph-theoretic algorithm, called turn-prohibition (TP), that breaks all the cycles in a network and, thus, prevents any interdependence between flows. We prove that the TP-algorithm prohibits the use of at most 1/3 of the total number turns in a network, for any network topology. Using analysis and simulation, we show that the TP-algorithm significantly outperforms other approaches for breaking cycles, such as the spanning tree and up/down routing algorithms, in terms of network utilization and delay bounds. Our simulation results also show that the network utilization achieved with the TP-algorithm is within a factor of two of the maximum theoretical network utilization, for networks of up to 50 nodes of degree four. Thus, in many practical cases, the restriction of network calculus to feedforward routing networks may not represent a too significant limitation.

Aliasing probability for multiple input signature analyzer

Single and multiple multiple-input-signature-register (MISR) aliasing probability expressions are presented for arbitrary test lengths. A framework, based on algebraic codes, is developed for the analysis and synthesis of MISR-based test response compressors for BIST. This framework is used to develop closed-form expressions for the aliasing probability of MISR for arbitrary test length. An error model, based on q-ary symmetric channel, is proposed using more realistic assumptions. Results are presented that provide the weight distributions for q-ary codes (q=2/sup m/, where the circuit under test has m outputs). These results are used to compute the aliasing probability for the MISR compression technique for arbitrary test lengths. This result is extended to compression using two different MISRs. It is shown that significant improvements can be obtained by using two signature analyzers instead of one. The weight distribution of a class of codes of arbitrary length is also given. >

DIFFERENTIAL FAULT ANALYSIS ATTACK RESISTANT ARCHITECTURES FOR THE ADVANCED ENCRYPTION STANDARD

We present two architectures for protecting a hardware implementation of AES against side-channel attacks known as Differential Fault Analysis attacks. The first architecture, which is efficient for faults of higher multiplicity, partitions the design into linear (XOR gates only) and nonlinear blocks and uses different protection schemes for these blocks. We protect the linear blocks with linear codes and the nonlinear with a complimentary nonlinear operation resulting in robust protection. The second architecture uses systematic nonlinear (cubic) robust error detecting codes and provides for high fault detection for faults of low and high multiplicities but has higher hardware overhead.

Fault detection in combinational networks by Reed-Muller transforms

A new approach for fault detection in combinational networks based on Reed-Muller (RM) transforms is presented. An upper bound on the number of RM spectral coefficients required to be verified for detection of multiple stuck-at-faults and single bridging faults at the input lines of an n-input network is shown to be n. The time complexity (time required to test a network) for detection of multiple terminal faults and the storage required for storing the test are determined. An upper bound is found for the minimum number of test patterns required to detect a fault. The authors present standard tests based on this result, with a simple test generation procedure and upper bounds on minimal numbers of test patterns. >

Design of self-diagnostic boards by multiple signature analysis

A new design approach, based on multiple signature analysis, for self-diagnostic boards is presented. For this approach, test responses from all chips on the board are compressed into space-time signatures using nonbinary multiple error-correcting codes, and faulty chips are identified by analyzing relations between distortions in these signatures. This approach results in a considerable reduction of a hardware overhead, required for diagnostics, as compared with the straightforward approach where separate signatures are computed for each chip on the board. The diagnostic approach presented can also be used for identification of faulty boards in a system or for faulty processors in a multiprocessor environment. >

New class of nonlinear systematic error detecting codes

A code C detects error e with probability 1-Q(e),ifQ(e) is a fraction of codewords y such that y, y+e/spl isin/C. We present a class of optimal nonlinear q-ary systematic (n, q/sup k/)-codes (robust codes) minimizing over all (n, q/sup k/)-codes the maximum of Q(e) for nonzero e. We also show that any linear (n, q/sup k/)-code V with n /spl les/2k can be modified into a nonlinear (n, q/sup k/)-code C/sub v/ with simple encoding and decoding procedures, such that the set E={e|Q(e)=1} of undetected errors for C/sub v/ is a (k-r)-dimensional subspace of V (|E|=q/sup k-r/ instead of q/sup k/ for V). For the remaining q/sup n/-q/sup k-r/ nonzero errors, Q(e)/spl les/q/sup -r/for q/spl ges/3 and Q(e)/spl les/ 2/sup -r+1/ for q=2.