Real-Time SoC Security against Passive Threats Using Crypsis Behavior of Geckos
TL;DR: This work seeks refuge to the crypsis behavior exhibited by geckos in nature to generate a runtime security technique for SoC architectures, which can bypass runtime passive threats of a HTH.
Abstract: The rapid evolution of the embedded era has witnessed globalization for the design of SoC architectures in the semiconductor design industry. Though issues of cost and stringent marketing deadlines have been resolved in such a methodology, yet the root of hardware trust has been evicted. Malicious circuitry, a.k.a. Hardware Trojan Horse (HTH), is inserted by adversaries in the less trusted phases of design. A HTH remains dormant during testing but gets triggered at runtime to cause sudden active and passive attacks. In this work, we focus on the runtime passive threats based on the parameter delay. Nature-inspired algorithms offer an alternative to the conventional techniques for solving complex problems in the domain of computer science. However, most are optimization techniques and none is dedicated to security. We seek refuge to the crypsis behavior exhibited by geckos in nature to generate a runtime security technique for SoC architectures, which can bypass runtime passive threats of a HTH. An adaptive security intellectual property (IP) that works on the proposed security principles is designed. Embedded timing analysis is used for experimental validation. Low area and power overhead of our proposed security IP over standard benchmarks and practical crypto SoC architectures as obtained in experimental results supports its applicability for practical implementations.
Citations
More filters
TL;DR: This work explores how power draining ability of HTHs may reduce lifetime of the system and an offline–online scheduling strategy is proposed for periodic tasks which can ensure reliability of their operations till the expected lifetime ofThe system.
Abstract: The present era has witnessed deployment of reconfigurable hardware or field-programmable gate arrays (FPGAs) in diverse domains like automation and avionics, which are cyber physical in nature. Such cyber physical systems are associated with strict power budgets. Efficient real-time task-scheduling strategies exist that ensure execution of maximum number of tasks within the power budget. However, these do not consider hardware threats into account. Recent literature has exposed the existence of hardware trojan horses (HTHs). HTHs are malicious circuitry that remain dormant during testing and evade detection, but get activated at runtime to jeopardize operations. HTHs can be etched into the FPGA fabric by adversaries in the untrustworthy foundries, during fabrication of the FPGAs. Even vendors selling reconfigurable intellectual properties or bitstreams that configure the FPGA fabric for task operation may insert HTHs during writing the bitstream codes. HTHs may cause a variety of attacks which may affect the basic security primitives of the system like its integrity, confidentiality or availability. In this work, we explore how power draining ability of HTHs may reduce lifetime of the system. A self-aware approach is also proposed which detects the affected resources of the system and eradicates their use in future to facilitate system reliability. An offline–online scheduling strategy is proposed for periodic tasks which can ensure reliability of their operations till the expected lifetime of the system. Accommodating non-periodic tasks in the periodic task schedule based on available power is also focused. For experimentation, we consider tasks associated with EPFL benchmarks and demonstrate results based on the metric task success rate for periodic tasks and metric task rejection rate for non-periodic tasks.
9 citations
TL;DR: Self-aware security modules attached with each IP works based on the Observe-Decide-Act paradigm and not only detects vulnerability but also organizes behavior of the IPs dynamically at runtime so that the high-level objective of task completion before a deadline is ensured.
Abstract: The semiconductor design industry of the embedded era has embraced the globalization strategy for system on chip (SoC) design. This involves incorporation of various SoC components or intellectual properties (IPs), procured from various third-party IP (3PIP) vendors. However, trust of an SoC is challenged when a supplied IP is counterfeit or implanted with a Hardware Trojan Horse. Both roots of untrust may result in sudden performance degradation at runtime. None of the existing hardware security approaches organize the behavior of the IPs at the low level, to ensure timely completion of SoC operations. However, real-time SoC operations are always associated with a deadline, and a deadline miss due to sudden performance degradation of any of the IPs may jeopardize mission-critical applications. We seek refuge to the stigmergic behavior exhibited in insect colonies to propose a decentralized self-aware security approach. The self-aware security modules attached with each IP works based on the Observe-Decide-Act paradigm and not only detects vulnerability but also organizes behavior of the IPs dynamically at runtime so that the high-level objective of task completion before a deadline is ensured. Experimental validation and low overhead of our proposed security modules over various benchmark IPs and crypto SoCs depict the prospects of our proposed mechanism.
7 citations
Cites background from "Real-Time SoC Security against Pass..."
...Mitigating passive threats via on-chip self-awareness was demonstrated in Guha et al. (2015, 2017b)....
[...]
...…various phases of Very Large Scale Integration (VLSI) design across This article is an extended version of a previously published conference research paper from the 30th International Conference on VLSI Design and the 16th International Conference on Embedded Systems (VLSID’17) (Guha et al. 2017a)....
[...]
...However, for causing an infinite delay, the payload may be composed of a simple loop architecture with a buffer inside, where for each operation, one unit of delay is caused and the progress is never made (Guha et al. 2017a)....
[...]
...Other than outsourcing the various phases of Very Large Scale Integration (VLSI) design across This article is an extended version of a previously published conference research paper from the 30th International Conference on VLSI Design and the 16th International Conference on Embedded Systems (VLSID’17) (Guha et al. 2017a)....
[...]
...Passive threats affect the confidentiality of the system (e.g., leakage of secret information) (Guha et al. 2017b)....
[...]
TL;DR: PMPGuard, a mechanism that detects the presence of hardware Trojans in Third Party Intellectual Property cores of PMPSoCs by continuous monitoring and testing and recovers the system by switching the infected processor core with another one, is presented.
Abstract: Multiprocessor System-on-Chip (MPSoC) has become necessary due to the the billions of transistors available to the designer, the need for fast design turnaround times, and the power wall. Thus, present embedded systems are designed with MPSoCs, and one possible way MPSoCs can be realized is through Pipelined MPSoC (PMPSoC) architectures, which are used in applications from video surveillance to cryptosystems. Hardware Trojans (HTs) on PMPSoCs are a significant concern due to the damage caused by their stealth. An adversary could use HTs to extract secret information (data leakage) to modify functionality/data (functional modification) or make PMPSoCs deny service. In this article, we present PMPGuard, a mechanism that (1) detects the presence of hardware Trojans in Third Party Intellectual Property (3PIP) cores of PMPSoCs by continuous monitoring and testing and (2) recovers the system by switching the infected processor core with another one. We designed, implemented, and tested the system on a commercial cycle accurate multiprocessor simulation environment. Compared to the state-of-the-art system-level techniques that use Triple Modular Redundancy (TMR) and therefore incur at least 3× area and power overheads, our proposed system incurs about 2× area and 1.5× power overheads without any adverse impact on throughput.
6 citations
Cites background from "Real-Time SoC Security against Pass..."
...hardware Trojan is small, the increase in the side-channel parameters is too small to detect [14]....
[...]
...However, the side-channel-based techniques are ineffective when the size of the hardware Trojans is negligible when compared to the size of the SoC [14]....
[...]
28 Jun 2018
TL;DR: A self aware approach for facilitating runtime security from integrity attacks or erroneous result generation due to HTHs is proposed, which overcomes the limitations of the existing redundancy based approach.
Abstract: Globalization of the modern semiconductor design industry has evicted the hardware root of trust. Security principles are compromised at runtime due to the implantation of malicious circuitry or Hardware Trojan Horse (HTH) in the vulnerable stages of System on Chip (SoC) design, from less trusted third parties. Runtime security from integrity attacks or erroneous result generation due to HTHs is the focus of this work. The prevailing techniques adopt a redundancy based approach. Several limitations are associated with the redundancy based approach like inability to perform multitasking in a multitasking environment, inability to adapt to aging, use of fault diagnosis even in normal scenario and severe overhead in area and power. Incorporation of observe, decide and act (ODA) paradigm in the design of a SoC makes it self aware. We propose a self aware approach for facilitating runtime security, which overcomes the limitations of the existing redundancy based approach. Low overhead in area and power and better throughput than the redundancy based approaches as observed in experimental results aid its application for practical scenarios.
4 citations
16 Nov 2020
TL;DR: In this paper, the authors analyze how vulnerability in hardware like hardware trojan horses (HTH) can increment power dissipation suddenly at runtime, without affecting the basic security primitives like integrity, confidentiality or availability of the system.
Abstract: Deployment of reconfigurable hardware or field programmable gate arrays (FPGAs) in cloud platforms is the modern trend. Practical scenarios include Amazon’s EC2 F1 cloud services, Microsoft’s Project Catapult and many others. Efficient task scheduling algorithms exist that can ensure green computing, i.e. order the operation of user tasks in the available FPGAs in such a manner that the power dissipated is optimum. But recent literature has exhibited eradication of the hardware root of trust, which is not taken into account by the existing task scheduling algorithms that can facilitate green computing. In this work, we analyze how vulnerability in hardware like hardware trojan horses (HTH) can increment power dissipation suddenly at runtime, without affecting the basic security primitives like integrity, confidentiality or availability of the system. Thus, are difficult to detect but may hamper the system due to unnecessary high power dissipation. We also develop a suitable runtime task scheduling algorithm which schedules the tasks at runtime based on the dynamic status of the resources, such that the power dissipation incurred at runtime is optimum. Finally, we also propose a mechanism via which we can detect affected cloud resources based on the runtime operations. We validate our proposed methodology via simulation based experiments.
1 citations
References
More filters
TL;DR: A novel technique, called built-in self-authentication (BISA), is proposed, which can be used to make hardware Trojan insertion by untrusted Graphic Data System (GDSII) developer andUntrusted foundry considerably more difficult and easier to detect.
Abstract: With the rapid globalization of the semiconductor industry, hardware Trojans have become a significant threat to government agencies and enterprises that require secure and reliable systems for their critical applications. Because of the diversity of hardware Trojans and the randomness associated with process variations, hardware Trojan detection is a challenging problem. In this paper, we propose a novel technique, called built-in self-authentication (BISA), which can be used to make hardware Trojan insertion by untrusted Graphic Data System (GDSII) developer and untrusted foundry considerably more difficult and easier to detect. The unused spaces in the circuit layout represent the best opportunity to insert Trojans by these entities. BISA works by eliminating this spare space and filling it with functional filler cells, instead of nonfunctional filler cells. A self-testing procedure generates a digital signature that will be different if any BISA cells are changed because of hardware Trojan insertion. We demonstrate that BISA can be applied to any flat or bottom-up hierarchical design with negligible overhead in terms of area, power, and timing.
75 citations
"Real-Time SoC Security against Pass..." refers methods in this paper
...A layout filler technique was proposed to prevent insertion of Trojans into the unused spaces of a layout [Xiao et al. 2014]....
[...]
TL;DR: This work proposes to incorporate trojan toleration into MPSoC platforms by revising the task scheduling step of theMPSoC design process, and imposes a set of security-driven diversity constraints into the scheduling process, enabling the system to detect the presence of malicious modifications or to mute their effects during application execution.
Abstract: Multiprocessor system-on-chip (MPSoC) platforms face some of the most demanding security concerns, as they process, store, and communicate sensitive information using third-party intellectual property (3PIP) cores. The complexity of MPSoC makes it expensive and time consuming to fully analyze and test during the design stage. This has given rise to the trend of outsourcing design and fabrication of 3PIP components, that may not be trustworthy. To protect MPSoCs against malicious modifications, we impose a set of security-driven diversity constraints into the task scheduling step of the MPSoC design process, enabling the system to detect the presence of malicious modifications or to mute their effects during application execution. We pose the security-constrained MPSoC task scheduling as a multidimensional optimization problem, and propose a set of heuristics to ensure that the introduced security constraints can be fulfilled with a minimum impact on the other design goals such as performance and hardware. Experimental results show that without any extra cores, security constraints can be fulfilled within four vendors and 81% overhead in schedule length.
51 citations
TL;DR: Two statistical methods for identifying recycled integrated circuits through the use of one-class classifiers and degradation curve sensitivity analysis are introduced and experimental results confirm their effectiveness in distinguishing between new and aged ICs.
Abstract: We introduce two statistical methods for identifying recycled integrated circuits (ICs) through the use of one-class classifiers and degradation curve sensitivity analysis. Both methods rely on statistically learning the parametric behavior of known new devices and using it as a reference point to determine whether a device under authentication has previously been used. The proposed methods are evaluated using actual measurements and simulation data from digital and analog devices, with experimental results confirming their effectiveness in distinguishing between new and aged ICs and their superiority over previously proposed methods.
51 citations
"Real-Time SoC Security against Pass..." refers background or methods in this paper
...Degradation of performance due to aging is natural and is evident for all systems after a certain timeframe [Huang et al. 2015]....
[...]
...Statistical methodologies were also proposed [Huang et al. 2015]....
[...]
TL;DR: It is demonstrated that the Moorish gecko indeed changes its dorsal colour in response to changes in environmental conditions, and background matching did appear to be a prominent function, although illumination appears to be an essential trigger.
Abstract: Colour has many different functions in animals, such as an involvement in thermoregulation, crypsis, and social interactions. Species capable of physiological colour change may alter their coloration in response to ecological conditions. The Moorish gecko, Tarentola mauritanica, is capable of actively changing its body coloration. In the present study, we investigated colour change in this gecko as a function of background, temperature, and light. Our results demonstrate that the Moorish gecko indeed changes its dorsal colour in response to changes in environmental conditions. By contrast to several other reptilian species, this rapid colour change does not appear to be associated with thermoregulation. Background matching, however, did appear to be a prominent function, although illumination appears to be an essential trigger. Future research should concentrate on individual variation and its effectiveness with respect to antipredatory mechanisms. © 2012 The Linnean Society of London, Biological Journal of the Linnean Society, 2012, ••, ••–••.
42 citations
"Real-Time SoC Security against Pass..." refers background in this paper
...Synchronizing its parameters to the parameters of its surroundings or updating its existing state with the change in environment facilitates the organism to bypass its threats and evolve in nature [Fulgione et al. 2014; Vroonen et al. 2012]....
[...]
...Geckos change their dorsal color in response to changes in the colors of their environment [Vroonen et al. 2012]....
[...]
...” Geckos change their dorsal color in response to changes in the colors of their environment [Vroonen et al. 2012]....
[...]
...Crypsis is a common security methodology adopted by several natural species in order to avoid detection by its predators [Vroonen et al. 2012]....
[...]
04 Nov 2013
TL;DR: This work poses the security-constrained MPSoC task scheduling as a multidimensional optimization problem, and proposes a set of heuristics to ensure that the introduced security constraints can be fulfilled with a minimum impact on the other design goals such as performance and hardware.
Abstract: Outsourcing of the various aspects of IC design and fabrication flow strongly questions the classic assumption that “hardware is trustworthy”. Multiprocessor System-on-Chip (MPSoC) platforms face some of the most demanding security concerns, as they process, store, and communicate sensitive information using third-party intellectual property (3PIP) cores that may be untrustworthy. The complexity of an MPSoC makes it expensive and time consuming to fully analyze and test it during the design stage. Consequently, the trustworthiness of the 3PIP components cannot be ensured. To protect MPSoCs against malicious modifications, we propose to incorporate trojan toleration into MPSoC platforms by revising the task scheduling step of the MPSoC design process. We impose a set of security-driven diversity constraints into the scheduling process, enabling the system to detect the presence of malicious modifications or to mute their effects during application execution. Furthermore, we pose the security-constrained MPSoC task scheduling as a multi-dimensional optimization problem, and propose a set of heuristics to ensure that the introduced security constraints can be fulfilled with minimum performance and hardware overhead.
34 citations
"Real-Time SoC Security against Pass..." refers background in this paper
...These two criteria are commonly termed distribution due to diversity constraints [Liu et al. 2014]....
[...]
...Moreover, serious concern has recently been raised regarding the trustworthiness of the IPs procured from thirdparty IP vendors [Liu et al. 2014]....
[...]
...However, trustworthiness of these third-party vendors is a concern [Liu et al. 2014]....
[...]