SARP: Self Aware Runtime Protection Against Integrity Attacks of Hardware Trojans
28 Jun 2018-Vol. 892, pp 198-209
TL;DR: A self aware approach for facilitating runtime security from integrity attacks or erroneous result generation due to HTHs is proposed, which overcomes the limitations of the existing redundancy based approach.
Abstract: Globalization of the modern semiconductor design industry has evicted the hardware root of trust. Security principles are compromised at runtime due to the implantation of malicious circuitry or Hardware Trojan Horse (HTH) in the vulnerable stages of System on Chip (SoC) design, from less trusted third parties. Runtime security from integrity attacks or erroneous result generation due to HTHs is the focus of this work. The prevailing techniques adopt a redundancy based approach. Several limitations are associated with the redundancy based approach like inability to perform multitasking in a multitasking environment, inability to adapt to aging, use of fault diagnosis even in normal scenario and severe overhead in area and power. Incorporation of observe, decide and act (ODA) paradigm in the design of a SoC makes it self aware. We propose a self aware approach for facilitating runtime security, which overcomes the limitations of the existing redundancy based approach. Low overhead in area and power and better throughput than the redundancy based approaches as observed in experimental results aid its application for practical scenarios.
Citations
More filters
TL;DR: This work explores how power draining ability of HTHs may reduce lifetime of the system and an offline–online scheduling strategy is proposed for periodic tasks which can ensure reliability of their operations till the expected lifetime ofThe system.
Abstract: The present era has witnessed deployment of reconfigurable hardware or field-programmable gate arrays (FPGAs) in diverse domains like automation and avionics, which are cyber physical in nature. Such cyber physical systems are associated with strict power budgets. Efficient real-time task-scheduling strategies exist that ensure execution of maximum number of tasks within the power budget. However, these do not consider hardware threats into account. Recent literature has exposed the existence of hardware trojan horses (HTHs). HTHs are malicious circuitry that remain dormant during testing and evade detection, but get activated at runtime to jeopardize operations. HTHs can be etched into the FPGA fabric by adversaries in the untrustworthy foundries, during fabrication of the FPGAs. Even vendors selling reconfigurable intellectual properties or bitstreams that configure the FPGA fabric for task operation may insert HTHs during writing the bitstream codes. HTHs may cause a variety of attacks which may affect the basic security primitives of the system like its integrity, confidentiality or availability. In this work, we explore how power draining ability of HTHs may reduce lifetime of the system. A self-aware approach is also proposed which detects the affected resources of the system and eradicates their use in future to facilitate system reliability. An offline–online scheduling strategy is proposed for periodic tasks which can ensure reliability of their operations till the expected lifetime of the system. Accommodating non-periodic tasks in the periodic task schedule based on available power is also focused. For experimentation, we consider tasks associated with EPFL benchmarks and demonstrate results based on the metric task success rate for periodic tasks and metric task rejection rate for non-periodic tasks.
9 citations
Cites background from "SARP: Self Aware Runtime Protection..."
...Thus, time based self-aware mechanisms as carried out in [17, 18, 27], is not applicable....
[...]
...In prior works, use of self-aware strategy for mitigating integrity attacks [27], confidentiality attacks [17, 25] and availability attacks [18, 19] of HTHs have been explored, which ensures secure execution of real-time tasks on hardware platforms....
[...]
01 Jan 2021
TL;DR: In this paper, the authors proposed a method to detect power dissipation attacks that may affect the green computing factor of a system or may drain the power budget of the system and cause early expiry of the computer system.
Abstract: Ensuring security for computer systems is of paramount importance. Analyzing various forms of attacks and defining strategies to prevent them is essential to generate trust among users. In general, to make a system reliable, system designers need to satisfy the basic three requirements, i.e. ensure confidentiality or prevent unauthorized observing of data or information, ensure integrity or prevent unauthorized change of data and ensure availability or facilitate authorized access to information or data at any instant of time and generate proper results within time. These three are commonly known as the CIA requirements [BT18]. However, with time, new attacks have arose like power dissipation attacks that may affect the green computing factor of a system or may drain the power budget of the system and cause early expiry of the system [Guh20, GMSC20]. Hence, it is the responsibility of system designers to analyze new and potential forms of threats that may arise with time and develop security strategies to mitigate them.
01 Jan 2021
TL;DR: In this paper, active threats are associated with attacks that cause direct damage to a system, eventually jeopardizing it, including the generation of erroneous results and preventing result generation within deadline.
Abstract: Active threats are associated with attacks that cause direct damage to a system, eventually jeopardizing it. This comprise either generation of erroneous results [MWP+09, GSC19a] or preventing result generation within deadline [GSC17, GSC19b]. The former is an attack to system integrity, while the latter is an issue related to system availability.
01 Jan 2021
TL;DR: In this paper, the authors proposed an approach to ensure flexibility and reconfigurability of the processing resources by using field programmable gate arrays (FPGAs) for direct task execution in hardware.
Abstract: With the advent of Industry 4.0 or the fourth industrial revolution [RB18], a key issue was to ensure flexibility and reconfigurability of the processing resources. Moreover, direct task execution in hardware enhances speed of operation and also ensures security from various types of software attacks. Previous hardware based systems, i.e. application specific integrated circuits (ASICs), though ensured high speed in task operation, but did not possess flexibility, i.e. different types of tasks could not be executed in the same platform. Such a limitation was eradicated with advent of reconfigurable hardware or field programmable gate arrays (FPGAs) [Xil18]. With its ability of dynamic partial reconfiguration at runtime, FPGAs provided the necessary flexibility for execution of different types of tasks on the same platform, in addition to hardware acceleration and security from various types of software attacks [Xil10, Xil18].
References
More filters
15 Jul 2014
TL;DR: The threat of hardware Trojan attacks is analyzed; attack models, types, and scenarios are presented; different forms of protection approaches are discussed; and emerging attack modes, defenses, and future research pathways are described.
Abstract: Security of a computer system has been traditionally related to the security of the software or the information being processed. The underlying hardware used for information processing has been considered trusted. The emergence of hardware Trojan attacks violates this root of trust. These attacks, in the form of malicious modifications of electronic hardware at different stages of its life cycle, pose major security concerns in the electronics industry. An adversary can mount such an attack with an objective to cause operational failure or to leak secret information from inside a chip-e.g., the key in a cryptographic chip, during field operation. Global economic trend that encourages increased reliance on untrusted entities in the hardware design and fabrication process is rapidly enhancing the vulnerability to such attacks. In this paper, we analyze the threat of hardware Trojan attacks; present attack models, types, and scenarios; discuss different forms of protection approaches, both proactive and reactive; and describe emerging attack modes, defenses, and future research pathways.
588 citations
Journal Article•
TL;DR: In this article, it was shown that the "BooleanToArithmetic" algorithm proposed by T. Messerges is not sufficient to prevent Differential Power Analysis and the "ArithmeticToBoolean" algorithm is not secure either.
Abstract: Since the announcement of the Differential Power Analysis (DPA) by Paul Kocher and al., several countermeasures were proposed in order to protect software implementations of cryptographic algorithms. In an attempt to reduce the resulting memory and execution time overhead, Thomas Messerges recently proposed a general method that masks all the intermediate data. This masking strategy is possible if all the fundamental operations used in a given algorithm can be rewritten with masked input data, giving masked output data. This is easily seen to be the case in classical algorithms such as DES or RSA. However, for algorithms that combine Boolean and arithmetic functions, such as IDEA or several of the AES candidates, two different kinds of masking have to be used. There is thus a need for a method to convert back and forth between Boolean masking and arithmetic masking. In the present paper, we show that the 'BooleanToArithmetic' algorithm proposed by T. Messerges is not sufficient to prevent Differential Power Analysis. In a similar way, the 'ArithmeticToBoolean' algorithm is not secure either.
256 citations
TL;DR: A novel noninvasive, multiple-parameter side-channel analysisbased Trojan detection approach that uses the intrinsic relationship between dynamic current and maximum operating frequency of a circuit to isolate the effect of a Trojan circuit from process noise.
Abstract: Hardware Trojan attack in the form of malicious modification of a design has emerged as a major security threat. Sidechannel analysis has been investigated as an alternative to conventional logic testing to detect the presence of hardware Trojans. However, these techniques suffer from decreased sensitivity toward small Trojans, especially because of the large process variations present in modern nanometer technologies. In this paper, we propose a novel noninvasive, multiple-parameter side-channel analysisbased Trojan detection approach. We use the intrinsic relationship between dynamic current and maximum operating frequency of a circuit to isolate the effect of a Trojan circuit from process noise. We propose a vector generation approach and several design/test techniques to improve the detection sensitivity. Simulation results with two large circuits, a 32-bit integer execution unit (IEU) and a 128-bit advanced encryption standard (AES) cipher, show a detection resolution of 1.12 percent amidst ±20 percent parameter variations. The approach is also validated with experimental results. Finally, the use of a combined side-channel analysis and logic testing approach is shown to provide high overall detection coverage for hardware Trojan circuits of varying types and sizes.
207 citations
04 Oct 2010
TL;DR: A general class of timing mitigators are introduced that can achieve any given bound on timing channel leakage, with a tradeoff in system performance.
Abstract: We investigate techniques for general black-box mitigation of timing channels. The source of events is wrapped by a timing mitigator that delays output events so that they contain only a bounded amount of information. We introduce a general class of timing mitigators that can achieve any given bound on timing channel leakage, with a tradeoff in system performance. We show these mitigators compose well with other mechanisms for information flow control, and demonstrate they are effective against some known timing attacks.
179 citations
TL;DR: This SoC infrastructure core is a flexible, scalable, and highly accurate embedded time interval analyzer (ETIA), used to measure a variety of timing-related SoC characteristics, including jitter.
Abstract: This SoC infrastructure core is a flexible, scalable, and highly accurate embedded time interval analyzer (ETIA), used to measure a variety of timing-related SoC characteristics, including jitter. The ETIA requires little design and area overhead and performs accurately under process and environment variation and noise.
88 citations