scispace - formally typeset
Search or ask a question
Proceedings ArticleDOI

Self Aware SoC Security to Counteract Delay Inducing Hardware Trojans at Runtime

TL;DR: This work proposes a self aware approach which works on the observe-decide-act (ODA) paradigm to counteract the effects of Trojans, which may induce sudden unintentional delays at runtime, affecting the basic security principles of the SoC.
Abstract: A major issue of present age system on chip (SoC) designing is meeting of stringent time to market deadlines along with the reduction of various challenges faced during design. A significant strategy adopted in tackling such a problem is to procure different components or IPs (intellectual properties) of the SoC from different third party IP vendors (3PIPs). Such a technique targets independent working of the SoC components and removes the threat of the occurrence of malicious circuitry or Hardware Trojan Horse (HTH) having a distributed architecture. However, trustworthiness of the 3PIP vendors is a concern and possibility exists in the implantation of a HTH in the individual IPs procured from them. In this work, we analyze the effects of such Trojans, which may induce sudden unintentional delays at runtime, affecting the basic security principles of the SoC. We propose a self aware approach which works on the observe-decide-act (ODA) paradigm to counteract the scenario. Existing literature on hardware security generally focus on detection of anomaly, but is silent on organizing low level security mechanisms in such a manner that the high level objective of secure task completion is facilitated at run time. Our proposed methodology not only overcomes this limitation but also ensures security without tampering the IP designs. Experimental analysis is performed using AES crypto SoC architecture. Low overhead in area and power of the security elements as obtained in experimentation supports its applicability for practical SoC applications.
Citations
More filters
Proceedings ArticleDOI
01 Aug 2018
TL;DR: In this article, a reliability-driven mixed critical periodic task schedule generation against HTH attacks is focused, where reliability ensured execution of mixed critical aperiodic and sporadic tasks is considered.
Abstract: The property of dynamic partial reconfiguration of modern field programmable gate arrays (FPGAs) has made it feasible to execute various mixed critical tasks on the same platform. This requires partitioning the FPGA fabric into several virtual portions (VPs) and a scheduling methodology to determine which task is to be executed when and in which FPGA VP. Executing a task in an FPGA VP requires runtime configuring of the VP with a bitstream or a reconfigurable intellectual property, procured from a third party intellectual property (3PIP) vendor. Recent literature has exposed the presence of malicious elements like hardware trojan horses (HTHs) in such 3PIP bitstreams. Such HTH is particularly dangerous as these remain dormant during testing and initial stages of operation, but gets activated suddenly at runtime to jeopardize the basic security primitives of the system. Thus, reliability driven mixed critical tasks processing on FPGAs against HTH attacks is important. Firstly, reliability driven mixed critical periodic task schedule generation against HTH attacks is focused. Secondly, reliability ensured execution of mixed critical aperiodic and sporadic tasks in the generated periodic task schedule is considered. Experimentation is carried out with a variety of bitstreams and performance evaluation is performed via metrics like task success rate, task rejection rate and task preemption rate.

10 citations


Cites methods from "Self Aware SoC Security to Countera..."

  • ...Self aware approaches operate based on the Observe-Decide-Act paradigm and takes decisions at runtime to bypass observed threats [16]....

    [...]

Journal ArticleDOI
TL;DR: This work explores how power draining ability of HTHs may reduce lifetime of the system and an offline–online scheduling strategy is proposed for periodic tasks which can ensure reliability of their operations till the expected lifetime ofThe system.
Abstract: The present era has witnessed deployment of reconfigurable hardware or field-programmable gate arrays (FPGAs) in diverse domains like automation and avionics, which are cyber physical in nature. Such cyber physical systems are associated with strict power budgets. Efficient real-time task-scheduling strategies exist that ensure execution of maximum number of tasks within the power budget. However, these do not consider hardware threats into account. Recent literature has exposed the existence of hardware trojan horses (HTHs). HTHs are malicious circuitry that remain dormant during testing and evade detection, but get activated at runtime to jeopardize operations. HTHs can be etched into the FPGA fabric by adversaries in the untrustworthy foundries, during fabrication of the FPGAs. Even vendors selling reconfigurable intellectual properties or bitstreams that configure the FPGA fabric for task operation may insert HTHs during writing the bitstream codes. HTHs may cause a variety of attacks which may affect the basic security primitives of the system like its integrity, confidentiality or availability. In this work, we explore how power draining ability of HTHs may reduce lifetime of the system. A self-aware approach is also proposed which detects the affected resources of the system and eradicates their use in future to facilitate system reliability. An offline–online scheduling strategy is proposed for periodic tasks which can ensure reliability of their operations till the expected lifetime of the system. Accommodating non-periodic tasks in the periodic task schedule based on available power is also focused. For experimentation, we consider tasks associated with EPFL benchmarks and demonstrate results based on the metric task success rate for periodic tasks and metric task rejection rate for non-periodic tasks.

9 citations


Cites background from "Self Aware SoC Security to Countera..."

  • ...Counteracting HTH attacks can be performed via several techniques, which range from offline detection [20, 21] to authentication mechanisms [22, 23] to runtime security methodologies, that may be redundancy based [16, 24] or self-aware [19, 25]....

    [...]

  • ...These can be broadly classified into redundancy based methodologies [16, 24] or self-aware approaches [19, 25, 30]....

    [...]

  • ...In prior works, use of self-aware strategy for mitigating integrity attacks [27], confidentiality attacks [17, 25] and availability attacks [18, 19] of HTHs have been explored, which ensures secure execution of real-time tasks on hardware platforms....

    [...]

  • ...It may affect system integrity by generating erroneous results [16], hamper confidentiality of the system by leaking secret information [17], or even destroy system availability by delaying task operation and preventing their completion within deadline [18, 19]....

    [...]

Journal ArticleDOI
TL;DR: This paper proposes a novel model checking-based formal framework for a priori assessment of circuit vulnerabilities against both the functional and parametric HTs at the early stages of the design, characterized by the gate-level side channel parameters to examine the impacts of malicious circuitry insertion.
Abstract: The rising trend of globalization in the integrated circuits’ design process has increased their vulnerabilities against malicious intrusions. The security vulnerability analysis using conventional design time simulations is computationally intensive and incomplete by nature. Formal verification has the potential to overcome these limitations of simulation techniques; however, the existing state-of-the-art formal verification techniques cannot be used as such to analyze the effects of hardware Trojans (HTs) that may impact the performance of the circuit without altering its functionality. In this paper, we propose a novel model checking-based formal framework for a priori assessment of circuit vulnerabilities against both the functional and parametric HTs at the early stages of the design. This framework is characterized by the gate-level side channel parameters, i.e., dynamic power, leakage power, and propagation delay, to examine the impacts of malicious circuitry insertion. An algorithm based on the temporal logic properties is proposed, which computes the bounds for the side channel parameters to define the expected secure regions of circuit operation. Moreover, we propose a second algorithm for formally analyzing the security vulnerabilities in the circuit by introducing partitions, which significantly reduces the size of state space. We evaluate the masking effects on the intrusions while considering 3-sigma variation in the process. We demonstrate the effectiveness of our proposed approach by analyzing the security vulnerabilities on a set of ISCAS85 and $74\times $ benchmarks.

8 citations

Journal ArticleDOI
TL;DR: Self-aware security modules attached with each IP works based on the Observe-Decide-Act paradigm and not only detects vulnerability but also organizes behavior of the IPs dynamically at runtime so that the high-level objective of task completion before a deadline is ensured.
Abstract: The semiconductor design industry of the embedded era has embraced the globalization strategy for system on chip (SoC) design. This involves incorporation of various SoC components or intellectual properties (IPs), procured from various third-party IP (3PIP) vendors. However, trust of an SoC is challenged when a supplied IP is counterfeit or implanted with a Hardware Trojan Horse. Both roots of untrust may result in sudden performance degradation at runtime. None of the existing hardware security approaches organize the behavior of the IPs at the low level, to ensure timely completion of SoC operations. However, real-time SoC operations are always associated with a deadline, and a deadline miss due to sudden performance degradation of any of the IPs may jeopardize mission-critical applications. We seek refuge to the stigmergic behavior exhibited in insect colonies to propose a decentralized self-aware security approach. The self-aware security modules attached with each IP works based on the Observe-Decide-Act paradigm and not only detects vulnerability but also organizes behavior of the IPs dynamically at runtime so that the high-level objective of task completion before a deadline is ensured. Experimental validation and low overhead of our proposed security modules over various benchmark IPs and crypto SoCs depict the prospects of our proposed mechanism.

7 citations


Cites background from "Self Aware SoC Security to Countera..."

  • ...Mitigating passive threats via on-chip self-awareness was demonstrated in Guha et al. (2015, 2017b)....

    [...]

  • ...…various phases of Very Large Scale Integration (VLSI) design across This article is an extended version of a previously published conference research paper from the 30th International Conference on VLSI Design and the 16th International Conference on Embedded Systems (VLSID’17) (Guha et al. 2017a)....

    [...]

  • ...However, for causing an infinite delay, the payload may be composed of a simple loop architecture with a buffer inside, where for each operation, one unit of delay is caused and the progress is never made (Guha et al. 2017a)....

    [...]

  • ...Other than outsourcing the various phases of Very Large Scale Integration (VLSI) design across This article is an extended version of a previously published conference research paper from the 30th International Conference on VLSI Design and the 16th International Conference on Embedded Systems (VLSID’17) (Guha et al. 2017a)....

    [...]

  • ...This article is an extended version of a previously published conference research paper from the 30th International Conference on VLSI Design and the 16th International Conference on Embedded Systems (VLSID’17) (Guha et al. 2017a)....

    [...]

Journal ArticleDOI
TL;DR: This work initially explores how HTHs implanted by 3PIP vendors in the bitstreams may cause active attacks, and develops strategies to ensure reliability for processing of mixed critical tasks on reconfigurable hardware against HTH attacks.
Abstract: An important aspect of mixed critical systems is to execute tasks of varied criticality on the same platform. The property of full or partial reconfiguration at runtime of reconfigurable hardware or field programmable gate arrays (FPGAs) has satisfied this criterion and facilitated the processing of mixed critical tasks directly on hardware, with the aid of reconfigurable intellectual properties (IPs) or bitstreams procured from various third party IP (3PIP) vendors. However, the existing literature in this arena does not consider the associated hardware threats. Such threats are particularly dangerous as related malware like Hardware Trojan Horses (HTHs) remain dormant during testing and evade detection, but get activated at runtime and jeopardize mission critical applications. Though several works exist on hardware security, none focus on reliability driven mixed critical task processing on reconfigurable hardware against HTH attacks. In this work, we initially explore how HTHs implanted by 3PIP vendors in the bitstreams may cause active attacks. Then, we develop strategies to ensure reliability for processing of mixed critical tasks on reconfigurable hardware. Both periodic and non-periodic, i.e. aperiodic or sporadic tasks are considered. We also focus on resource constrained environments, where we adhere to frequency scaling to facilitate accommodation of tasks on limited resources. We experiment with a variety of bitstreams and performance evaluation is performed via metrics such as task success rate, task rejection rate and task preemption rate.

6 citations

References
More filters
Journal ArticleDOI
15 Jul 2014
TL;DR: The threat of hardware Trojan attacks is analyzed; attack models, types, and scenarios are presented; different forms of protection approaches are discussed; and emerging attack modes, defenses, and future research pathways are described.
Abstract: Security of a computer system has been traditionally related to the security of the software or the information being processed. The underlying hardware used for information processing has been considered trusted. The emergence of hardware Trojan attacks violates this root of trust. These attacks, in the form of malicious modifications of electronic hardware at different stages of its life cycle, pose major security concerns in the electronics industry. An adversary can mount such an attack with an objective to cause operational failure or to leak secret information from inside a chip-e.g., the key in a cryptographic chip, during field operation. Global economic trend that encourages increased reliance on untrusted entities in the hardware design and fabrication process is rapidly enhancing the vulnerability to such attacks. In this paper, we analyze the threat of hardware Trojan attacks; present attack models, types, and scenarios; discuss different forms of protection approaches, both proactive and reactive; and describe emerging attack modes, defenses, and future research pathways.

588 citations


"Self Aware SoC Security to Countera..." refers background or methods in this paper

  • ...We assume a SoC comprising of four components or IPs, assumed to be purchased from different 3PIP vendors, and each performs a specific functionality as shown in Figure 1(a)....

    [...]

  • ...This is suitable for small architectures with few inputs, but is difficult for a complex and huge architecture with a distributed HTH. Side channel analysis takes the aid of external parameters like power, area, etc and a golden model....

    [...]

  • ...This is illustrated in Figure 1(b)....

    [...]

Journal ArticleDOI
TL;DR: Simulation results for a set of ISCAS-89 benchmark circuits and the advanced-encryption-standard IP core show that high levels of security can be achieved at less than 5% area and power overhead under delay constraint.
Abstract: Hardware intellectual-property (IP) cores have emerged as an integral part of modern system-on-chip (SoC) designs. However, IP vendors are facing major challenges to protect hardware IPs from IP piracy. This paper proposes a novel design methodology for hardware IP protection using netlist-level obfuscation. The proposed methodology can be integrated in the SoC design and manufacturing flow to simultaneously obfuscate and authenticate the design. Simulation results for a set of ISCAS-89 benchmark circuits and the advanced-encryption-standard IP core show that high levels of security can be achieved at less than 5% area and power overhead under delay constraint.

468 citations


Additional excerpts

  • ...This is illustrated in Figure 1(b)....

    [...]

Journal ArticleDOI
14 Feb 2014-Science
TL;DR: This work presents a multi-agent construction system inspired by mound-building termites, solving an inverse problem of predicting high-level results given low-level rules; the approach via a physical realization with three autonomous climbing robots limited to onboard sensing.
Abstract: Complex systems are characterized by many independent components whose low-level actions produce collective high-level results. Predicting high-level results given low-level rules is a key open challenge; the inverse problem, finding low-level rules that give specific outcomes, is in general still less understood. We present a multi-agent construction system inspired by mound-building termites, solving such an inverse problem. A user specifies a desired structure, and the system automatically generates low-level rules for independent climbing robots that guarantee production of that structure. Robots use only local sensing and coordinate their activity via the shared environment. We demonstrate the approach via a physical realization with three autonomous climbing robots limited to onboard sensing. This work advances the aim of engineering complex systems that achieve specific human-designed goals.

450 citations

Proceedings ArticleDOI
07 Nov 2013
TL;DR: A vulnerability analysis flow is developed that determines hard-to-detect areas in a circuit that would most probably be used for Trojan implementation to ensure a Trojan goes undetected during production test and extensive functional test analysis.
Abstract: The areas of hardware security and trust have experienced major growth over the past several years. However, research in Trojan detection and prevention lacks standard benchmarks and measurements, resulting in inconsistent research outcomes, and ambiguity in analyzing strengths and weaknesses in the techniques developed by different research teams and their advancements to the state-of-the-art. We have developed innovative methodologies that, for the first time, more effectively address the problem. We have developed a vulnerability analysis flow. The flow determines hard-to-detect areas in a circuit that would most probably be used for Trojan implementation to ensure a Trojan goes undetected during production test and extensive functional test analysis. Furthermore, we introduce the Trojan detectability metric to quantify Trojan activation and effect. This metric offers a fair comparison for analyzing weaknesses and strengths of Trojan detection techniques. Using these methodologies, we have developed a large number of trust benchmarks that are available for use by the public, as well as researchers and practitioners in the field.

219 citations

Journal ArticleDOI
TL;DR: This paper will present all types of counterfeits, the defects present in them, and their detection methods, and the effectiveness and limitations of these anti-counterfeiting techniques.
Abstract: The counterfeiting of electronic components has become a major challenge in the 21st century. The electronic component supply chain has been greatly affected by widespread counterfeit incidents. A specialized service of testing, detection, and avoidance must be created to tackle the worldwide outbreak of counterfeit integrated circuits (ICs). So far, there are standards and programs in place for outlining the testing, documenting, and reporting procedures. However, there is not yet enough research addressing the detection and avoidance of such counterfeit parts. In this paper we will present, in detail, all types of counterfeits, the defects present in them, and their detection methods. We will then describe the challenges to implementing these test methods and to their effectiveness. We will present several anti-counterfeit measures to prevent this widespread counterfeiting, and we also consider the effectiveness and limitations of these anti-counterfeiting techniques.

210 citations


"Self Aware SoC Security to Countera..." refers background in this paper

  • ...Sudden degradation of performance is also associated with IC counterfeiting, which involves illegal reuse and recycling of SoC components [3]....

    [...]