Sec Secure ure Hardware Hardware and Hardware and Hardware- En - - PowerPoint PPT Presentation

SPACE | Dec 2016 1

Sec Secure ure Hardware Hardware and Hardware and Hardware- En Enabled abled Security Security: : New Front New Frontiers iers

Swarup Bhunia Professor

Electrical & Computer Engineering

SP SPACE ACE 201 2016

Journal of Hardware and Systems Security EICs: S. Bhunia; M.M. Tehranipoor ISSN: 2509-3428 (print version) ISSN: 2509-3436 (electronic version) Journal no. 41635

▶ Highlights new and ground-breaking developments in the field of electronic hardware and systems security ▶ Covers the interaction of hardware and systems, and between hardware and firmware/software, in the context of security and trust ▶ Encompasses security of processor, System-on- Chip (SoC), Field Programmable Gate Arrays (FPGA), analog/mixed-signal electronics and Printed Circuit Board (PCB) ▶ Publishes archival research results focusing on the security of hardware and system security at all levels of abstraction and the supply chain including track and trace technologies across a variety of industries

IEEE IEEE Intl.

• Intl. Symp

Symp. . on

• n

Hardware Hardware Oriented Oriented Security and Trust (HOS Security and Trust (HOST) T) May 1-5, 2017 The Ritz-Carlton McLean, VA, USA

• REGISTRATION OF TITLE +

ABSTRACT:November 1, 2016

• SUBMISSION OF PAPER: November 8, 2016

Announcements: Journal / Conferences

AsianHOST AsianHOST Conference Conference, , Dec 19 Dec 19-20 20 2016, Taipei, T 2016, Taipei, Taiwan aiwan

“An embedded system is a combination of hardware and software, and perhaps additional electrical or mechanical parts, intended to provide a dedicated function”

― Michael Barr, Programming Embedded Systems, 1999

Changing Computing Landscape…

General-purpose systems

• Complex, optimized architecture
• Versatility and programmability
• Diverse use-case scenarios
• Customized design
• Unique use-case constraints
• Tight HW/SW integration

Embedded systems

“An embedded system is an electronic system that uses a computer chip but is not a desktop, laptop, or server”

― PC Magazine, 2012

• Customized design
• Unique use-case constraints
• Tight HW/SW integration
• Complex, optimized architecture
• Versatility and programmability
• Diverse use-case scenarios

How can we protect highly complex modern computing systems against malicious attacks?

…Computing In Everyone’s “Hands”…

How can we protect diverse, highly complex computing systems in the hands of possibly naïve users?

5

Services

Things

Cloud Applications Network

….In a Highly Connected World….

“City of Hamburg and CISCO launch plan for smart city of the future”

BBC World News, May 1 2014

How can we protect diverse, highly complex computing systems in hands of possibly naïve users,

• perating in an environment of billions of

complex, error-prone, possibly malicious communicating devices?

Slide courtesy: Dr. Sandip Ray

…Built on Aggressive Schedules

Product Timeline

Planning

Production

Development

Exploration

3-4 years

< 1 year

How can we protect highly complex computing systems operating in an environment of billions of complex, error-prone, possibly malicious communicating devices, built under extremely aggressive time-to-market requirements?

Long, complex life cycle Mass produced in same configuration Devices never intended to be connected Machine-to-machine Requires holistic view of device to cloud and the comm. between them

Unique to Internet of Things (IOT)

IoT security needs significant re-thinking!

SPACE | Dec 2016 8

Security Design & Validation: Today

Planning Productn. Development Exploratn .

Tape-

• ut

1st Silicon

Pre-silicon Post silicon

Security Assessment Security Validation Security Architecture

Threat modeling Security Test plans Architectural FV

Security Validation

Code review RTL Testing RTL FV

Security Validation

Fuzzing, Penetration Testing, Hack-a-thon

SPACE | Dec 2016 9

Att ttacks on Har acks on Hardw dwar are: e: From

• m IC

IC t to

• IO

IOT T

Ar Are e We Parano anoid id En Enough?

• ugh?

SPACE | Dec 2016 10

What is Hardware?

SOC

• Different levels of abstraction
• System Hardware – acts as the “root-of-trust”: PCB → IC (SoC | µP)

SPACE | Dec 2016 11

Electronic H/W Design & Test Flow

Fab Assembly Wafer test

• Pkg. Test

Customer

IC Design House Design Spec.

PCB & Sys. Int.

Firmware

SPACE | Dec 2016 12

IP Vendor SoC Design House Foundry Deployment SoC Life-Cycle Threats Design /Test Solutions

Trojan-res. design;

• improve. detectability;

trust validation Hardware Obfuscation; Protect IP Eval. Copy, PUF, Low-cost authentication SCA resistant Design; Prevent scan-based attack; variable ECC

DFT 2012, Tcomp 2012, CHES 2009, D&T, 2012, CHES 2011; ASP-DAC 2013, DAC 2013, VTS 2007, DAC 2013, ICCAD 2008, DAC 2014, DAC 2015, TCAD 2009, VTS 2014, VTS 2015, PIEEE 2014, CCS 2016

Spans all stages in IC life cycle

Insert h/w Trojan; hidden backdoor IP piracy (e.g. cloning) Trojan in design (e.g. by tools) Implant Trojan Overproduction & cloning Leak secret info. RE and cloning

SPACE | Dec 2016 13

Hardware Trojan Attacks: “A Problem from Hell*”

*Michael Hayden

Bhunia et al. PIEEE, 2014

SPACE | Dec 2016 14

HW Trojan Examples / Models

Comb Trojan model

• Seq. Trojan Model

Comb Trojan Example Seq Trojan Example MOLES*: Info Leakage Trojan

*Lin et al, ICCAD 2009

SPACE | Dec 2016 15

Bugs vs. Malicious Changes

Trojan Attac

• jan Attacks

ks → Requir equires es HW tr HW trust ust verifica erification! tion!

Functional Verification

Bugs (Unintentional) Bounded by Spec

Trust Verification

Malicious change (Intentional) Unwanted functionality (Unbounded)

SPACE | Dec 2016 16

Post-Si Trust Validation

• Taxonomy of Existing Trojan Detection Approaches

Side-channel approaches do not require triggering the Trojan to observe its impact at primary input nodes.

SPACE | Dec 2016 17

Side-Channel Approach

• Multiple-parameter Trojan Detection

– Due to process variations, Trojan detection by Fmax or IDDT alone is challenging! – Consider the intrinsic relationship between IDDT and Fmax

Golden chip required!

HOST 2010 | CCS 2016

SPACE | Dec 2016 18

Self-similarity in Space & Time – for Trust Verification

Image courtesy: Intel

Zheng et al, DAC 2014, TCAD 2015 ALU ALU

No golden chip required!!!

Narasimhan et al. HOST 2011

• Uncorrelated switching in

time due to a seq. Trojan!

• Simultaneously detects

Trojan & aged/recycled ICs!

SPACE | Dec 2016 19

Trust Issues at PCB Level

Playstation modchip wiring

PSX DIY Guide

Modchip for XBOX Modchip attack

Remote HW authentication can help detect in-field tampering!

SPACE | Dec 2016 20

PCB Integrity Validation

JTAG based authen.

Can serve as backbone for IoT authentication!

Trace based authen.

PC B

Promising results w/ commercial PCBs

C1 C2 C3 C4 R1 R2 R3 R4

Ci, Ri

C1 C5 C6 C4 R1 R5 R6 R4

Ci, Ri

t = 0 t = T Time Owner Cloud Server

IoT Device PCB

C1 C2 Cn R1 R2 Rn

PCB

C1 C2 Cn R1 R2 Rn

C1, C5, C6, C4 R1, R2, R3, R4 R1, R5, R6, R4 C1, C2, C3, C4

Used for authen.

C1, C5, C6, C4 C1, C2, C3, C4

• Authenticate PCBs w/ unique

signature from each board

• Key ideas:

─ Exploit path delay variations in PCB! ─ Leverage boundary scan (JTAG) ─ Suitable for remote monitoring & attestation

SPACE | Dec 2016 21

Gl Glim impse int pse into t

• the

he Futur uture

SPACE | Dec 2016 22

Era of “Smartness”?

Smar Smartness tness at od t odds ds with with test test & sec & security! urity!

SMART makeup mirror Automatically turns on and off when you come in and out of the frame*

www.implehuman.com

4-in-1 Smart Connect™ Cradle ’n Swing - Techno Gray™

www.fisher-price.com/

“… Baby, that’s genius.” “with motion & climate sensors …automatically adjust as you come and go, or as the temp. rises.” CNET Smart Iron ($1400)

www.fisher-price.com/

“… provides real- time guidance.”

SPACE | Dec 2016 23

Crypto HW/SW needs strong security validation!

Cryptography will play an increasingly Important Role …

• Crypto principles see growing

usage in HW protection – e.g. FPGA bitstream

• Promising use of crypto in HW
• HW obfuscation
• On-chip asset protection
• Remote upgrade

K1 K2 S0 S1 S3 S2 P1 P2 P3 S4 K3

Hardware Obfuscation, Chakraborty & Bhunia, ICCAD 2008

SPACE | Dec 2016 24

Secure by design, pre-si / post-si / run-time validation!

Integrative Measures …

SM Processor

Design for Security → Trust Validation → Security Monitoring

Bhunia et al., PIEEE 2014

SPACE | Dec 2016 25

Har Hardw dwar are E e Enabl nabled ed Sec Security of F urity of Food

• od &

& Me Medic dicine ine

How to verify food / medicine you’re taking are authentic?

SPACE | Dec 2016 26

The The Is Issu sue e of Ta

• f Taint

inted ed Fo Food,

• d, Me

Medici dicine ne & & Nu Nutr trit itio iona nal S l Sup upple pleme ments nts

Electronics enabled food/medicine security?

• FDA / NIFA are promoting research / training in this area!
• Triggering companies / food chains to take measures!
• Online pharmacy & poor regulations
• Counterfeit Botox, Cialis, cancer medicine in US found (www.fda.gov)
• Melamine-contaminated baby milk sickened 300,000 infants; killed >6, 2008
• Copper sulfate, rhodamine oxide, malachite green and the deadly carbide most

commonly used to accentuate coloration and freshness in vegetables

Picture Credit: Experience Life, NYTimes

SPACE | Dec 2016 27

Collaborative work with Prof. Mandal at Case Western Reserve U., Research Fellow

• Dr. Barras and Prof. Althoefer, both at

King's College London

Eat at your own risk?

Do you really have to?

SPACE | Dec 2016 28

NQR database for drugs NQR Console

• Use Nuclear Quadrupole Resonance spectroscopy (NQR) to precisely

analyze composition of a drug / food!

• Most drugs are nitrogen rich compounds, which are highly sensitive to NQR
• Unique fingerprint based on material composition
• NQR console amenable for miniaturization – poses several eng. challenges

Can detect all types of fake drugs and harmful food additives!

• NSF Grant #1563924
• Chen et al.,

IEEE/ACM Trans. on

• Comp. Biology, 2016

SPACE | Dec 2016 29

Ackn cknowled wledgemen gements: ts:

• Dr. Sandip Ray, NXP Semiconductor
• Prof. Soumajit Mandal, CWRU
• FICS Faculties (Prof. Mark Tehranipoor | Prof. Domenic Forte)
• FICS Students

Sp Spon

• nso

sors: s:

#PowerfulYetSecu PowerfulYetSecure re

THA THANK NKS! S!