Search

Your search keyword '"Tehranipoor, Mark"' showing total 138 results
Start Over Author "Tehranipoor, Mark" Language english
138 results on '"Tehranipoor, Mark"'

15. Quantifiable Assurance: From IPs to Platforms

Author

Ahmed, Bulbul, Bepary, Md Kawser, Pundir, Nitin, Borza, Mike, Raikhman, Oleg, Garg, Amit, Donchin, Dale, Cron, Adam, Abdel-moneum, Mohamed A, Farahmandi, Farimah, Rahman, Fahim, and Tehranipoor, Mark

Subjects
FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)
Abstract

Hardware vulnerabilities are generally considered more difficult to fix than software ones because they are persistent after fabrication. Thus, it is crucial to assess the security and fix the vulnerabilities at earlier design phases, such as Register Transfer Level (RTL) and gate level. The focus of the existing security assessment techniques is mainly twofold. First, they check the security of Intellectual Property (IP) blocks separately. Second, they aim to assess the security against individual threats considering the threats are orthogonal. We argue that IP-level security assessment is not sufficient. Eventually, the IPs are placed in a platform, such as a system-on-chip (SoC), where each IP is surrounded by other IPs connected through glue logic and shared/private buses. Hence, we must develop a methodology to assess the platform-level security by considering both the IP-level security and the impact of the additional parameters introduced during platform integration. Another important factor to consider is that the threats are not always orthogonal. Improving security against one threat may affect the security against other threats. Hence, to build a secure platform, we must first answer the following questions: What additional parameters are introduced during the platform integration? How do we define and characterize the impact of these parameters on security? How do the mitigation techniques of one threat impact others? This paper aims to answer these important questions and proposes techniques for quantifiable assurance by quantitatively estimating and measuring the security of a platform at the pre-silicon stages. We also touch upon the term security optimization and present the challenges for future research directions.

Published
2022

16. FPIC: A Novel Semantic Dataset for Optical PCB Assurance.

Author

JESSURUN, NATHAN, DIZON-PARADIS, OLIVIA P., HARRISON, JACOB, GHOSH, SHAJIB, TEHRANIPOOR, MARK M., WOODARD, DAMON L., and ASADIZANJANI, NAVID

Abstract

Outsourced printed circuit board (PCB) fabrication necessitates increased hardware assurance capabilities. Several assurance techniques based on automated optical inspection (AOI) have been proposed that leverage PCB images acquired using digital cameras.We review state-of-the-art AOI techniques and observe a strong, rapid trend toward machine learning (ML) solutions. These require significant amounts of labeled ground truth data, which is lacking in the publicly available PCB data space. We contribute the FICS PCB Image Collection (FPIC) dataset to address this need. Additionally, we outline new hardware security methodologies enabled by our dataset. [ABSTRACT FROM AUTHOR]

Published
2023
Full Text
View/download PDF

17. Secure Physical Design

Author

Sukanta Dey, Jungmin Park, Nitin Pundir, Dipayan Saha, Shuvo, Amit Mazumder, Dhwani Mehta, Asadi, Navid, Rahman, Fahim, Farimah Farahmandi, and Tehranipoor, Mark

Published
2022
Full Text
View/download PDF

19. Introduction to the Special Issue on CAD for Security: Pre-silicon Security Sign-off Solutions Through Design Cycle.

Author

FARAHMANDI, FARIMAH, SRIVASTAVA, ANKUR, DI NATALE, GIORGIO, and TEHRANIPOOR, MARK

Subjects
SEMICONDUCTOR industry, COMPUTER-aided design, SECURITY management
Abstract

This introduction welcomes all readers to this ACM JETC special issue on CAD for Security: Pre-silicon Security Sign-off Solutions Through Design Cycle. The articles published in this special issue reflect how computer-aided design (CAD) tools are developed to expand the notion of automated security verification throughout the system-on-chip (SoC) design cycle. This special issue aims to demonstrate how the semiconductor industry must look for security-oriented metrics and evaluation as part of automatic CAD solution development to aid analysis, identifying, root-causing, and mitigating SoC security problems. Throughout this introductory note, we first represent the need for such a security-oriented sign-off solution for the ASIC design flow, then it is followed by providing an overview of the articles published in this special issue and how they address such requirements. [ABSTRACT FROM AUTHOR]

Published
2023
Full Text
View/download PDF

21. ACED-IT: Assuring Confidential Electronic Design Against Insider Threats in a Zero-Trust Environment.

Author

Stern, Andrew, Wang, Huanyu, Rahman, Fahim, Farahmandi, Farimah, and Tehranipoor, Mark

Subjects
ELECTRONIC design automation, INTEGRATED circuit design, INTEGRATED circuits, SEMICONDUCTOR industry, PROCESS optimization, INTELLECTUAL property
Abstract

The electronics supply chain has adapted into a global process over the past two decades to support the cost of process optimization. As the semiconductor industry has transitioned from a vertical to the horizontal business model, the perceived vulnerability of integrated circuit (IC) design, and fabrication has grown dramatically. Design intellectual property (IP) is the defining characteristic of most fabless design houses and integrated device manufacturers (IDMs) within the supply chain, and as such, holds significant value for market competitiveness, and in some cases, national security. Malicious insiders threaten the confidentiality of this proprietary technology. To prevent IP piracy, we redefine the modern threat landscape by considering nearly every individual in the IC design and fabrication process untrusted. Therefore, we propose a novel framework to assure confidential electronic design against insider threats, termed ACED-IT, that enables maintaining the confidentiality of the design when it traverses through different design stages (e.g., RTL/Gate-level to GDSII). ACED-IT integrates encryption, logic locking, novel temporary-inserted logic elements (TILEs), access controls, and action logging, to protect the design IP from insider threats originating from any entity in the process. ACED-IT is compatible with the current industry development flow and provides all engineers with the tools to complete their roles. The proposed ACED-IT framework is demonstrated across various benchmarks and analyzed for security. Benchmarks processed using ACED-IT incurred negligible overhead across parameters such as power, area, timing, and test coverage after functional recovery, and provided a brute force attack complexity to recover the original design exceeding that of AES-256. [ABSTRACT FROM AUTHOR]

Published
2022
Full Text
View/download PDF

22. Power Side-Channel Leakage Assessment Framework at Register-Transfer Level.

Author

Pundir, Nitin, Park, Jungmin, Farahmandi, Farimah, and Tehranipoor, Mark

Subjects
FINITE fields, VERY large scale circuit integration
Abstract

Power side-channel (PSC) attacks received significant attention over the past two decades due to their effectiveness in breaking mathematically strong cryptographic implementations. However, most existing PSC assessment frameworks apply only to post-silicon implementations; this is unfavorable to the industry due to the lack of flexibility in fixing the design and the high cost/time penalty incurred in redoing the entire design cycle. This article presents the register transfer level (RTL)-power analysis tool (PAT) framework to perform a technology-independent PSC assessment of cryptographic (pre- and post-quantum) hardware at the RTL stage. Performing assessment at the RTL gives designers the utmost flexibility to quickly apply the countermeasures locally. RTL-PAT can also serve as a front-end sign-off framework for PSC leakage, allowing a designer to make changes in the early design stage, which would otherwise be difficult/time-consuming to perform in subsequent design stages. Furthermore, RTL-PAT can analyze both FPGA and ASIC design flows for standalone IPs and SoCs. In this article, we present the efficacy of RTL-PAT on several cryptographic implementations. The results are presented for standalone IPs, which include different AES implementations (Galois field, lookup table, pipelined, and threshold implementation) and PRESENT cipher. We also analyze a large-scale SoC, which includes the post-quantum SABER implementation and AES. The results show that the framework effectively identifies the leaky modules and validates the efficacy of PSC countermeasures implemented in the RTL. The obtained RTL-PAT assessment results are validated with the post-silicon $t$ -statistics assessment as well. [ABSTRACT FROM AUTHOR]

Published
2022
Full Text
View/download PDF

23. Detecting Hardware Trojans Using Combined Self-Testing and Imaging.

Author

Vashistha, Nidish, Lu, Hangwei, Shi, Qihang, Woodard, Damon L., Asadizanjani, Navid, and Tehranipoor, Mark M.

Subjects
ELECTRONIC systems, INTEGRATED circuits, IMAGE processing, MACHINE learning, HARDWARE
Abstract

Hardware Trojans are malicious modifications in integrated circuits (ICs) with an intent to breach security and compromise the reliability of an electronic system. This article proposes a framework using self-testing, advanced imaging, and image processing with machine learning to detect hardware Trojans inserted by untrusted foundries. It includes on-chip test structures with negligible power, delay, and silicon area overheads. The core step of the framework is on-chip golden circuit design, which can provide authentic samples for image-based Trojan detection through self-testing. This core step enables a golden-chip-free Trojan detection that does not rely on an existing image data set from Trojan-free chip or image synthesizing. We have conducted an in-depth analysis of detection steps and discussed possible attacks with countermeasures to strengthen this framework. The performance evaluation on a 28-nm FPGA and a 90-nm IC validates its high accuracy and reliability for practical applications. [ABSTRACT FROM AUTHOR]

Published
2022
Full Text
View/download PDF

24. Hardware Trust and Assurance through Reverse Engineering: A Survey and Outlook from Image Analysis and Machine Learning Perspectives

Author

Botero, Ulbert J., Wilson, Ronald, Lu, Hangwei, Rahman, Mir Tanjidur, Mallaiyan, Mukhil A., Ganji, Fatemeh, Asadizanjani, Navid, Tehranipoor, Mark M., Woodard, Damon L., and Forte, Domenic

Subjects
FOS: Computer and information sciences, Computer Science - Cryptography and Security, Image and Video Processing (eess.IV), FOS: Electrical engineering, electronic engineering, information engineering, Electrical Engineering and Systems Science - Image and Video Processing, Cryptography and Security (cs.CR)
Abstract

In the context of hardware trust and assurance, reverse engineering has been often considered as an illegal action. Generally speaking, reverse engineering aims to retrieve information from a product, i.e., integrated circuits (ICs) and printed circuit boards (PCBs) in hardware security-related scenarios, in the hope of understanding the functionality of the device and determining its constituent components. Hence, it can raise serious issues concerning Intellectual Property (IP) infringement, the (in)effectiveness of security-related measures, and even new opportunities for injecting hardware Trojans. Ironically, reverse engineering can enable IP owners to verify and validate the design. Nevertheless, this cannot be achieved without overcoming numerous obstacles that limit successful outcomes of the reverse engineering process. This paper surveys these challenges from two complementary perspectives: image processing and machine learning. These two fields of study form a firm basis for the enhancement of efficiency and accuracy of reverse engineering processes for both PCBs and ICs. In summary, therefore, this paper presents a roadmap indicating clearly the actions to be taken to fulfill hardware trust and assurance objectives., It is essential not to reduce the size of the figures as high quality ones are required to discuss the image processing algorithms and methods

Published
2020

25. SoFI: Security Property-Driven Vulnerability Assessments of ICs Against Fault-Injection Attacks.

Author

Wang, Huanyu, Li, Henian, Rahman, Fahim, Tehranipoor, Mark M., and Farahmandi, Farimah

Subjects
ELECTRONIC design automation
Abstract

Fault-injection attacks have become a major concern for hardware designs, primarily due to their powerful capability in tampering with critical locations in a device to cause violation of its integrity, confidentiality, and availability. Researchers have proposed a number of physical and architectural countermeasures against fault-injection attacks; however, these techniques usually come with large overhead and design efforts making them difficult to use in practice. In addition, the current electronic design automation (EDA) tools are not fully equipped to support vulnerability assessment against fault-injection attacks at the design-time for secure hardware development. To perform a design-time (i.e., presilicon) evaluation of such attacks, a designer should be aware of various security vulnerabilities and must perform a tedious manual design review, which is time-consuming and hard to ensure effectiveness. Therefore, it is very important to develop an automatic assessment framework to identify the most security-critical locations in a design to fault-injection attacks and place emphasis on protecting those locations. In this article, we propose an automated framework for fault-injection vulnerability assessment of designs at gate-level, while considering the design-specific security properties (SPs) using novel models and metrics. The proposed framework identifies the faults that can violate the SPs of the design. As a result, applying local countermeasures will be more effective and the protection overhead will be reduced significantly. Our experimental results on the SP of AES, RSA, and SHA implementations show that the security threat from fault-injection attacks can be significantly mitigated by protecting the identified critical locations, which are less than 0.6% of the design. [ABSTRACT FROM AUTHOR]

Published
2022
Full Text
View/download PDF

26. Analyzing Security Vulnerabilities Induced by High-level Synthesis.

Author

PUNDIR, NITIN, AFTABJAHANI, SOHRAB, CAMMAROTA, ROSARIO, TEHRANIPOOR, MARK, and FARAHMANDI, FARIMAH

Subjects
SYSTEMS on a chip, INTELLECTUAL property, SECURITY management
Abstract

High-level synthesis (HLS) is essential to map the high-level language (HLL) description (e.g., in C/C++) of hardware design to the corresponding Register Transfer Level (RTL) to produce hardware-independent design specifications with reduced design complexity for ASICs and FPGAs. Adopting HLS is crucial for industrial and government applications to lower development costs, verification efforts, and time-to-market. Current research practices focus on optimizing HLS for performance, power, and area constraints. However, the literature does not include an analysis of the security implications carried through HLS-generated RTL translations (e.g., from an untimed high-level sequential specification to a fully scheduled implementation). This article demonstrates the evidence of security vulnerabilities that emerge during the HLS translation of a high-level description of system-on-chip (SoC) intellectual properties to their corresponding RTL. The evidence provided in this manuscript highlights the need for (a) guidelines for high-level programmers to prevent these security issues at the design time and (b) automated HLS verification solutions that cover security in their optimization flow. [ABSTRACT FROM AUTHOR]

Published
2022
Full Text
View/download PDF

27. eChain: A Blockchain-Enabled Ecosystem for Electronic Device Authenticity Verification.

Author

Vashistha, Nidish, Hossain, Muhammad Monir, Shahriar, Md Rakib, Farahmandi, Farimah, Rahman, Fahim, and Tehranipoor, Mark M.

Subjects
ELECTRONIC equipment, SUPPLY chains, BLOCKCHAINS, BRAND equity, SYSTEMS integrators, ONLINE databases, FORGERY
Abstract

Counterfeit electronic devices can cause a significant revenue loss and brand value damage to the original component manufacturers (OCM). In addition, they can instigate serious safety and security issues in critical military and space applications. These devices can be injected by untrusted entities in the supply chain, such as outsourced foundries, distributors, PCB assemblers, and system integrators. Existing methods for device authenticity verification are either destructive, require an advanced electrical test or physical inspection infrastructure. Furthermore, the existing database query-based verification systems by OCMs provide an illusion of authenticity verification by looking for a device record in their online system. In reality, a customer may have bought a cloned or recycled copy of an electronic device and may find a valid record in the OCM verification system. This paper presents a blockchain-centric solution to address these limitations to verify electronic devices. A detailed study is presented to transform an existing supply chain into a trustworthy distributed ledger framework called eChain (electronic Chain). eChain generates device provenance records from blockchain that users can utilize to classify authentic and counterfeit ICs. A fully functional prototype of eChain is developed to demonstrate the feasibility and efficacy of the proposed solution. [ABSTRACT FROM AUTHOR]

Published
2022
Full Text
View/download PDF

28. RTL-PSC: Automated Power Side-Channel Leakage Assessment at Register-Transfer Level

Author

Miao, Park, Jungmin, Nahiyan, Adib, Vassilev, Apostol, Jin, Yier, and Tehranipoor, Mark

Subjects
FOS: Computer and information sciences, Computer Science - Cryptography and Security, Cryptography and Security (cs.CR)
Abstract

Power side-channel attacks (SCAs) have become a major concern to the security community due to their non-invasive feature, low-cost, and effectiveness in extracting secret information from hardware implementation of cryto algorithms. Therefore, it is imperative to evaluate if the hardware is vulnerable to SCAs during its design and validation stages. Currently, however, there is little-known effort in evaluating the vulnerability of a hardware to SCAs at early design stage. In this paper, we propose, for the first time, an automated framework, named RTL-PSC, for power side-channel leakage assessment of hardware crypto designs at register-transfer level (RTL) with built-in evaluation metrics. RTL-PSC first estimates power profile of a hardware design using functional simulation at RTL. Then it utilizes the evaluation metrics, comprising of KL divergence metric and the success rate (SR) metric based on maximum likelihood estimation to perform power side-channel leakage (PSC) vulnerability assessment at RTL. We analyze Galois-Field (GF) and Look-up Table (LUT) based AES designs using RTL-PSC and validate its effectiveness and accuracy through both gate-level simulation and FPGA results. RTL-PSC is also capable of identifying blocks inside the design that contribute the most to the PSC vulnerability which can be used for efficient countermeasure implementation., 6 pages, 6 Figures, 37th IEEE VLSI Test Symposium (VTS'19), 2019

Published
2019

29. Hardware Trust and Assurance through Reverse Engineering: A Tutorial and Outlook from Image Analysis and Machine Learning Perspectives.

Author

BOTERO, ULBERT J., WILSON, RONALD, HANGWEI LU, RAHMAN, MIR TANJIDUR, MALLAIYAN, MUKHIL A., GANJI, FATEMEH, ASADIZANJANI, NAVID, TEHRANIPOOR, MARK M., WOODARD, DAMON L., and FORTE, DOMENIC

Subjects
REVERSE engineering, PRINTED circuit design, IMAGE analysis, MACHINE learning, PRINTED circuits, INTELLECTUAL property
Abstract

In the context of hardware trust and assurance, reverse engineering has been often considered as an illegal action. Generally speaking, reverse engineering aims to retrieve information from a product, i.e., integrated circuits (ICs) and printed circuit boards (PCBs) in hardware security-related scenarios, in the hope of understanding the functionality of the device and determining its constituent components. Hence, it can raise serious issues concerning Intellectual Property (IP) infringement, the (in)effectiveness of security-related measures, and even new opportunities for injecting hardware Trojans. Ironically, reverse engineering can enable IP owners to verify and validate the design. Nevertheless, this cannot be achieved without overcoming numerous obstacles that limit successful outcomes of the reverse engineering process. This article surveys these challenges from two complementary perspectives: image processing and machine learning. These two fields of study form a firm basis for the enhancement of efficiency and accuracy of reverse engineering processes for both PCBs and ICs. In summary, therefore, this article presents a roadmap indicating clearly the actions to be taken to fulfill hardware trust and assurance objectives. [ABSTRACT FROM AUTHOR]

Published
2021
Full Text
View/download PDF

30. CONCEALING-Gate: Optical Contactless Probing Resilient Design.

Author

RAHMAN, M. TANJIDUR, DIPU, NUSRAT FARZANA, MEHTA, DHWANI, TAJIK, SHAHIN, TEHRANIPOOR, MARK, and ASADIZANJANI, NAVID

Subjects
LOGIC circuits, RESILIENT design, NET worth, DEBUGGING
Abstract

Optical probing, though developed as silicon debugging tools from the chip backside, has shown its capability of extracting secret data, such as cryptographic keys and user identifications, from modern systemon- chip devices. Existing optical probing countermeasures are based on detecting any device modification attempt or abrupt change in operating conditions during asset extraction. These countermeasures usually require additional fabrication steps and cause area and power overheads. In this article, we propose a novel low-overhead design methodology to prevent optical probing. It leverages additional operational logic gates, termed as "CONCEALING-Gates," inserted as neighbor gates of the logic gates connected to the nets carrying asset signals. The switching activity of the asset carrying logic is camouflaged with the switching activity of the concealing-gate. The input signal and placement in the layout of the concealing-gates must be selected in such a way that they remain equally effective in preventing different variants of optical probing, i.e., electro-optical frequency mapping and Electro-optical probing. The methodology is suitable for the existing ASIC/FPGA design flow and fabrication process, since designing new standard logic cells is not required.We have performed a comprehensive security evaluation of the concealing-gates using a security metric developed based on the parameters that are crucial for optical probing. The attack resiliency of the logic cells, protected by concealing-gates, is evaluated using an empirical study-based simulation methodology and experimental validation. Our analysis has shown that in the presence of concealing-gates, logic cells achieve high resiliency against optical contactless probing techniques. [ABSTRACT FROM AUTHOR]

Published
2021
Full Text
View/download PDF

31. A Metal-Via Resistance Based Physically Unclonable Function With Backend Incremental ADC.

Author

Park, Beomsoo, Forte, Domenic, Tehranipoor, Mark M., and Maghari, Nima

Subjects
HAMMING distance, ANALOG-to-digital converters, PASSIVE components, BIT error rate, ERROR rates, ENTROPY, INDIUM gallium zinc oxide
Abstract

This paper presents a novel physically unclonable function (PUF) for security authentication. Instead of using the variation of transistors or PDK provided passive components as entropy source, the parasitic resistance created between metal and via layers is used as the static entropy source. A symmetric bridge configuration consisted with the parasitic resistance creates the necessary voltage difference for comparison. An accurate backend incremental analog-to-digital converter (IADC) is implemented to convert the voltage difference into a digitized value. The operation of the IADC allows to achieve a good native instability. Two different types of layout structures are implemented to create the necessary parasitic resistance and compared. Fabricated in a 65nm process, the prototype PUF achieves a native instability and bit error rate of less than 1.45% and 0.12% with 5000 repeated evaluations. The proposed design shows 0.58%/0.1V and 0.53%/10°C bit error across the voltage and temperature range of 0.9 to 1.4V and 0°C to 85°C, respectively without any stabilization techniques. The distance ratio between intra-die and inter-die Hamming Distance is above $305\times $. [ABSTRACT FROM AUTHOR]

Published
2021
Full Text
View/download PDF

32. A Physical Design Flow Against Front-Side Probing Attacks by Internal Shielding.

Author

Wang, Huanyu, Shi, Qihang, Nahiyan, Adib, Forte, Domenic, and Tehranipoor, Mark M.

Subjects
ADVANCED Encryption Standard, SYSTEMS on a chip, FOCUSED ion beams, ENCRYPTION protocols, INTEGRATED circuits, COMPUTER-aided design
Abstract

Security-critical applications on integrated circuits (ICs) are threatened by probing attacks that extract sensitive information assisted with focused ion beam (FIB)-based circuit edit. Existing countermeasures, such as active shield, analog shield, and t-private circuit, have proven to be inefficient and provide limited resistance against probing attacks without taking FIB capabilities into consideration. In this article, we propose an FIB-aware anti-probing physical design flow, which considers FIB capabilities and utilizes computer-aided design (CAD) tools, to automatically reduce the probing attack vulnerability of an IC’s security-critical nets with minimal extra design effort. The floor-planning and routing of the design are constrained by incorporating three new steps in the conventional physical design flow, so that security-critical nets are protected by internal shield nets with low overhead. Results show that the proposed technique can reduce the vulnerable area exposed to probing on security-critical nets by 100% with all critical nets fully protected for both advanced encryption standard (AES) and data encryption standard (DES) modules. The timing, area, and power overheads are less than 3% per module, which would be negligible in a system-on-chip (SoC) design. [ABSTRACT FROM AUTHOR]

Published
2020
Full Text
View/download PDF

33. The Big Hack Explained: Detection and Prevention of PCB Supply Chain Implants.

Author

MEHTA, DHWANI, LU, HANGWEI, PARADIS, OLIVIA P., M. S., MUKHIL AZHAGAN, RAHMAN, M. TANJIDUR, ISKANDER, YOUSEF, CHAWLA, PRAVEEN, WOODARD, DAMON L., TEHRANIPOOR, MARK, and ASADIZANJANI, NAVID

Subjects
SUPPLY chains, ORIGINAL equipment manufacturers, INSPECTION & review, PRINTED circuits, IMAGE analysis, SEMICONDUCTOR manufacturing
Abstract

Over the past two decades, globalized outsourcing in the semiconductor supply chain has lowered manufacturing costs and shortened the time-to-market for original equipment manufacturers (OEMs). However, such outsourcing has rendered the printed circuit boards (PCBs) vulnerable to malicious activities and alterations on a global scale. In this article, we take an in-depth look into one such attack, called the "Big Hack," that was recently reported by Bloomberg Buisnessweek. The article provides background on the Big Hack from three perspectives: an attacker, a security investigator, and the societal impacts. This study provides details on vulnerabilities in the modern PCB supply chain, the possible attacks, and the existing and emerging countermeasures. The necessity for novel visual inspection techniques for PCB assurance is emphasized throughout the article. Further, a review of various imaging modalities, image analysis algorithms, and open research challenges are provided for automated visual inspection. [ABSTRACT FROM AUTHOR]

Published
2020
Full Text
View/download PDF

34. QEC: A Quantum Entropy Chip and Its Applications.

Author

Park, Jungmin, Cho, Seongjoon, Lim, Taejin, and Tehranipoor, Mark

Subjects
QUANTUM entropy, RANDOM number generators, QUANTUM well devices, RADIOACTIVE decay, CENTRAL processing units, SYSTEMS on a chip
Abstract

Quantum phenomena cannot be predicted by the uncertainty principle. As a quantum phenomenon, radioactive decay has been used as an entropy source to generate random numbers. In this article, we present the design and development of an innovative quantum entropy chip (QEC) that produces analog random pulses when emitted alpha particles resulted from radioactive isotope (americium-241) decay hit the sensor. The analog pulse generated by a QEC can be digitized into random numbers by an entropy extractor. The QEC provides security foundation for device authentication as well as a quantum random number generator (QRNG), especially suited for the Internet of Things (IoT) devices due to its small size. We have successfully designed and fabricated the QEC as a wafer for supporting a system-on-chip (SoC) Internet Protocol (IP) so that the QEC can be embedded into a microcontroller unit (MCU) or central processing unit (CPU). In addition, we built a stochastic model to estimate the entropy of the quantum source and evaluated statistical randomness and robustness against temperature, voltage variations, aging effects, and physical attacks. Finally, we demonstrate various applications using the QEC such as side-channel-resistant primitives and device authentication. [ABSTRACT FROM AUTHOR]

Published
2020
Full Text
View/download PDF

35. EMFORCED: EM-Based Fingerprinting Framework for Remarked and Cloned Counterfeit IC Detection Using Machine Learning Classification.

Author

Stern, Andrew, Botero, Ulbert, Rahman, Fahim, Forte, Domenic, and Tehranipoor, Mark

Subjects
FISHER discriminant analysis, INTEGRATED circuit design, FORGERY, MICROPROCESSORS, PRINCIPAL components analysis, CRYOELECTRONICS, INTEGRATED circuits
Abstract

Electronics supply chain vulnerabilities have broadened in scope over the past two decades. With nearly all integrated circuit (IC) design companies relinquishing their fabrication, packaging, and test facilities, they are forced to rely upon companies from around the world to produce their ICs. This dependence leaves the electronics supply chain open to counterfeiting activities. In this article, we propose an electromagnetic (EM)-based fingerprinting framework, called EMFORCED, to detect remarked and cloned counterfeit ICs. Here, we demonstrate the benefits of using naturally occurring EM side channels to identify the IC design layout without decapsulating the chip under test. Enabling only the clock, $V_{\mathrm{ dd}}$ , and ground pins allows us to generate a design-specific fingerprint that is dependent upon the physical parameters of the chip under test. EMFORCED leverages the EM emissions from the clock distribution network to create a holistic, design-level, fingerprint, including both temporal information and spatial information. We utilize the fingerprint information of functionally similar 8051-series microprocessors from three vendors and perform unsupervised (principal component analysis) and supervised (linear discriminant analysis) machine learning methods on all ICs to determine their intravendor and intervendor similarities. We acquired ICs from multiple dates and lot codes along with variants acquired from the gray market and analyzed them for authenticity using physical inspection and X-ray tomography. Statistical analysis and machine learning techniques are used to demonstrate the reference-free and reference-inclusive classification methods based on EMFORCED measurements. We demonstrate the classification accuracies of 99.46% and 100% for unsupervised and supervised approaches, respectively. [ABSTRACT FROM AUTHOR]

Published
2020
Full Text
View/download PDF

36. Interconnect-Based PUF With Signature Uniqueness Enhancement.

Author

Yu, Liting, Wang, Xiaoxiao, Rahman, Fahim, and Tehranipoor, Mark

Subjects
MONTE Carlo method, INTEGRATED circuit interconnections, SHIFT registers, MANUFACTURING processes, RANDOM numbers
Abstract

Physical unclonable function (PUF) is an important security primitive, which generates unique signatures as fingerprints for each chip. This article first presents a novel interconnect-based PUF (iPUF). The proposed iPUF utilizes the manufacturing process variability of interconnect lines to introduce crosstalk variations for generating PUF signatures. By leveraging the variations of passive interconnects, iPUF minimizes the usage of active CMOS components, providing an increased resiliency against environmental variations and aging. Initiated by a linear feedback shift register (LFSR), iPUF sequentially generates 1-bit signature at each clock cycle, making it more efficient compared with ring-oscillator PUF. Second, two schemes for signature uniqueness enhancement of sequential PUFs are proposed. The self-masking scheme windows the sequential signature with an $m$ -bit mask trained by the PUF’s own initial sequential signature. Meanwhile, the bit-filtering scheme screens the randomness of each bit within the sequential signature by exploiting several sub-iPUFs and selects the bits with high randomness. To verify the performance of iPUF, Monte Carlo simulations of 500 samples, with variations following industrial data, are conducted in different operating corners. The uniqueness of the given sample set approaches 48.63% with a 10-bit mask. With ±10% supply voltage, $0~^{\circ }{C}$ –100 °C temperature variations, as well as one year of unaccelerated aging, iPUF’s reliability values, are as high as 96.09%, 99.06%, and 99.63%, respectively. For verification, 50 dies of iPUF chips are manufactured with a 55-nm technology node. Silicon results demonstrate that iPUF generates 1024-bit signatures with satisfied uniqueness (48.03%) while exhibiting good reliability (90.07%) under 120-mV voltage variations. Finally, iPUF’s robustness against various attacks is also proven. [ABSTRACT FROM AUTHOR]

Published
2020
Full Text
View/download PDF

37. System-Level Counterfeit Detection Using On-Chip Ring Oscillator Array.

Author

Wang, Xiaoxiao, Han, Yueying, and Tehranipoor, Mark

Subjects
PRINTED circuits, FORGERY, ELECTRONIC systems, INTEGRATING circuits, MILITARY supplies, CONSUMER goods
Abstract

Counterfeiting has unfortunately become a worldwide epidemic affecting electronic systems from consumer goods to military equipment, which seriously jeopardizes system security, reliability, and electronic vendors’ reputation. The counterfeit parts, e.g., integrated circuits (ICs) and printed circuit boards (PCBs), have shown a significant increase in type and number over the recent years. However, the existing counterfeit detection techniques deal with IC or PCB separately, and hence, they cannot verify the authenticity of an electronic system as a whole. In this paper, we propose concurrent IC and PCB authentication (CIPA), a novel methodology that concurrently verifies the authenticity of both IC and PCB through extracting the signature pairs generated by a ring oscillator (RO) array without/with PCB cavity resonance. With CIPA, remote authentication is allowable by transmitting the signatures between the verifier and the system vendor. The CIPA structure has shown insignificant area overhead (0.945% on average) when implemented on a number of benchmarks. Both CIPA and the benchmarks have been implemented on the authentic and counterfeit FPGA systems, and the results give 100% confidence in detecting counterfeit ones. Furthermore, the authenticity of PCB and IC (i.e., authentic or counterfeit) of the system under test can also be mined from CIPA signatures. According to the experimental results, systems composed of different authenticity states of PCB and IC are differentiated from each other with the confidence of 97.62%. The overall authentication time is $40.2~\mu \text{s}$ considering 50-MHz system clock. [ABSTRACT FROM AUTHOR]

Published
2019
Full Text
View/download PDF

38. Recycled FPGA Detection Using Exhaustive LUT Path Delay Characterization and Voltage Scaling.

Author

Alam, Md Mahbub, Tehranipoor, Mark, and Forte, Domenic

Subjects
CLOSED loop systems, GATE array circuits, FIELD programmable gate arrays, INTEGRATED circuits, ENGINEERING design, ELECTRIC potential
Abstract

Field-programmable gate arrays (FPGAs) have been extensively used because of their lower nonrecurring engineering and design costs, instant availability and reduced visibility of failure, high performance, and power benefits. Reports indicate that previously used or recycled FPGAs are infiltrating the electronics’ supply chain and making the security and reliability of the critical systems and networks vulnerable. Current recycled integrated circuit (IC) detection procedures include parametric, functional, and burn-in tests that require golden or reference data. Besides, they are time consuming, require expensive equipment, and do not focus on FPGAs. In this article, we propose two recycled FPGA detection methods based on supervised and unsupervised machine learning algorithms. We develop a sophisticated ring oscillator (RO) design to exploit the degradation of lookup tables (LUTs) and use them in the proposed methods. In the supervised method, a one-class classifier is trained with RO frequencies, kurtosis, and skewness data obtained from unused FPGAs, which differentiates unused and aged FPGAs. The unsupervised method uses $k$ -means clustering and Silhouette value analysis to detect suspect recycled components with very little (if any) golden information. In addition, we introduce a voltage scaling-assisted RO frequency measurement technique that improves the classification. The proposed methods are examined for Spartan-3A and Spartan-6 FPGAs, and the result shows that both methods are effective in detecting recycled FPGAs, which experience accelerated aging for at least 12 h equivalent to 70 days in real-time age. [ABSTRACT FROM AUTHOR]

Published
2019
Full Text
View/download PDF

39. Hardware Security (Dagstuhl Seminar 16202)

Author

Keren, Osnat, Polian, Ilia, and Tehranipoor, Mark M.

Subjects
000 Computer science, knowledge, general works, Computer Science
Abstract

This report documents the program and outcomes of Dagstuhl Seminar 16202 ``Hardware Security", which was held in Schloss Dagstuhl- Leibniz Center for Informatics from May 16- 20, 2016. This seminar aims to bring together a group of researchers, who are actively involved in the design and the security assessment of hardware primitives. The seminar was organized around presentations given by several participants on their current research, and ongoing work. In addition to these presentations, the program also included three discussion sessions, and two special sessions on curriculum development and funding programs. The seminar was indeed successful in familiarizing the researchers with recent developments in hardware security field of study, providing better understanding of still unsolved problems, and pointing out future research directions. The paper is further organized as follows. Section 1 summarizes the most important goals of the seminar. Section is devoted to the abstracts of the presentations given in the seminar, whereas in Section 4 the abstracts of the discussion sessions are provided.

Published
2016
Full Text
View/download PDF

40. Power-based Side-Channel Instruction-level Disassembler.

Author

Jungmin Park, Xiaolin Xu, Yier Jin, Forte, Domenic, and Tehranipoor, Mark

Subjects
MALWARE, SOFTWARE piracy, DISCRIMINANT analysis, MULTIVARIATE analysis, TELECOMMUNICATION equipment
Abstract

Modern embedded computing devices are vulnerable against malware and software piracy due to insufficient security scrutiny and the complications of continuous patching. To detect malicious activity as well as protecting the integrity of executable software, it is necessary to monitor the operation of such devices. In this paper, we propose a disassembler based on power-based side-channel to analyze the real-time operation of embedded systems at instruction-level granularity. The proposed disassembler obtains templates from an original device (e.g., IoT home security system, smart thermostat, etc.) and utilizes machine learning algorithms to uniquely identify instructions executed on the device. The feature selection using Kullback-Leibler (KL) divergence and the dimensional reduction using PCA in the time-frequency domain are proposed to increase the identification accuracy. Moreover, a hierarchical classification framework is proposed to reduce the computational complexity associated with large instruction sets. In addition, covariate shifts caused by different environmental measurements and device-to-device variations are minimized by our covariate shift adaptation technique. We implement this disassembler on an AVR 8-bit microcontroller. Experimental results demonstrate that our proposed disassembler can recognize test instructions including register names with a success rate no lower than 99.03% with quadratic discriminant analysis (QDA). [ABSTRACT FROM AUTHOR]

Published
2018
Full Text
View/download PDF

41. Security-Aware FSM Design Flow for Identifying and Mitigating Vulnerabilities to Fault Attacks.

Author

Nahiyan, Adib, Farahmandi, Farimah, Mishra, Prabhat, Forte, Domenic, and Tehranipoor, Mark

Subjects
SECURITY management, INTEGRITY, RELIABILITY (Personality trait), CHARACTER, INTEGRITY in literature, HONESTY
Abstract

The security of a system-on-chip (SoC) can be compromised by exploiting the vulnerabilities of the finite state machines (FSMs) in the SoC controller modules through fault injection attacks. These vulnerabilities may be unintentionally introduced by traditional FSM design practices or by CAD tools during synthesis. In this paper, we first analyze how the vulnerabilities in an FSM can be exploited by fault injection attacks. Then, we propose a security-aware FSM design flow for ASIC designs to mitigate them and prevent fault attacks on FSM. Our proposed FSM design flow starts with a security-aware encoding scheme which makes the FSM resilient against fault attacks. However, the vulnerabilities introduced by the CAD tools cannot be addressed by encoding schemes alone. To analyze for such vulnerabilities, we develop a novel technique named analyzing vulnerabilities in FSM. If any vulnerability exists, we propose a secure FSM architecture to address the issue. In this paper, we mainly focus on setup-time violation-based fault attacks which pose a serious threat on FSMs; though our proposed flow works for advanced laser-based fault attacks as well. We compare our proposed secure FSM design flow with traditional FSM design practices in terms of cost, performance, and security. We show that our FSM design flow ensures security while having a negligible impact on cost and performance. [ABSTRACT FROM AUTHOR]

Published
2019
Full Text
View/download PDF

42. Probing Assessment Framework and Evaluation of Antiprobing Solutions.

Author

Wang, Huanyu, Shi, Qihang, Forte, Domenic, and Tehranipoor, Mark M.

Subjects
FOCUSED ion beams, INTEGRATED circuits, SYSTEMS on a chip, COMPUTER firmware
Abstract

Probing attacks against integrated circuits has become a serious concern, especially for security-critical applications. With the help of modern circuit editing tools, an attacker could remove layers of materials and expose wires carrying sensitive on-chip assets, such as cryptographic keys and proprietary firmware, for probing. Most of the existing protection methods use an active shield that provides tamper-evident covers at the top-most metal layers to the circuitry below. However, they lack formal proofs of their effectiveness as some active shields have already been circumvented by hackers. In this paper, we investigate the problem of protection against front-side probing attacks and propose a framework to assess a design’s vulnerabilities against probing attacks. Metrics are developed to evaluate the resilience of designs to bypass an attack and reroute the attack, the two common techniques used to compromise an antiprobing mechanism. Exemplary assets from a system-on-chip layout are used to evaluate the proposed flow. The results show that long net and high layer wires are vulnerable to a probing attack equipped with high aspect ratio focused ion beam. Meanwhile, nets that occupy small area on the chip are probably compromised through rerouting shield wires. On the other hand, the multilayer internal orthogonal shield performs the best among common shield structures. [ABSTRACT FROM AUTHOR]

Published
2019
Full Text
View/download PDF

43. Bimodal Oscillation as a Mechanism for Autonomous Majority Voting in PUFs.

Author

Xu, Xiaolin, Keshavarz, Shahrzad, Forte, Domenic J., Tehranipoor, Mark M., and Holcomb, Daniel E.

Subjects
OSCILLATIONS, SILICON analysis, INTEGRATED circuits, VOLTAGE control, SIMULATION methods & models
Abstract

Physical unclonable functions (PUFs) leveraging minute silicon process variations have been proposed for generating the device-tied secret keys. When creating the PUF-based keys, the high energy and area costs for implementing error corrections can far exceed the costs of the basic PUF circuits alone. It is critical to minimize the end-to-end cost of the reliable key generation; otherwise, the application of PUFs would be greatly limited. In this paper, we propose a new PUF scheme that uses a circuit with two different oscillation modes (bimodal oscillation) to realize the autonomous majority voting and improve PUF reliability. This design is novel and efficient because the voting procedure is realized with a self-timed oscillating circuit without orchestration by a clock signal. We use both circuit simulation and FPGA implementation to evaluate the reliability tradeoffs achieved by different parameterizations of the design, to show that the design performs well across a range of supply voltages, and to quantify the robustness of the design across a broad range of operating temperatures. [ABSTRACT FROM AUTHOR]

Published
2018
Full Text
View/download PDF

44. An On-Chip Dynamically Obfuscated Wrapper for Protecting Supply Chain Against IP and IC Piracies.

Author

Zhang, Dongrong, Wang, Xiaoxiao, Rahman, Md. Tauhidur, and Tehranipoor, Mark

Subjects
SEMICONDUCTORS, SUPPLY chain management, INTELLECTUAL property, INTEGRATED circuit design, SIMULATION methods & models
Abstract

With the modern semiconductor supply chain, the ownership of both intellectual property (IP) and integrated circuit (IC) cannot be guaranteed. The IP piracy may take place at the untrusted IC designer or untrusted foundry without the knowledge of the original IP owner. The untrusted foundry can also perform IC piracy with reverse engineering of GDSII, overproducing the number of ICs, and shipping out-of-spec/defective devices. A holistic solution is proposed to protect the ownership of both IP owners and IC designers. In this solution, a dynamically obfuscated wrapper for split test (DOST) and a secure split test methodology together aim at preventing IP overusing at multiple abstraction levels and enabling IC designers to fully control the production, test, and authentication processes. DOST has been implemented and validated on video graphics array-liquid crystal display, floating-point and graphics unit, Leon3, and Leon3mp benchmarks. DOST enables the structural tests in the locked mode and the functional tests in the functionally unlocked mode. The results show that the proposed method is highly robust against IP and IC piracies with an insignificant area (1.381%) and power (1.276%) overhead. [ABSTRACT FROM AUTHOR]

Published
2018
Full Text
View/download PDF

47. MICROELECTRONICS SUPPLY CHAIN SECURITY.

Author

Tehranipoor, Mark

Subjects
*SUPPLY chains, *REVERSE engineering, *APPLIED sciences, *FAILURE analysis, *SECURITY management, *ELECTRONIC equipment, *COMPUTER passwords
Abstract

The article offers information related to the modern microelectronics supply chain. It is noted hat with the globalization of the design cycle and supply chain, attacks on microelectronic devices have been on increase. The potential sources of these threats and vulnerabilities span over different stages of the microelectronic supply chain like flaws in the design and integration, rogue employees untrusted third-parties, untrusted foundry and malicious end users, to name a few.

Published
2022

Catalog

Books, media, physical & digital resources
See catalog results