HAL—The Missing Piece of the Puzzle for Hardware Reverse Engineering, Trojan Detection and Insertion

Fyrbiak, Marc; Wallat, Sebastian; Swierczynski, Pawel; Hoffmann, Max; Hoppach, Sebastian; Wilhelm, Matthias; Weidlich, Tobias; Tessier, Russell; Paar, Christof

doi:10.1109/tdsc.2018.2812183

Cited by 66 publications

(38 citation statements)

References 40 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This is a realistic assumption 1 for most deployed embedded devices, where the bitstream is usually stored in plaintext on the same PCB along with the targeted FPGA. We used the HAL framework [6] to identify and manipulate the relevant netlist components. From our result, we are confident that a hardware configuration must not be fully known to also accomplish more complicated Trojan insertions at a very late stage.…”

Section: • Perform Correct Bitstream File Patchingmentioning

confidence: 99%

See 1 more Smart Citation

Insights into the mind of a trojan designer

Ender

Swierczynski

Wallat³

et al. 2019

Proceedings of the 24th Asia and South Pacific Design Automation Conference

Self Cite

View full text Add to dashboard Cite

The threat of inserting hardware Trojans during the design, production, or in-field poses a danger for integrated circuits in real-world applications. A particular critical case of hardware Trojans is the malicious manipulation of third-party FPGA configurations. In addition to attack vectors during the design process, FPGAs can be infiltrated in a non-invasive manner after shipment through alterations of the bitstream. First, we present an improved methodology for bitstream file format reversing. Second, we introduce a novel idea for Trojan insertion. CCS CONCEPTS • Security and privacy → Hardware reverse engineering; Malicious design modifications; Embedded systems security;

show abstract

Section: • Perform Correct Bitstream File Patchingmentioning

confidence: 99%

“…Hence, there is no official support for developing open source bitstream generation tools similar to Project IceStorm [27], which reversed the Lattice iCE40 FPGAs. Such a tool improves the flexibility for designers and researchers, i.e., it could extend (security) frameworks like HAL [6], Torc [19], or RapidSmith [9].…”

Section: Introductionmentioning

confidence: 99%

Insights into the mind of a trojan designer

Ender

Swierczynski

Wallat³

et al. 2019

Proceedings of the 24th Asia and South Pacific Design Automation Conference

Self Cite

View full text Add to dashboard Cite

show abstract

“…. Figure 5: Overview of the original HAL architecture from [12] data model. While such an event system is generally used in GUI and game design, we explicitly designed this system to create information which can be used by a psychological analyst to trace the user's actions.…”

Section: Halmentioning

confidence: 99%

“…• Improved Hardware Reverse Engineering Tool HAL. We significantly advance the development of our hardware reverse engineering software HAL [12] to adequately capture human behavior as a foundation for this research. • Cognitive Obfuscation Methods.…”

Section: Introductionmentioning

confidence: 99%

Towards cognitive obfuscation

Wiesen¹,

Albartus²,

Hoffmann³

et al. 2019

Proceedings of the 24th Asia and South Pacific Design Automation Conference

Self Cite

View full text Add to dashboard Cite

In contrast to software reverse engineering, there are hardly any tools available that support hardware reversing. Therefore, the reversing process is conducted by human analysts combining several complex semi-automated steps. However, countermeasures against reversing are evaluated solely against mathematical models. Our research goal is the establishment of cognitive obfuscation based on the exploration of underlying psychological processes. We aim to identify problems which are hard to solve for human analysts and derive novel quantification metrics, thus enabling stronger obfuscation techniques.KEYWORDS cognitive obfuscation, netlist-level reverse engineering, hardware obfuscation ACM Reference Format:

show abstract

“…We now provide details of the practice-oriented hardware reverse engineering course. Prior to the course and task descriptions in Section IV-B, we first introduce the educational software environment based on the interactive gate-level netlist reverse engineering and manipulation tool HAL [17] (Section IV-A).…”

Section: Educational Research As the Foundation For A Reverse Engmentioning

confidence: 99%

Teaching Hardware Reverse Engineering: Educational Guidelines and Practical Insights

Wiesen

Becker

Fyrbiak

et al. 2018

2018 IEEE International Conference on Teaching, Assessment, and Learning for Engineering (TALE)

Self Cite

View full text Add to dashboard Cite

Since underlying hardware components form the basis of trust in virtually any computing system, security failures in hardware pose a devastating threat to our daily lives. Hardware reverse engineering is commonly employed by security engineers in order to identify security vulnerabilities, to detect IP violations, or to conduct very-large-scale integration (VLSI) failure analysis. Even though industry and the scientific community demand experts with expertise in hardware reverse engineering, there is a lack of educational offerings, and existing training is almost entirely unstructured and on the job. To the best of our knowledge, we have developed the first course to systematically teach students hardware reverse engineering based on insights from the fields of educational research, cognitive science, and hardware security. The contribution of our work is threefold: (1) we propose underlying educational guidelines for practice-oriented courses which teach hardware reverse engineering; (2) we develop such a lab course with a special focus on gate-level netlist reverse engineering and provide the required tools to support it; (3) we conduct an educational evaluation of our pilot course. Based on our results, we provide valuable insights on the structure and content necessary to design and teach future courses on hardware reverse engineering.Keywords-hardware reverse engineering, educational guidelines S 0 1 RST S 1 0

show abstract

HAL—The Missing Piece of the Puzzle for Hardware Reverse Engineering, Trojan Detection and Insertion

Cited by 66 publications

References 40 publications

Insights into the mind of a trojan designer

Insights into the mind of a trojan designer

Towards cognitive obfuscation

Teaching Hardware Reverse Engineering: Educational Guidelines and Practical Insights

Contact Info

Product

Resources

About