Hardware Trust and Assurance through Reverse Engineering: A Tutorial and Outlook from Image Analysis and Machine Learning Perspectives

Botero, Ulbert J.; Wilson, Ronald G.; Lu, Hangwei; Rahman, Mir Tanjidur; Mallaiyan, Mukhil A.; Ganji, Fatemeh; Asadizanjani, Navid; Tehranipoor, Mark; Woodard, Damon L.; Forte, Domenic

doi:10.1145/3464959

Cited by 54 publications

(23 citation statements)

References 141 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

Section: Cyber Attacks and Defenses In Medical Domainmentioning

confidence: 99%

“…Similar to the attacks, the defense solutions can be designed for networking communications, device software, and/or device hardware. With respect to hardware-based defensive solutions, reverse engineering is one of the effective methods for hardware trust and assurance [118][119][120]. Although originally used for negative purposes (e.g., disclosing sensitive information to a competitor/adversary), it can detect malicious alteration and/or tampering (applied by semiconductor foundries) with high accuracy.…”

Section: Cyber Attacks and Defenses In Medical Domainmentioning

confidence: 99%

“…), and functionality/specification through electrical testing and/or physical inspection. The systematic overview of a reverse engineering process is shown in Figure 37 [119]. Possible data samples for a reverse engineering-based detection and recognition system are provided in Figure 38 [121].…”

Section: Cyber Attacks and Defenses In Medical Domainmentioning

confidence: 99%

“…(c) Reverse engineering workflow for PCB: (c1) image depicting a multi-layered PCB. Depending on the number of the layers in a PCB, different types of reverse engineering techniques should be considered.Irrespective of this, these challenges are inevitable, (c2) example for misaligned layer and reconstructed image, (c3) segmentation and extraction of vias for X-rayed PCB and labelled components on the surface of an optically imaged PCB, (c4) segmented layout of PCB layers with connected and not-connected vias[119]. Abbreviations used: RE, Reverse Engineering.…”

mentioning

confidence: 99%

See 3 more Smart Citations

An Overview of Medical Electronic Hardware Security and Emerging Solutions

Taheri

Asadizanjani

2022

Electronics

Self Cite

View full text Add to dashboard Cite

Electronic healthcare technology is widespread around the world and creates massive potential to improve clinical outcomes and transform care delivery. However, there are increasing concerns with respect to the cyber vulnerabilities of medical tools, malicious medical errors, and security attacks on healthcare data and devices. Increased connectivity to existing computer networks has exposed the medical devices/systems and their communicating data to new cybersecurity vulnerabilities. Adversaries leverage the state-of-the-art technologies, in particular artificial intelligence and computer vision-based techniques, in order to launch stronger and more detrimental attacks on the medical targets. The medical domain is an attractive area for cybercrimes for two fundamental reasons: (a) it is rich resource of valuable and sensitive data; and (b) its protection and defensive mechanisms are weak and ineffective. The attacks aim to steal health information from the patients, manipulate the medical information and queries, maliciously change the medical diagnosis, decisions, and prescriptions, etc. A successful attack in the medical domain causes serious damage to the patient’s health and even death. Therefore, cybersecurity is critical to patient safety and every aspect of the medical domain, while it has not been studied sufficiently. To tackle this problem, new human- and computer-based countermeasures are researched and proposed for medical attacks using the most effective software and hardware technologies, such as artificial intelligence and computer vision. This review provides insights to the novel and existing solutions in the literature that mitigate cyber risks, errors, damage, and threats in the medical domain. We have performed a scoping review analyzing the four major elements in this area (in order from a medical perspective): (1) medical errors; (2) security weaknesses of medical devices at software- and hardware-level; (3) artificial intelligence and/or computer vision in medical applications; and (4) cyber attacks and defenses in the medical domain. Meanwhile, artificial intelligence and computer vision are key topics in this review and their usage in all these four elements are discussed. The review outcome delivers the solutions through building and evaluating the connections among these elements in order to serve as a beneficial guideline for medical electronic hardware security.

show abstract

Section: Cyber Attacks and Defenses In Medical Domainmentioning

confidence: 99%

Section: Cyber Attacks and Defenses In Medical Domainmentioning

confidence: 99%

Section: Cyber Attacks and Defenses In Medical Domainmentioning

confidence: 99%

mentioning

confidence: 99%

See 2 more Smart Citations

An Overview of Medical Electronic Hardware Security and Emerging Solutions

Taheri

Asadizanjani

2022

Electronics

Self Cite

View full text Add to dashboard Cite

show abstract

“…The latter can be further improved by preprocessing the backside with a FIB [61]. We emphasize again that in addition to the technical capabilities, a malicious foundry has unobstructed insights into the design without the need of expensive and error-prone reverse engineering [62].…”

Section: Attack Vector: Probing Registersmentioning

confidence: 99%

A critical view on the real-world security of logic locking

2022

View full text Add to dashboard Cite

With continuously shrinking feature sizes of integrated circuits, the vast majority of semiconductor companies have become fabless, outsourcing to foundries across the globe. This exposes the design industry to a number of threats, including piracy via IP-theft or unauthorized overproduction and subsequent reselling on the black market. One alleged solution for this problem is logic locking, where the genuine functionality of a chip is “locked” using a key only known to the designer. Solely with a correct key, the design works as intended. Since unlocking is handled by the designer only after production, an adversary in the supply chain should not be able to unlock overproduced chips. In this work, we focus on logic locking against the threat of overproduction. First, we survey existing locking schemes and characterize them by their handling of keys, before extracting similarities and differences in the employed attacker models. We then compare said models to the real-world capabilities of the primary adversary in overproduction—a malicious foundry. This comparison allows us to identify pitfalls in existing models and derive a more realistic attacker model. Then, we discuss how existing schemes hold up against the new attacker model. Our discussion highlights that several attacks beyond the usually employed SAT-based approaches are viable. Crucially, these attacks stem from the underlying structure of current logic locking approaches, which has never changed since its introduction in 2008. We conclude that logic locking, while being a promising approach, needs a fundamental rethinking to achieve real-world protection against overproduction.

show abstract