Swan

Linscott, Timothy; Ehrett, Pete; Bertacco, Valeria; Austin, Todd

doi:10.1145/3240765.3240854

Cited by 5 publications

(7 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

Section: Identifying Security-critical Nets To Guardmentioning

confidence: 99%

“…While identifying security-critical features in a design is an orthogonal problem-and an ongoing area of research [17,23,35,53,66,67]identifying the nets (wires) that comprise said features is the first step in deploying T-TER. Currently, there exist two techniques for identifying security-critical nets: 1) manual [17,23,35] or 2) semi-autonomous [66,67]. In manual identification, a human expert analyzes the design's specification, and the corresponding HDL, and flags nets that implement features critical to the security of software or other hardware that interface to the design [17,23,35].…”

Section: Identifying Security-critical Nets To Guardmentioning

confidence: 99%

“…Currently, there exist two techniques for identifying security-critical nets: 1) manual [17,23,35] or 2) semi-autonomous [66,67]. In manual identification, a human expert analyzes the design's specification, and the corresponding HDL, and flags nets that implement features critical to the security of software or other hardware that interface to the design [17,23,35]. Alternatively, in semi-autonomous identification, a set of security-critical nets for a specific design are first manually identified [17,23], or mined from a list of published errata [66], and either: 1) used to train a classifier that identifies similar nets in other designs [66], 2) expanded using information flow [53] or fan-in analyses [54], or 3) translated to an entirely different design [67].…”

Section: Identifying Security-critical Nets To Guardmentioning

confidence: 99%

“…To detect tampering of designed-in guard wires post-fabrication, their analog characteristics of must be observable. This can be implemented either on-chip, e.g., with internal sensors [25] or ring oscillators [68], or off-chip, e.g., with two I/O pins and a onetime programmable fabric [35]. If fully-joint or partially-connected designed-in guard-wires are deployed, the one-time programmable fabric could be randomly programmed to route both ends of a single (fully-disjoint) or single-set (partially-connected) of guard wire(s) to the two pins.…”

Section: 32mentioning

confidence: 99%

See 3 more Smart Citations

T-TER: Defeating A2 Trojans with Targeted Tamper-Evident Routing

Trippel

Shin

Bush

et al. 2023

Proceedings of the ACM Asia Conference on Computer and Communications Security

View full text Add to dashboard Cite

Since the inception of the Integrated Circuit (IC), the size of the transistors used to construct them has continually shrunk. While this advancement significantly improves computing capability, fabrication costs have skyrocketed. As a result, most IC designers must now outsource fabrication. Outsourcing, however, presents a security threat: comprehensive post-fabrication inspection is infeasible given the size of modern ICs, so it is nearly impossible to know if the foundry has altered the original design during fabrication (i.e., inserted a hardware Trojan). Defending against a foundry-side adversary is challenging because-even with as few as two gateshardware Trojans can completely undermine software security. Researchers have attempted to both detect and prevent foundryside attacks, but all existing defenses are ineffective against additive Trojans with footprints of a few gates or less.We present Targeted Tamper-Evident Routing (T-TER), a layoutlevel defense against untrusted foundries, capable of thwarting the insertion of even the stealthiest hardware Trojans. T-TER is directed and routing-centric: it prevents foundry-side attackers from routing Trojan wires to, or directly adjacent to, security-critical wires by shielding them with guard wires. Unlike shield wires commonly deployed for cross-talk reduction, T-TER guard wires pose an additional technical challenge: they must be tamper-evident in both the digital (deletion attacks) and analog (move and jog attacks) domains. We address this challenge by developing a class of designed-in guard wires that are added to the design specifically to protect securitycritical wires. T-TER's guard wires incur minimal overhead, scale with design complexity, and provide tamper-evidence against attacks. We implement automated tools (on top of commercial CAD tools) for deploying guard wires around targeted nets within an open-source System-on-Chip. Lastly, using an existing IC threat assessment toolchain, we show T-TER defeats even the stealthiest known hardware Trojan, with ≈ 1% overhead. CCS CONCEPTS• Security and privacy → Tamper-proof and tamper-resistant designs; Malicious design modifications; • Hardware → Interconnect.

show abstract

Section: Identifying Security-critical Nets To Guardmentioning

confidence: 99%

Section: Identifying Security-critical Nets To Guardmentioning

confidence: 99%

Section: Identifying Security-critical Nets To Guardmentioning

confidence: 99%

Section: 32mentioning

confidence: 99%

See 2 more Smart Citations

T-TER: Defeating A2 Trojans with Targeted Tamper-Evident Routing

Trippel

Shin

Bush

et al. 2023

Proceedings of the ACM Asia Conference on Computer and Communications Security

View full text Add to dashboard Cite

show abstract

“…The development of defense mechanisms against HWTs is relatively lagging according to a recent survey on RISC-V security regarding hardware and architecture [15]. This survey features multiple proposals that try to detect HWTs in RISC-V. Linscott et al [16] focus on HWTs that are introduced in the fabrication process of silicon. The proposal is to mitigate HWTs by mapping the security-critical portions of a processor design to a one-time programmable, LUT-free fabric.…”

Section: Introductionmentioning

confidence: 99%

Preventing Soft Errors and Hardware Trojans in RISC-V Cores

Annink

Rauwerda

Hakkennes

et al. 2022

2022 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFT)

View full text Add to dashboard Cite

Soft errors in embedded systems' memories like single-event upsets and multiple-bit upsets lead to data and instruction corruption. Therefore, devices deployed in harsh environments, such as space, use fault-tolerant processors or redundancy methods to ensure critical application dependability. Another rising concern in secure, critical space applications is the possible introduction of hardware Trojans in an untrusted phase of the manufacturing process. Besides environmental side-effects, an adversary that has injected a malicious mechanism e.g., in the processor or memory can trigger unwanted behavior or leak sensitive information. Techniques to prevent or mitigate hardware Trojans are important to ensure hardware security. Leveraging the openness of the RISC-V ISA, this paper introduces a novel solution to improve the security and dependability of softcores with a low area and latency overhead. The instruction validator which is the first part of this solution can effectively detect hardware Trojans and multiple-bit upsets in the instruction memory by checking instruction/address pairs using a Bloom filter probabilistic data structure. The second part of the solution is the proposal of an error correction code instruction memory using Hamming single-error correction to detect and correct single-event upsets. It has also been proven that the Hamming decoder improves the detection performance of the instruction validator.

show abstract