Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Sneak Peek into the Future with Prof. Indranil Sengupta, IIT Kharagpur
1. Hardware Trojan: Threats and
Emerging Solutions
Prof. Indranil Sen Gupta
Professor, Dept. of Computer Science and Engg.
IIT Kharagpur
E-mail: isg@iitkgp.ac.in
TOP 100 CISO AWARDS
2. Outline
Background
Modern IC design and manufacturing
What are Hardware Trojans?
Reality or fantasy?
Trojan taxonomy and examples
Trojan taxonomy
Trojan examples
Trojan detection techniques
General features
Classification of Trojan detection techniques
Challenges
Invasive techniques
Non-invasive techniques
• Logic testing
• Side-channel analysis
Multi-level Attack
Summary and future research directions
2
4. Modern IC Design and Manufacturing
4
IP Tools
Std.
Cells Models
DesignSpecifications Fab Interface Mask Fab
Wafer
Probe
Dice and
Package
Package
Test
Deploy
and
Monitor
Trusted
Either
Untrusted
Wafer
*http://www.darpa.mil/MTO/solicitations/baa07-24/index.html
DARPA’s Model of Hardware Security Threats*
Not really Trusted!!
Offshore
Third-party
5. Effects of Prevalent Practices
5
Prevalence of Intellectual Property (IP) based design
Routine use of CAD tools from EDA vendors
Fabless manufacturing model (trend on the rise)
Outsourcing of manufacturing to offshore fabs
Loss of Control over design and manufacture
Potentially untrusted parties getting involved
6. What are Hardware Trojans ?
6
Malicious modifications to design
Can take place pre or post manufacturing
Inserted by intelligent adversary
Extremely small hardware overhead
Stealthy => difficult to detect
Causes IC to malfunction in-field
Results:
Potentially disastrous consequences
Can affect:
• Military installations
• Civilian infrastructure (power grid, transportation, etc.)
• Communication
Loss of human life and property
Billions of dollars in lost property and infrastructure
7. How Realistic are Hardware Trojans?
7
Do hardware Trojans really exist?
No concrete proof obtained yet
Tampering masks in fab is not easy (highly complex)
Reverse-engineering a single IC can take months
Political issues make it difficult to verify authenticity of fabs
But there is strong evidence they do….
Numerous suspected military and commercial cases (as early as
1976!!)
Reverse-engineering ICs is widely believed to be performed by
reputed companies (IBM has patents) *
Highly sophisticated commercial software tools for reverse-
engineering available (Chipworks, etc.)**, and academic efforts
(Cambridge University)
Tampering at design stage is highly feasible
*US Patent #6, 496, 022 B1 by Kash et al
**www.chipworks.com
8. Suspected Hardware Trojans
8
Military
Old Trick Threatens the New Weapons” (J. Markoff, NYT, Oct. 2009)
“Hardware Trojans could turn microchips into timebombs” (P. Marks,
NS, Jul. 2009)
“Towards Countering the Rise of the Silicon Trojan” (DSTO,
Australian Govt., Dec. 2008)
“The Hunt for the Kill Switch” (S. Adee, IEEE Spectrum, May 2008)
“FBI says military had bogus computer gear” (J. Markoff, NYT, May
2008)
“BAA 07-24: TRUST in Integrated Circuits (IC)” (DARPA, Jul. 2007)
Commercial
“Cracking Security Codes: Does it Matter?” (C. Tartette, IEEE
Spectrum, Feb. 2010)
“PC Giant Warns of Hardware Trojans” (S. Adee, IEEE Spectrum,
May 2008)
10. Trojan Taxonomy
10
Banga and Hsiao [HOST’08]
Hardware Trojans
Combinational Sequential
Wang, Tehranipoor and Plusquellic [HOST’08]
Physical
attribute
Activation
attribute
Action attribute
Wolff et al [DATE’08],
Jin and Makris [HOST’08]
Trigger Payload
11. Trojan Taxonomy (contd.)
11
Trojan
Payload
Synchronous
Asynchronous
Rare
Sequences
Digital Analog
On-chip
sensors
Digital
Bridging
Delay
Activity
Analog
Trigger
Circuit
Nodes
Other
Information
Leakage
Memory
Content
Denial-of-
Service
Hybrid
Combinational Sequential
Rare value
Activity
Taxonomy based on [Chakraborty et al HLDVT’09]
Activation mechanism (trigger) and
Malicious effect (payload)
12. Digital Trojans
12
Combinational Trojan
(simplest, most widely studied)
Sequential (Synchronous )Trojan
(“Time Bomb”)
Sequential (Asynchronous)Trojan
ER ER*
0 1 2 k-1
CLK
Trigger
Payload
ER ER*
0 1 2 k-1
Trigger
Payloadp
q
A
B Cmodified
C
Trigger
Payload
HybridTrojansER ER*
CLK
CLK
CLK
k2-bit
Counter
k1-bit
Counter
16. General Features
16
Most proposed techniques cannot guarantee Trojan detection
Can only provide confidence levels
Prone to false positives
Do not have resolution to pin-point the Trojan location
No “silver-bullet” technique available
Most techniques assume particular Trojan models
Arbitrarily complex Trojans have not been studied
Most proposed techniques have not been validated
experimentally
Based on computer simulations
Mostly ignores experimental sources of error
Many are futuristic (e.g. 3-D IC technology based techniques)
Many have unacceptable design overhead
18. Why is Trojan Detection Challenging?
18
For logic-testing based methods:
Trigger nodes have low controllability, payload nodes have low
observability
Trojans are stealthy
Extremely large number of possible Trojan instances
• Combinatorial dependence on number of circuit nodes
• For the ISCAS-85 c880 circuit with 451 possible nodes, ~1011 possible Trojans !!
Sequential Trojans extremely difficult to detect
Finite test length and duration
For side-channel analysis based methods:
Modern nanometer processes have large process variation
Susceptible to experimental measurement error
Difficult to detect very small Trojans
Needs a Golden sample …might not be available
For invasive methods:
Design overhead
19. Invasive Techniques
19
Obfuscate the circuit functionality [Chakraborty and Bhunia, ICCAD’09]
Design of stealthy Trojan requires identification of rare nodes
This requires estimation of signal probability at internal nodes
Can obfuscation be applied to make this task difficult?
Prevent free dead space in an IC [Wang et al, HOST’08]
Trojan insertion requires space
Can be overcome using better logic optimization and placement
1. Preventive Techniques
S0
O
S1
O S2
OK1 K2
S0
I
S1
I
S2
I
S0
N
S3
N
S2
N
S1
N
K3
Obfuscated Functionality
Original State Space
Initialization state
space
Isolation
state space
Initialization Key = {K1, K2, K3}
S4
N
S5
N
S3
I
Obfuscation state space
Normal Functionality
Start
Invalid
Trojan
Valid
Trojan
Modify STG of circuit
Normal and obfuscated
modes of operation
Initialization key
sequence required to take
circuit to normal mode
after power-up
Well-hidden circuit
modifications
20. 2. Assistive Techniques
20
On-demand Transparency [Chakraborty et al, HOST’08]
Make system operate in a special mode on demand
Presence of Trojan possibly disrupts operations in the special mode
This changes the expected o/p logic values in the special mode
This leads to the detection of an inserted Trojan (probabilistically)
Limitation: Cannot guarantee Trojan detection
21. Non-invasive Techniques
21
Hardware Approach (DEFENSE) [Abramovici and Bradley, CSIIR’09]
Reconfigurable framework for run-time functionality monitoring
Triggers counter-measures on deviation
Does not mention hardware overhead
Commercially available design tool to implement the methodology
1. Run-time Techniques
22. Run-time Techniques (contd.)
22
Software Approach [McIntyre et al, HOST’09]
Execute identical copies of software
on multiple CPUs
Dynamically evaluate individual trust
levels (“Trust learning”)
Simulation results show that the
system can successfully execute
programs in a Trojan-infested
environment
Hardware + Software Approach
[Bloom et al HOST’09]
“Hardware guard” module outside
CPU + enhanced OS
Effectively protects against DoS and
privilege escalation attacks
2.2% average performance overhead
for SPECint 2006 benchmarks
23. Run-time Techniques (contd.)
23
BlueChip
[Hicks et al IEEE Symp. Security and Privacy’10]
Pre-fab: Design is analyzed and “Unused Circuit Identification”
(UCI) is used to detect unused circuit blocks which are potential
Trojans
Such suspicious modules are replaced by exception generation
hardware
When activated, the exception generation hardware delivers the
exception to the BlueChip software layer
The software emulates the instruction that generated the exception
Ensures forward progress of program
5% run-time overhead, 1.5% area overhead. 0.5% power overhead
for a FPGA-based implementation
Challenge: Based on verification, hence difficult to have complete
coverage of the behavior of the circuit
24. 2. Test Techniques
24
Multiple Excitation of Rare Occurrence (MERO) [Chakraborty et al, CHES’09]
Recap: Complete enumeration of all possible Trojans infeasible
Added difficulty of exciting multiple nodes at their rare values
MERO aims to
• Enumerate rare nodes in a given netlist
• Excite these potential Trojan trigger nodes multiple times to their rare
values individually
• Generate a compact set of set vectors
The technique bypasses the difficulty of directed test generation to
trigger Trojans
Limitations:
Limited to a class of Trojans
Statistical technique => cannot guarantee 100% detection coverage
a. Logic-testing based
25. Mathematical Model
25
Method:
Apply test vectors that trigger each node to its rare value at
least N times
Assumptions:
An inserted Trojan has a small but non-zero probability of being
triggered
Trigger nodes are mutually independent
Trojan trigger probability is product of trigger probability of all
trigger nodes
Main inferences of analysis:
Expected number of times of Trojan getting triggered
proportional to N
Trojan triggering probability increases if trigger probability of
individual trigger nodes increases
26. Design Flow Automation
26
Input: N, q, θ,
# of Trojan inst., # of random
patterns, circuit netlist
Determine rare events on
internal nodes
RO-Finder
Select Trojan instances
using Random Sampling
Eliminate false Trojans
Synospsys
TetraMAX
Estimate coverage for
random patterns TrojanSim
Generate optimized
patterns MERO
Estimate coverage for
optimized patterns TrojanSim
END
Coverage for
random patterns
Coverage for
optimized
patterns
TrojanSelection
List of feasible
Trojans
Optimized test
patterns
C program to find
Rare Occurrences
C program for
Trojan Simulation
C program for Multiple
Excitation of Rare
Occurrence testset
generation
Justification
27. 2 (b). Side-channel Analysis based
Techniques
27
IC Fingerprinting [Agrawal et al, IEEE Symp. Security and Privacy’07]
A signature (fingerprint) associated with an IC
Usually path delay or power trace
Usually supplemented by de-noising techniques
Vector selection is important
Can detect Trojans as small as 0.01% of circuit area in
presence of ±7.5% process variation
Limitations
Based only on simulation results
Did not conduct actual experiments and measurements
Did not consider experimental noise
28. Current-trace based Techniques
28
Power-supply Transient based
[Rad et al, HOST’08]
Signals from multiple ports for several
IC instances are calibrated
Statistical characterization
Capable of detecting 50% activated and
30% inactive Trojans
Sustained-vector Technique
[Banga and Hsiao, VLSID’09]
Repeat each input vector multiple times
Reduce extraneous toggles
Magnifies power profile differences
Region-based Trojan detection [Banga and Hsiao, HOST’08]
Partition circuits into smaller regions
Generate vectors to excite selected region and minimize
activity of other regions
Could detect most Trojans at ±7.5% process variation
29. Path-delay Based Techniques
29
Path-delay Fingerprint [Jin and Makris, HOST’08]
Multiple paths considered
Extensive statistical characterization
Capable of detecting Trojans with 0.13% area, under 7.5% process
variation
Gate-level Characterization [Potkonjak et al, DAC’09]
Both path delay and leakage current were considered
Problem formulated as a LPP
Effective for smaller ISCAS-85 circuits
Limitation: Computationally challenging for larger circuits
Trojan infested
Trojan free (“convex hull”)
30. Multi-level Attack
30
Uses nexus between multiple parties
Only parties which are part of the nexus can benefit
The nexus eases the burden of individual parties
More challenging to detect than Trojans considered so far
32. Conclusions
32
Modern IC design and manufacturing practices are inherently
insecure
Third-party IPs and off-shore manufacturing
Potentially untrusted parties pay a major role
Trend likely to increase
Hardware Trojans are malicious circuit modifications
Small overhead, hugely destructive impact
Difficult to detect by traditional testing means
Great threat to national security
State-of-the-art
Both design and test techniques have been proposed
Effectiveness of the proposed techniques limited to the particular
types of Trojans
Most techniques have not been validated experimentally in-field
33. Future Research Directions
The main concern is the lack of a generic
technique for Trojan detection
Model-independent Trojan detection ultimate goal
Testing approaches:
◦ combination of logic-testing and side-channel
approaches hold most promise
Multi-level attacks pose new challenges
Design approach:
◦ Design for Security is the best bet
33
34. Future Research Directions
34
Design for Security
Design
Techniques Metrics Automation Education
Methodology
Software
Courses
Study
Material
Degree of security
Overheads
Circuit
Architecture
System
35. Security Research at IIT Kharagpur
General security
◦ Securing policy integration in cloud-based
collaboration through selection of trust-worthy
provider and permission authorization.
◦ Trust based security access control models for
MANETs.
◦ Formal analysis of security policy
implementations in enterprise networks.
◦ Digital rights management.
35
36. Cryptography
◦ Block and stream cipher design
◦ Lightweight crypto algorithms
◦ Side-channel attacks
◦ Physically unclonable functions (PUF)
◦ Malicious hardware and their mitigation
36
There are animations. After the 3rd animation, say that this talk with not cover this topic, although we have worked on a solution to perevnt leakage of secret information at the “package and test” phase
Here mention that different authors have proposed different Trojan nomenclature, and we are going to elaborate on the last classification based “trigger” and “payload”
Mention that hybrid Trojans are particularly difficult to detect. Also mention that many other interesting sequential Trojans have been proposed.
Mention that “Trojan Design” is a very active field of research, and they can be of a lot of more varieties. We have just presented a few simple types.
Mention that destructive approaches are very expensive with respect to time and cost, and cannot guarantee Trojan detection because only a few ICs from a wafer might have Trojans, while the others might be benign, so destructive testing is not really helpful.
Here, say a few words about the scheme by describing the modified state diagram. Talk about the “initialization key sequence”, exponential functional complexity of the scheme, how the Trojan might become more “detectable”, and how the Trojan might become “benign”. Mention use of “unreachable states”, and use of Tetramax in finding them.
“DoS” stands for “denial-of-service”
Mention that this work would be discussed in greater detail because of the relatively smaller number of works that target logic testing based Trojan detection.
Mention the separation of the Trojan infested and Trojan free data points