Modifications to integrated circuits (ICs) or the insertion of foreign intellectual property (i.e. hardware Trojans) pose a serious threat on US sovereignty as ICs are found in many commercial electronic devices including phones, computers, and televisions as well as US assets that rely on ICs for computation or control such as our energy infrastructure, banking, or more importantly defense systems. The primary goal of my research group on hardware security and trust is to secure US electronic assets by assuring that the integrated circuits that are installed do not include functions (or modifications to expected functions) that compromise the IC and more importantly the systems that rely on these ICs. We aim to address hardware security by both prevention of attacks (including IP piracy and information theft) through circuit level techniques, and active detection of malicious circuitry. My research group is developing circuit techniques and methodologies that can be incorporated by the semiconductor industry to improve the security of ICs through 1) enhanced detection of hardware modifications and the development of countermeasures that disable these adversarial circuit components, and 2) a simulation infrastructure to analyze the efficacy and cost of implementing a security measure (such as RTL/circuit obfuscation or encryption) while also considering the assumed threat model. A corresponding research objective is to modify the circuit design paradigm to include security as an additional parameter when characterizing an IC for performance, power, and area. Our unique vision into hardware security will not only improve the security (e.g. prevention, detection) against hardware modification-based attacks but also help define security challenges and solutions previously unexplored at the hardware level. The techniques and methodologies we are developing to prevent attacks and detect anomalies in intellectual property (IP), as well as design novel circuits robust against hardware Trojans (or other circuit modifications) will help secure US assets from adversaries, assuring that ICs already placed in the field are protected against failure, theft, or information leakage.
Run-time Detection and Countermeasures (Current)
Current work exploring hardware Trojan detection is concentrated around post fabrication testing of an IC. Test vectors are implemented to ”activate” hardware Trojans during the post fabrication test phase. There is a high probability that the test vectors used and the areas of an IC tested are not sufficient to activate all hardware Trojans. Our work therefore is in the development of a real-time detection methodology that incorporates 1) sensory data from monitoring the noise on the power distribution network (or other side-channel monitoring such as temperature or EM emission), 2) data analysis using signal processing techniques to differentiate noise signatures generated by foreign circuits from standard PVT noise (process, voltage, temperature), 3) decision circuitry that based on the sensory data and ensuing analysis, determines the presence of a hardware Trojan, and 4) countermeasures to counteract the effects of the Trojan. My research group is examining the use of a distributed power delivery system that ”turns-off” sections of a circuit that have been tampered with. The power delivery network must be partitioned in such a way that turning off any section of the IC will not hamper the overall functionality of the circuit. The high level goal of our research is to fundamentally change the way integrated circuits are secured by incorporating circuit techniques and methodologies to prevent, detect, and counteract hardware Trojans.
Attack Prevention Through Design for Trust Algorithms and Methodologies (Current)
EDA tools used for circuit design implement algorithms and methodologies that account for the power, area, and performance of the many blocks comprising the IC. With the more recent threat of untrusted hardware and side-channel attacks, the circuit design paradigm must now also include security as an additional parameter. My research group is therefore developing algorithms for hardware security that can then be integrated with traditional techniques that account for the power, area, and performance of a circuit. We are also developing algorithms and circuit methodologies that will allow for the automated insertion of hardware security measures into many varieties of IC designs based on the desired level of security. A security metric is being developed that, given an implemented security measure, will provide a means to measure both the gains in security and the costs in design space (area, power, and performance). In addition, algorithms to determine the optimal location and number of sensors for a given design based on a user specified level of security (level of granularity of Trojan detection) are required to effectively implement the run-time detection of hardware Trojans.