Tianming Ni,Xiaoqing Wen,Hussam Amrouch,Cheng Zhuo,Peilin Song

DOI: https://doi.org/10.1145/3631476

IF: 1.447

2023-01-01

ACM Transactions on Design Automation of Electronic Systems

Abstract:The research on design for testability and reliability of security-aware hardware has been important in both academia and industry. With ever-growing globalization, commercial hardware design, manufacturing, transportation, and supply now involve many different countries, resulting in aggravated vulnerability from hardware design to manufacturing. Hardware with malicious purposes implanted from the third-party manufacturing process may control the operation of a circuit and tamper its functions, causing serious security issues. However, hardware includes not only devices and circuits but also systems. An important fact is that testability, reliability, and security technologies come from different design layers, but the impact evaluation is conducted at the system level. In other words, the testability, reliability, and security design of different layers can be carried out in a holistic manner to achieve optimization for the whole system. In addition, the testability, reliability, and security design technologies of each design layer can be collaboratively conducted to achieve better performance. The testability, reliability, and security tradeoff has garnered attention from academia and industry, particularly in the Post-Moore Era, due to the complexities and opportunities arising from new architectures and technologies.

Mamidipaka B. R. Srinivas,Konguvel Elango

DOI: https://doi.org/10.1109/access.2024.3400624

IF: 3.9

2024-05-22

IEEE Access

Abstract:To meet the demanding requirements of VLSI design, including improved speed, reduced power consumption, and compact architectures, various IP cores from trusted and untrusted platforms are often integrated into a single System-on-Chip (SoC). However, this convergence poses a significant security challenge, as adversaries can exploit it to extract unauthorized information, compromise system performance, and obtain secret keys. Meanwhile, traditional CMOS features have limitations in addressing hardware vulnerabilities and security threats, so promising post-silicon technologies offer potential solutions. Beyond-CMOS technologies offer avenues to fortify hardware security through distinct physical properties and nontraditional computing paradigms. These advancements bolster authentication processes, enhance key generation mechanisms, ensure hardware integrity and fortify resilience against side-channel attacks, hardware Trojans and quantum-resistant cryptography in securing hardware systems. This article provides a detailed review of hardware security, encompassing the identification and mitigation of threats, the implementation of robust countermeasures, the utilization of innovative primitives, countermeasures, various methodologies and distinct features offered by emerging technologies to resist hardware threats. Moreover, strategies to address challenges, explore future directions, and outline plans for achieving further research outcomes have been put forth in this field.

computer science, information systems,telecommunications,engineering, electrical & electronic

S.M.D.N. Siriwardana

DOI: https://doi.org/10.47001/irjiet/2024.801016

2024-01-01

International Research Journal of Innovations in Engineering and Technology

Abstract:Hardware security in the cyber security domain had become a more of a controversial topic over the past decade due to the introduction of new design technologies in semiconductors and expansion of global supplier chains. In proportion to the technological advancement of hardware production, the success rate of the existing hardware attacks had also evolved over the time with a significantly high rate of emergence of new attacking techniques and methods. Computing hardware is becoming a more and more attractive attack surface due to several reasons. The technology of analyzing the hardware components is becoming more and more affordable and accessible to the general public than before. Also due to the influx of IoT devices in the market, trend of simplifying the design structure to decrease the power consumption and maximizing the processing speed has become the theme of modern hardware implementations rather than the security of the devices. When considering the market demand and user requirements, it is more obvious for the computer manufacturers to give priority to user requirements rather than stressing more on the security aspects of their designs and devices. But there could be some catastrophic outcomes if the security aspects of these hardware tends to fail in a critical infrastructure, because these semiconductors are used in devices ranging from simple IoT devices to more complex systems like SCADA systems. Therefore, it is always a better approach to find a balance ground between the user requirement as well as the security of the hardware, without compromising either of both in the design and development. In this article, it presents an overall insight to trends in Hardware Security domain, specifically related to modern computer hardware design and manufacturing processes, distribution, usage, their disposal and recycling. These various stages are analyzed under Three main objectives of exposing the threats to computer hardware, suggesting countermeasures to minimize or eliminate those threats and discussing about the utilization of various design tools that can assist in the way to securing these computer hardware systems in their day-to-day applications.

Yu Bi,Kaveh Shamsi,Jiann-Shiun Yuan,Pierre-Emmanuel Gaillardon,Giovanni De Micheli,Xunzhao Yin,X. Sharon Hu,Michael Niemier,Yier Jin

DOI: https://doi.org/10.1145/2816818

IF: 2.013

2016-01-01

ACM Journal on Emerging Technologies in Computing Systems

Abstract:Hardware security concerns such as intellectual property (IP) piracy and hardware Trojans have triggered research into circuit protection and malicious logic detection from various design perspectives. In this article, emerging technologies are investigated by leveraging their unique properties for applications in the hardware security domain. Security, for the first time, will be treated as one design metric for emerging nano-architecture. Five example circuit structures including camouflaging gates, polymorphic gates, current/voltage-based circuit protectors, and current-based XOR logic are designed to show the high efficiency of silicon nanowire FETs and graphene SymFET in applications such as circuit protection and IP piracy prevention. Simulation results indicate that highly efficient and secure circuit structures can be achieved via the use of non-CMOS devices.

An Chen,X. Sharon Hu,Yier Jin,Michael Niemier,Xunzhao Yin

DOI: https://doi.org/10.3850/9783981537079_0993

2016-01-01

Abstract:We discuss how the unique I-V characteristics offered by emerging, post-CMOS transistors can be used to enhance hardware security. Different from most existing work that exploits emerging technologies for hardware security, we (i) focus on transistor characteristics that either do not exist in, or are difficult to duplicate with MOSFETs, and (ii) aim to move beyond hardware implementations of physically unclonable functions (PUFs) and random number generators (RNGs).

Aaryan Oberoi,Akhil Dodda,He Liu,Mauricio Terrones,Saptarshi Das

DOI: https://doi.org/10.1021/acsnano.1c07292

IF: 17.1

2021-12-28

ACS Nano

Abstract:The rapid proliferation of security compromised hardware in today's integrated circuit (IC) supply chain poses a global threat to the reliability of communication, computing, and control systems. While there have been significant advancements in detection and avoidance of security breaches, current top-down approaches are mostly inadequate, inefficient, often inconclusive, and resource extensive in time, energy, and cost, offering tremendous scope for innovation in this field. Here, we introduce an energy and area efficient non-von Neumann hardware platform providing comprehensive and bottom-up security solutions by exploiting inherent device-to-device variation, electrical programmability, and persistent photoconductivity demonstrated by atomically thin two-dimensional memtransistors. We realize diverse security primitives including physically unclonable function, anticounterfeit measures, intellectual property (IP) watermarking, and IC camouflaging to prevent false authentication, detect recycled and remarked ICs, protect IP theft, and stop reverse engineering of ICs.

Andrew Tomlinson,Simon Parkin,Siraj Ahmed Shaikh

DOI: https://doi.org/10.1093/cybsec/tyac009

2022-01-01

Journal of Cyber Security

Abstract:Abstract The decisions involved in choosing technology components for systems are poorly understood. This is especially so where the choices pertain to system security and countering the threat of cybersecurity attack. Although common in some commercial products, secure hardware chips provide security functions such as authentication, secure execution and integrity validation on system start, and are increasingly deemed to have a role in devices across sectors, such as IoT devices, autonomous vehicle systems and critical infrastructure components. To understand the decisions and opinions regarding the adoption of secure hardware, we conducted 23 semi-structured interviews with senior decision-makers from companies spanning a range of sectors, sizes and supply-chain roles. Our results consider the business propositional drivers, barriers and economic factors that influence the adoption decisions. Understanding these would help those seeking to influence the adoption process, whether as a business decision, or as a trade or national strategy.

Riham Altawy,Amr M. Youssef

DOI: https://doi.org/10.1109/access.2016.2521727

IF: 3.9

2016-01-01

IEEE Access

Abstract:The new culture of networked systems that offer everywhere accessible services has given rise to various types of security tradeoffs. In fact, with the evolution of physical systems that keep getting integrated with cyber frameworks, cyber threats have far more critical effects as they get reflected on the physical environment. As a result, the issue of security of cyber physical systems requires a special holistic treatment. In this paper, we study the tradeoff between security, safety, and availability in such systems and demonstrate these concepts on implantable medical devices as a case study. We discuss the challenges and constraints associated with securing such systems and focus on the tradeoff between security measures required for blocking unauthorized access to the device and the safety of the patient in emergency situations where such measures must be dropped to allow access. We analyze the up to date proposed solutions and discuss their strengths and limitations.

computer science, information systems,telecommunications,engineering, electrical & electronic

Yu Bi,X. Sharon Hu,Yier Jin,Michael Niemier,Kaveh Shamsi,Xunzhao Yin

DOI: https://doi.org/10.1145/2902961.2903041

2016-01-01

Abstract:We consider how the I-V characteristics of emerging transistors (particularly those sponsored by STARnet) might be employed to enhance hardware security. An emphasis of this work is to move beyond hardware implementations of physically unclonable functions (PUFs) and random number generators (RNGs). We highlight how new devices (i) may enable more sophisticated logic obfuscation for IP protection, (ii) could help to prevent fault injection attacks, (iii) prevent differential power analysis in lightweight cryptographic systems, etc.

Emmanuel Kwarteng,Mumin Cebe

DOI: https://doi.org/10.1016/j.smhl.2022.100295

2022-09-01

Smart Health

Abstract:Implantable Medical Devices (IMD) is a fast pace growing medical field and continues to grow in the foreseeable future. Advancement in science and technology has led to the IMD devices offering advanced medical treatments. Modern IMDs can automatically monitor and manage different patients’ health conditions without any manual intervention from medical professionals. While IMDs are also becoming more connected to enhance the delivery of care remotely and provide the means for both patients and physicians to adjust therapy at the comfort of their homes, it also increases security-related concerns. Adversaries could take advantage and exploit device vulnerabilities to manipulate device settings remotely from any-where around the world. This manuscript reviews the current threats, security goals, and proposed solutions by comparing them with their strengths and limitations. We also highlight the emerging IMD technologies and innovative ideas for new designs and implementations to improve the security of IMDs. Finally, we conclude the article with future research directions toward securing IMD systems to light the way for researchers.

English Else

Johann Knechtel,Elif Bilge Kavun,Francesco Regazzoni,Annelie Heuser,Anupam Chattopadhyay,Debdeep Mukhopadhyay,Soumyajit Dey,Yunsi Fei,Yaacov Belenky,Itamar Levi,Tim Güneysu,Patrick Schaumont,Ilia Polian

DOI: https://doi.org/10.23919/DATE48585.2020.9116483

2020-01-27

Abstract:Modern electronic systems become evermore complex, yet remain modular, with integrated circuits (ICs) acting as versatile hardware components at their heart. Electronic design automation (EDA) for ICs has focused traditionally on power, performance, and area. However, given the rise of hardware-centric security threats, we believe that EDA must also adopt related notions like secure by design and secure composition of hardware. Despite various promising studies, we argue that some aspects still require more efforts, for example: effective means for compilation of assumptions and constraints for security schemes, all the way from the system level down to the "bare metal"; modeling, evaluation, and consideration of security-relevant metrics; or automated and holistic synthesis of various countermeasures, without inducing negative cross-effects. In this paper, we first introduce hardware security for the EDA community. Next we review prior (academic) art for EDA-driven security evaluation and implementation of countermeasures. We then discuss strategies and challenges for advancing research and development toward secure composition of circuits and systems.

Cryptography and Security

Gwenn Le Gonidec,Maria Méndez Real,Guillaume Bouffard,Jean-Christophe Prévotet

2024-10-04

Abstract:Over the past few years, several research groups have introduced innovative hardware designs for Trusted Execution Environments (TEEs), aiming to secure applications against potentially compromised privileged software, including the kernel. Since 2015, a new class of software-enabled hardware attacks leveraging energy management mechanisms has emerged. These internal energy-based attacks comprise fault, side-channel and covert channel attacks. Their aim is to bypass TEE security guarantees and expose sensitive information such as cryptographic keys. They have increased in prevalence in the past few years. Popular TEE implementations, such as ARM TrustZone and Intel SGX, incorporate countermeasures against these attacks. However, these countermeasures either hinder the capabilities of the power management mechanisms or have been shown to provide insufficient system protection. This article presents the first comprehensive knowledge survey of these attacks, along with an evaluation of literature countermeasures. We believe that this study will spur further community efforts towards this increasingly important type of attacks.

Cryptography and Security,Hardware Architecture,Emerging Technologies

Benjamin Ransford,Daniel B. Kramer,Denis Foo Kune,Chen Yan,Wenyuan Xu,Thomas Crawford,Kevin Fu

DOI: https://doi.org/10.1111/pace.13102

2017-01-01

PACE - Pacing and Clinical Electrophysiology

Abstract:Medical devices increasingly depend on software. While this expands the ability of devices to perform key therapeutic and diagnostic functions, reliance on software inevitably causes exposure to hazards of security vulnerabilities. This article uses a recent high-profile case example to outline a proactive approach to security awareness that incorporates a scientific, risk-based analysis of security concerns that supports ongoing discussions with patients about their medical devices.

Chen Dong,Yi Xu,Ximeng Liu,Fan Zhang,Guorong He,Yuzhong Chen

DOI: https://doi.org/10.3390/s20185165

IF: 3.9

2020-01-01

Sensors

Abstract:Diverse and wide-range applications of integrated circuits (ICs) and the development of Cyber Physical System (CPS), more and more third-party manufacturers are involved in the manufacturing of ICs. Unfortunately, like software, hardware can also be subjected to malicious attacks. Untrusted outsourced manufacturing tools and intellectual property (IP) cores may bring enormous risks from highly integrated. Attributed to this manufacturing model, the malicious circuits (known as Hardware Trojans, HTs) can be implanted during the most designing and manufacturing stages of the ICs, causing a change of functionality, leakage of information, even a denial of services (DoS), and so on. In this paper, a survey of HTs is presented, which shows the threatens of chips, and the state-of-the-art preventing and detecting techniques. Starting from the introduction of HT structures, the recent researches in the academic community about HTs is compiled and comprehensive classification of HTs is proposed. The state-of-the-art HT protection techniques with their advantages and disadvantages are further analyzed. Finally, the development trends in hardware security are highlighted.

Christopher M. VanYe,Beatrice E. Li,Andrew T. Koch,Mai N. Luu,Rahman O. Adekunle,Negin Moghadasi,Zachary A. Collier,Thomas L. Polmateer,David Barnes,David Slutzky,Mark C. Manasco,James H. Lambert

DOI: https://doi.org/10.1109/sieds52267.2021.9483779

2021-04-30

Abstract:This paper addresses security and risk management of hardware and embedded systems across several applications. There are three companies involved in the research. First is an energy technology company that aims to leverage electric- vehicle batteries through vehicle to grid (V2G) services in order to provide energy storage for electric grids. Second is a defense contracting company that provides acquisition support for the DOD's conventional prompt global strike program (CPGS). These systems need protections in their production and supply chains, as well as throughout their system life cycles. Third is a company that deals with trust and security in advanced logistics systems generally. The rise of interconnected devices has led to growth in systems security issues such as privacy, authentication, and secure storage of data. A risk analysis via scenario-based preferences is aided by a literature review and industry experts. The analysis is divided into various sections of Criteria, Initiatives, C-I Assessment, Emergent Conditions (EC), Criteria-Scenario (C-S) relevance and EC Grouping. System success criteria, research initiatives, and risks to the system are compiled. In the C-I Assessment, a rating is assigned to signify the degree to which criteria are addressed by initiatives, including research and development, government programs, industry resources, security countermeasures, education and training, etc. To understand risks of emergent conditions, a list of Potential Scenarios is developed across innovations, environments, missions, populations and workforce behaviors, obsolescence, adversaries, etc. The C-S Relevance rates how the scenarios affect the relevance of the success criteria, including cost, schedule, security, return on investment, and cascading effects. The Emergent Condition Grouping (ECG) collates the emergent conditions with the scenarios. The generated results focus on ranking Initiatives based on their ability to negate the effects of Emergent Conditions, as well as producing a disruption score to compare a Potential Scenario's impacts to the ranking of Initiatives. The results presented in this paper are applicable to the testing and evaluation of security and risk for a variety of embedded smart devices and should be of interest to developers, owners, and operators of critical infrastructure systems.

Jack Edmonds,Fatemeh Tehranipoor

DOI: https://doi.org/10.48550/arXiv.2011.13450

2020-11-27

Abstract:In today's digital age, the ease of data collection, transfer, and storage continue to shape modern society and the ways we interact with our world. The advantages are numerous, but there is also an increased risk of information unintentionally falling into the wrong hands. Finding methods of protecting sensitive information at the hardware level is of utmost importance, and in this paper, we aim to provide a survey on recent developments in attacks on lightweight hardware-based security primitives (LHSPs) designed to do just that. Specifically, we provide an analysis of the attack resilience of these proposed LHSPs in an attempt to bring awareness to any vulnerabilities that may exist. We do this in the hope that it will encourage the continued development of attack countermeasures as well as completely new methods of data protection in order to prevent the discussed methods of attack from remaining viable in the future. The types of LHSPs discussed include physical unclonable functions (PUFs) and true random number generators (TRNGs), with a primary emphasis placed on PUFs.

Cryptography and Security

Nadya Bliss,Lawrence A. Gordon,Daniel Lopresti,Fred Schneider,Suresh Venkatasubramanian

DOI: https://doi.org/10.48550/arXiv.2101.01264

2021-01-04

Computers and Society

Abstract:Computing devices are vital to all areas of modern life and permeate every aspect of our society. The ubiquity of computing and our reliance on it has been accelerated and amplified by the COVID-19 pandemic. From education to work environments to healthcare to defense to entertainment - it is hard to imagine a segment of modern life that is not touched by computing. The security of computers, systems, and applications has been an active area of research in computer science for decades. However, with the confluence of both the scale of interconnected systems and increased adoption of artificial intelligence, there are many research challenges the community must face so that our society can continue to benefit and risks are minimized, not multiplied. Those challenges range from security and trust of the information ecosystem to adversarial artificial intelligence and machine learning. Along with basic research challenges, more often than not, securing a system happens after the design or even deployment, meaning the security community is routinely playing catch-up and attempting to patch vulnerabilities that could be exploited any minute. While security measures such as encryption and authentication have been widely adopted, questions of security tend to be secondary to application capability. There needs to be a sea-change in the way we approach this critically important aspect of the problem: new incentives and education are at the core of this change. Now is the time to refocus research community efforts on developing interconnected technologies with security "baked in by design" and creating an ecosystem that ensures adoption of promising research developments. To realize this vision, two additional elements of the ecosystem are necessary - proper incentive structures for adoption and an educated citizenry that is well versed in vulnerabilities and risks.

Dovydas Joksas,AbdulAziz AlMutairi,Oscar Lee,Murat Cubukcu,Antonio Lombardo,Hidekazu Kurebayashi,Anthony J. Kenyon,Adnan Mehonic

DOI: https://doi.org/10.1002/aisy.202200068

2022-07-02

Abstract:In a data-driven economy, virtually all industries benefit from advances in information technology -- powerful computing systems are critically important for rapid technological progress. However, this progress might be at risk of slowing down if we do not address the discrepancy between our current computing power demands and what the existing technologies can offer. Key limitations to improving energy efficiency are the excessive growth of data transfer costs associated with the von Neumann architecture and the fundamental limits of complementary metal-oxide-semiconductor (CMOS) technologies, such as transistors. In this perspective article, we discuss three technologies that will likely play an essential role in future computing systems: memristive electronics, spintronics, and electronics based on 2D materials. We present how these may transform conventional digital computers and contribute to the adoption of new paradigms, like neuromorphic computing.

Emerging Technologies

Jeffrey Prinzie,Firman Mangasa Simanjuntak,Paul Leroux,Themis Prodromakis

DOI: https://doi.org/10.1038/s41928-021-00562-4

IF: 33.255

2021-04-01

Nature Electronics

Abstract:<p>Nature Electronics, Published online: 26 April 2021; <a href="https://www.nature.com/articles/s41928-021-00562-4">doi:10.1038/s41928-021-00562-4</a></p>This Review examines the development of radiation-hardened electronics, considering the design methodologies available with conventional complementary metal–oxide–semiconductor (CMOS) technologies and the potential use and applications of emerging memory technologies.

engineering, electrical & electronic

Qun Li,Fengyuan Xu

2013-01-01

Abstract:Pervasive computing systems are comprised of various personal mobile devices connected by the wireless networks. Pervasive computing systems have gained soaring popularity because of the rapid proliferation of the personal mobile devices. The number of personal mobile devices increased steeply over years and will surpass world population by 2016.However, the fast development of pervasive computing systems is facing two critical issues, energy efficiency and security assurance. Power consumption of personal mobile devices keeps increasing while the battery capacity has been hardly improved over years. At the same time, a lot of private information is stored on and transmitted from personal mobile devices, which are operating in very risky environment. As such, these devices became favorite targets of malicious attacks. Without proper solutions to address these two challenging problems, concerns will keep rising and slow down the advancement of pervasive computing systems.We select smartphones as the representative devices in our energy study because they are popular in pervasive computing systems and their energy problem concerns users the most in comparison with other devices. We start with the analysis of the power usage pattern of internal system activities, and then identify energy bugs for improving energy efficiency. We also investigate into the external communication methods employed on smartphones, such as cellular networks and wireless LANs, to reduce energy overhead on transmissions.As to security, we focus on implantable medical devices (IMDs) that are specialized for medical purposes. Malicious attacks on IMDs may lead to serious damages both in the cyber and physical worlds. Unlike smartphones, simply borrowing existing security solutions does not work on IMDs because of their limited resources and high requirement of accessibility. Thus, we introduce an external device to serve as the security proxy for IMDs and ensure that IMDs remain accessible to save patients' lives in certain emergency situations when security credentials are not available.