Hardware Security - Secure Processor Design

Motivation

With the increasing cost and competitiveness of maintaining a semiconductor foundry, most Integrated Circuit (IC) design houses are forced to outsource part of their design and fabrication services to external off-site companies. This lack of control over the actual design has introduced major security threats, including reverse engineering, counterfeiting, Intellectual Property (IP) piracy and the insertion of malicious circuits known as hardware Trojans.

Background

Hardware Trojans

Hardware Trojans are defined as intentional and malicious modifications of an integrated circuit. A Trojan usually consits of a trigger and a payload. The trigger is a specifically selected circuit state or internal value that activates the Trojan under a specific condition. Once activated, the Trojan exercises its malicious intent known as payload. The payload can be implemented to execute a denial of service attack, leak secret data, manipulate the IC functionality, impose aging/power/delay alterations and others.

In general, we can identfiy two main principles of dealing with Trojans:

  • Hardware Trojan detection
  • Hardware Trojan prevention

As Trojans can be inserted into a hardware design at different levels (RTL, gate-level and layout), the amount of possible Trojan implementations is practically unlimited. Moreover, the Trojan must be spotted before the actual fabrication, otherwise the final IC is rendered useless. Therefore, we are focusing on prevention techniques that make it diffucult to insert a Trojan in the first place.

Logic Encryption

Many techniques have been proposed to solve the presented problem, one of these is logic encryption. Logic encryption refers to the insertion of additional logic into the circuit to mask its original function. The original functionality can only be restored by applying the correct key to the chip. This key is not disclosed to the foundry, preventing both overproduction (as the produced ICs are non-functional without the key) and IP theft (as the original functionality can not be determined without the correct key). It stands to reason that the insertion of hardware Trojans is also made impossible, as an attacker is not able to understand the design and thus is not able to implement effective and stealthy Trojans without having the correct key.

Logic Encryption works as follows. A set of additional key-driven gates is inserted into the design. These gates are usually known as key gates. The key gates alter the functionality of the design, unless the correct bit sequence is applied to the key inputs. Only the correct key activates the final IC and restores its original functionality. This principle is shown in Figure 1 and Figure 2. The correct key is written into a tamper-proof memory after fabrication. This memory is needed to prevent invasive reverse engineering of the key from an activated IC. The discovery of the correct key thus becomes the primary objective of the attacker.

Attack Model

The usually assumed attack model includes the following. The attacker has access to:

  • An encrypted gate-level netlist (from reverse-engineering)
  • An activated and fabricated IC to use as oracle

Furthermore, we assume that the attacker is able to identify the primary key inputs and trace the wiring to the respective key gates. Therefore, the logic encryption algorithm must assure that a simple removal of the gates is not feasible.

Project Goals

In this project, we focus on the concept and implementation of novel mitigation techniques to protect a hardware design (primarily) against malicious modifications whilst being in the hands of external parties. Hereby, we concentrate on securing processor designs, especially RISC-V processors.

The main topics of research include:

  • Application of logic encyption for the design of a secure processor
  • Logic encryption security metrics
  • Enhancing logic encryption of sequential designs
  • Design of hardware Trojans targeting processors (e.g., Denial of Service)

In additon, we are also interested into looking into securing user-space applications through Instruction Set Randomization (ISR). For more information, see ISR.

Contact

Thesis and HiWi offers regarding this project can be found here.

Publications

Šišejković, D.Leupers, R.Ascheid, G. and Metzner, S.: A Unifying Logic Encryption Security Metric, in International Conference on Embedded Computer Systems: Architectures, Modeling and Simulation (SAMOS) Jul/2018 , accepted for publication , https://doi.org/10.1145/3229631.3229636