Hardware Security: Secure Processor Design
In this project, we focus on the concept and implementation of novel mitigation techniques to protect a hardware design (primarily) against malicious modifications whilst being in the hands of external parties. Hereby, we concentrate on securing processor designs, especially RISC-V processors. The project is done in collaboration with HENSOLDT Cyber GmbH.
The project evolves along the lines of the following major research areas in hardware security:
- Logic Encryption for Processor Cores
- Multicore Systems Security
- FPGA Security
- Secure ASIP Design Tool Flow
- Accelerating Cryptographic Algorithms Using ASIPs
In addition, we are also interested into looking into securing user-space applications through Instruction Set Randomization (ISR).
More information on all research areas can be found in the following.
Logic Encryption for Processor Cores
The research domain of logic encryption (also known as logic locking) focuses on the evaluation, design and application of novel logic encryption schemes for protecting the integrity of modern processor designs against malicious hardware Trojan insertion. In this context, we are specifically focusing on mitigating a Denial of Service attack.
Logic encryption is a popular protection method based on the insertion of additional key-controlled gates into a gate-level netlist to mask the original functionality and topology of the design. This principle of logic encryption is shown in Figure 1 and Figure 2. Only if the correct key is provided, the design functions correctly for all input patterns. Otherwise, the encryption induces corrupted functional behavior.
The challenges in designing logic encryption schemes include the following:
- Defining a sound hardware security metric
- The trade-off between security and cost
- Resilience against key-recovery attacks
- Scaling logic encryption techniques to modern designs (e.g., processor cores)
Multicore Systems Security
The use of multicore platforms is inevitable in embedded and cyber-physical systems. In multicore security, the focus is on the design and development of a Dedicated System Monitor (DSM). The DSM can be an active or passive device. A passive DSM incorporates security policies of the system and reports in case of a policy violation. An active DSM not just reports the policy violations, but also reacts to the violation. DSMs are envisioned to be extensible devices that can be amended statically or dynamically for addition/removal of security policies. An abstract level view of the system with DSM is shown in Figure 4.
FPGAs are gaining popularity as end-user products. The security of FPGA devices has been a critical aspect. We plan to explore several countermeasures to secure FPGA platforms. These aspects are mainly physically unclonable functions, obfuscation/obfuscation through omission, and device-level security through the non-CMOS substrate.
Secure ASIP Design Flow
Additionally to the security provided by Logic Encryption, we look into securing the design process of processors at an earlier stage already. When designing processors optimised for specific applications (ASIP), EDA tools are used, which allow describing the processor architecture at a higher level. For this purpose languages like LISA, nML or e.g. TIE are used to describe the architecture and the instruction-set. Those EDA tools are then used to analyse the functionality of the architecture and to generate RTL code. Securing the tool flow at that level means that, we look into making sure that the generated RTL code equals the architecture described in the high-level language like LISA.
Accelerating Cryptographic Algorithms Using ASIPs
The secure design flow, explained above, shall be used to implement optimised Application-specific instruction-set processors in the field of security. Applications that require the transport of sensitive data require data encryption algorithms and possibilities to authenticate the parties communicating. Those cryptographic algorithms are computationally expensive and require computations that General Purpose Processors are not designed for. For this purpose we look into accelerating often used cryptographic algorithms like AES, SHA and RSA. Implementing such an ASIP on a SoC, additionally to the main processing unit provides the possibility to offload the cryptographic computations from the main processor to the ASIP. Thus increasing the performance of the overall systemto increase the performance of the overall system. Additionally, an ASIP offers a high flexibility due to its programmability, such that an adaption of the algorithmic implementation is possibile without changing the hardware. Simple changes can be done on the program code of the core.
Thesis and HiWi offers regarding this project can be found here.
Within this project, the ICE team lead by Prof. Rainer Leupers has organized the following events:
Šišejković, D., Merchant, F., Leupers, R., Ascheid, G. and Kegreiss, S.: Inter-Lock: Logic Encryption for Processor Cores Beyond Module Boundaries, in 2019 IEEE European Test Symposium (ETS), pp. 1-6, May. 2019, ISSN: 1530-1877, 10.1109/ETS.2019.8791528 ©2019 IEEE
Šišejković, D., Merchant, F., Leupers, R., Ascheid, G. and Kegreiss, S.: Control-Lock: Securing Processor Cores Against Software-Controlled Hardware Trojans, in Great Lakes Symposium on VLSI (GLSVLSI'19), May. 2019, 10.1145/3299874.3317983 ©2019 IEEE
Šišejković, D., Merchant, F., Leupers, R., Ascheid, G. and Kiefer, V.: A Critical Evaluation of the Paradigm Shift in the Design of Logic Encryption Algorithms, in 2019 International Symposium on VLSI Design, Automation and Test (VLSI-DAT), IEEE, p. 4, Apr. 2019, 10.1109/VLSI-DAT.2019.8741531 ©2019 IEEE
Šišejković, D., Leupers, R., Ascheid, G. and Metzner, S.: A Unifying Logic Encryption Security Metric, in International Conference on Embedded Computer Systems: Architectures, Modeling and Simulation (SAMOS), Jul. 2018, 10.1145/3229631.3229636