Hardware Security - Secure Processor Design
With the increasing cost and competitiveness of maintaining a semiconductor foundry, most Integrated Circuit (IC) design houses are forced to outsource part of their design and fabrication services to external off-site companies. This lack of control over the actual design has introduced major security threats, including reverse engineering, counterfeiting, Intellectual Property (IP) piracy and the insertion of malicious circuits known as hardware Trojans.
Hardware Trojans are defined as intentional and malicious modifications of an integrated circuit. A Trojan usually consits of a trigger and a payload. The trigger is a specifically selected circuit state or internal value that activates the Trojan under a specific condition. Once activated, the Trojan exercises its malicious intent known as payload. The payload can be implemented to execute a denial of service attack, leak secret data, manipulate the IC functionality, impose aging/power/delay alterations and others.
In general, we can identfiy two main principles of dealing with Trojans:
- Hardware Trojan detection
- Hardware Trojan prevention
As Trojans can be inserted into a hardware design at different levels (RTL, gate-level and layout), the amount of possible Trojan implementations is practically unlimited. Moreover, the Trojan must be spotted before the actual fabrication, otherwise the final IC is rendered useless. Therefore, we are focusing on prevention techniques that make it diffucult to insert a Trojan in the first place.
Many techniques have been proposed to solve the presented problem, one of these is logic encryption. Logic encryption refers to the insertion of additional logic into the circuit to mask its original function. The original functionality can only be restored by applying the correct key to the chip. This key is not disclosed to the foundry, preventing both overproduction (as the produced ICs are non-functional without the key) and IP theft (as the original functionality can not be determined without the correct key). It stands to reason that the insertion of hardware Trojans is also made impossible, as an attacker is not able to understand the design and thus is not able to implement effective and stealthy Trojans without having the correct key.
Logic Encryption works as follows. A set of additional key-driven gates is inserted into the design. These gates are usually known as key gates. The key gates alter the functionality of the design, unless the correct bit sequence is applied to the key inputs. Only the correct key activates the final IC and restores its original functionality. This principle is shown in Figure 1 and Figure 2. The correct key is written into a tamper-proof memory after fabrication. This memory is needed to prevent invasive reverse engineering of the key from an activated IC. The discovery of the correct key thus becomes the primary objective of the attacker.
The usually assumed attack model includes the following. The attacker has access to:
- An encrypted gate-level netlist (from reverse-engineering)
- An activated and fabricated IC to use as oracle
Furthermore, we assume that the attacker is able to identify the primary key inputs and trace the wiring to the respective key gates. Therefore, the logic encryption algorithm must assure that a simple removal of the gates is not feasible.
In this project, we focus on the concept and implementation of novel mitigation techniques to protect a hardware design (primarily) against malicious modifications whilst being in the hands of external parties. Hereby, we concentrate on securing processor designs, especially RISC-V processors.
The main topics of research include:
- Application of logic encyption for the design of a secure processor
- Logic encryption security metrics
- Enhancing logic encryption of sequential designs
- Design of hardware Trojans targeting processors (e.g., Denial of Service)
In additon, we are also interested into looking into securing user-space applications through Instruction Set Randomization (ISR). For more information, see ISR.
Thesis and HiWi offers regarding this project can be found here.
Šišejković, D., Merchant, F., Leupers, R., Ascheid, G. and Kegreiss, S.: Inter-Lock: Logic Encryption for Processor Cores Beyond Module Boundaries, in 24th IEEE European Test Symposium (ETS'19), May. 2019, accepted for publication ©2019 IEEE
Šišejković, D., Merchant, F., Leupers, R., Ascheid, G. and Kegreiss, S.: Control-Lock: Securing Processor Cores Against Software-Controlled Hardware Trojans, in Great Lakes Symposium on VLSI (GLSVLSI'19), May. 2019, 10.1145/3299874.3317983 ©2019 IEEE
Šišejković, D., Merchant, F., Leupers, R., Ascheid, G. and Kiefer, V.: A Critical Evaluation of the Paradigm Shift in the Design of Logic Encryption Algorithms, in 2019 International Symposium on VLSI Design, Automation and Test (VLSI-DAT), Apr. 2019
Šišejković, D., Leupers, R., Ascheid, G. and Metzner, S.: A Unifying Logic Encryption Security Metric, in International Conference on Embedded Computer Systems: Architectures, Modeling and Simulation (SAMOS), Jul. 2018, 10.1145/3229631.3229636