securing computer hardware using 3d integrated circuit ic
play

Securing Computer Hardware Using 3D Integrated Circuit (IC) - PowerPoint PPT Presentation

Nov 28, 2023 •104 likes •540 views

Introduction Attack Model k -Security Layout Randomization Summary Securing Computer Hardware Using 3D Integrated Circuit (IC) Technology and Split Manufacturing for Obfuscation Frank Imeson ECE, University of Waterloo USENIX Security 13

  1. Introduction Attack Model k -Security Layout Randomization Summary Securing Computer Hardware Using 3D Integrated Circuit (IC) Technology and Split Manufacturing for Obfuscation Frank Imeson ECE, University of Waterloo USENIX Security 13 Collaborators: Ariq Emtenan, Siddharth Garg, and Mahesh V. Tripunitara (Waterloo). Frank Imeson, Waterloo ECE 3D Hardware Security 1/26

  2. Introduction Attack Model k -Security Layout Randomization Summary Computer Hardware – Computer Hardware = Digital IC – Physical realization of digital logic – Complex and ubiquitous Credit: http://www.newsplink.com/2009/05/20/the-silicon-valley-trail/ Frank Imeson, Waterloo ECE 3D Hardware Security 2/26

  3. Introduction Attack Model k -Security Layout Randomization Summary Manufacturing Process HDL IC Netlist case(display_state) UPDATE : begin seg00_reg <= seg00; seg01_reg <= seg01; // update leds if (count00[0]) begin state <= UPDATE; end default : begin ons00 <= 0; count00 <= 0; display_state <= UPDATE; end endcase Credit: www.theverge.com/2011/11/16/2565638/mit-neural-connectivity-silicon-synapse Frank Imeson, Waterloo ECE 3D Hardware Security 3/26

  4. Introduction Attack Model k -Security Layout Randomization Summary Threat Model External Foundry ICs Netlist News story, May 2012: “Security backdoor found in US military chip made in [foreign country].” Frank Imeson, Waterloo ECE 3D Hardware Security 4/26

  5. Introduction Attack Model k -Security Layout Randomization Summary Attack Types Examples: Privilege escalation [King et al., LEET’08] Leaking private information [Skorobogatov et al., CHES 2012] Credit: King et al., LEET’08 Frank Imeson, Waterloo ECE 3D Hardware Security 5/26

  6. Introduction Attack Model k -Security Layout Randomization Summary Premise Successful Attack ⇓ Uniquely identify at least one gate Credit: Cynthia Sturton, Matthew Hicks, David Wagner, and Samuel T. King. ”Defeating UCI: Building stealthy and malicious hardware.” In Security and Privacy (SP), 2011 IEEE Symposium on, pp. 64-77. IEEE, 2011. Frank Imeson, Waterloo ECE 3D Hardware Security 6/26

  7. Introduction Attack Model k -Security Layout Randomization Summary Premise Successful Attack ⇓ Uniquely identify at least one gate Credit: Cynthia Sturton, Matthew Hicks, David Wagner, and Samuel T. King. ”Defeating UCI: Building stealthy and malicious hardware.” In Security and Privacy (SP), 2011 IEEE Symposium on, pp. 64-77. IEEE, 2011. Frank Imeson, Waterloo ECE 3D Hardware Security 6/26

  8. Introduction Attack Model k -Security Layout Randomization Summary Example Full Adder Netlist C IN 3 S 4 A 1 B 5 C OUT 2 M T Malicious Gate Frank Imeson, Waterloo ECE 3D Hardware Security 7/26

  9. Introduction Attack Model k -Security Layout Randomization Summary Example Full Adder Netlist C IN 3 S 4 A 1 B 0 0 5 C OUT 0 0 2 M 0 T Frank Imeson, Waterloo ECE 3D Hardware Security 7/26

  10. Introduction Attack Model k -Security Layout Randomization Summary Example Full Adder Netlist C IN 3 S 4 A 1 B 0 1 5 C OUT 0 1 2 M 1 T Frank Imeson, Waterloo ECE 3D Hardware Security 7/26

  11. Introduction Attack Model k -Security Layout Randomization Summary Our Solution – Circuit Obfuscation Full Adder Netlist C IN 3 S 4 A 1 B 5 C OUT 2 Obfuscated Netlist U W X Y V Frank Imeson, Waterloo ECE 3D Hardware Security 8/26

  12. Introduction Attack Model k -Security Layout Randomization Summary Our Solution – Circuit Obfuscation Full Adder Netlist C IN 3 S 4 A 1 B 5 C OUT 2 Obfuscated Netlist U W X Y V Frank Imeson, Waterloo ECE 3D Hardware Security 8/26

  13. Introduction Attack Model k -Security Layout Randomization Summary 3D IC Technology Top Tier (Hidden) Hidden Wires Bond Points IO Pins Two or more tiers Tiers are connected via bond points Wire only tiers are relatively inexpensive Substrate Unhidden Wires Transistors/Gates Bottom Tier (Obfuscated) Frank Imeson, Waterloo ECE 3D Hardware Security 9/26

  14. Introduction Attack Model k -Security Layout Randomization Summary 3D Xilinx FPGA 6.8 billion transistors 1,954,560 logic cells 21.55 Mbits of SRAM 46,512 Kbits of RAM 1200 user I/O 2.5D Credit: http://www.electroiq.com/articles/ap/2011/10/xilinx-fpga-boasts-6-8b-transistors.html Frank Imeson, Waterloo ECE 3D Hardware Security 10/26

  15. Introduction Attack Model k -Security Layout Randomization Summary Circuit Obfuscation with 3D Technology 3 1 4 C IN 5 2 3 S Place Hide A 1 and B 4 Wires Route 5 C OUT 2 X U W Y V Hidden Circuit Fabrication 4 5 In House 1 2 3 Stacking Obfuscated Circuit Fabrication Outsourced Frank Imeson, Waterloo ECE 3D Hardware Security 11/26

  16. Introduction Attack Model k -Security Layout Randomization Summary Circuit Obfuscation with 3D Technology 3 1 4 C IN 5 2 3 S Place Hide A 1 and B 4 Wires Route 5 C OUT 2 X U W Y V Hidden Circuit Fabrication 4 5 In House 1 2 3 Stacking Obfuscated Circuit Fabrication Outsourced Frank Imeson, Waterloo ECE 3D Hardware Security 11/26

  17. Introduction Attack Model k -Security Layout Randomization Summary Circuit Obfuscation with 3D Technology 3 1 4 C IN 5 2 3 S Place Hide A 1 and B 4 Wires Route 5 C OUT 2 X U W Y V Hidden Circuit Fabrication 4 5 In House 1 2 3 Stacking Obfuscated Circuit Fabrication Outsourced Frank Imeson, Waterloo ECE 3D Hardware Security 11/26

  18. Introduction Attack Model k -Security Layout Randomization Summary Attack Model Summary Original Netlist G C IN 5 3 S 2 4 4 A 1 B 3 1 5 C OUT 2 H Y W X W V U Y V X Obfuscated U Circuit Frank Imeson, Waterloo ECE 3D Hardware Security 12/26

  19. Introduction Attack Model k -Security Layout Randomization Summary Attack Model Summary Original Netlist G C IN 5 3 S 2 4 4 A 1 B 3 1 5 C OUT 2 H Y W X W V U Y V X Obfuscated U Circuit Frank Imeson, Waterloo ECE 3D Hardware Security 12/26

  20. Introduction Attack Model k -Security Layout Randomization Summary What an Attacker Needs to Do H G Input graphs G and H 5 Y 2 W 4 V 3 X 1 U Frank Imeson, Waterloo ECE 3D Hardware Security 13/26

  21. Introduction Attack Model k -Security Layout Randomization Summary What an Attacker Needs to Do H G Input graphs G and H 5 Y Find subgraph 2 W 4 V isomorphisms 3 X 1 U Frank Imeson, Waterloo ECE 3D Hardware Security 13/26

  22. Introduction Attack Model k -Security Layout Randomization Summary What an Attacker Needs to Do H G Input graphs G and H 5 Y Find subgraph 2 W 4 V isomorphisms 3 X 1 U M1 M2 M3 M4 5 5 5 5 4 4 2 2 2 2 4 4 3 1 1 3 1 3 3 1 Frank Imeson, Waterloo ECE 3D Hardware Security 13/26

  23. Introduction Attack Model k -Security Layout Randomization Summary k -Security S(w) = 2 H G Y 5 W 2 V 4 X 3 U 1 A vertex v ∈ H is k -secure if there exist at least k subgraph isomorphisms each of which maps v to a distinct vertex in G . An obfuscated graph (circuit) H is k -secure if every vertex (gate) in H is k -secure. Frank Imeson, Waterloo ECE 3D Hardware Security 14/26

  24. Introduction Attack Model k -Security Layout Randomization Summary k -Security S(w) = 2 H G Y 5 S(v),S(u),S(x) = 2 W 2 V 4 X 3 U 1 A vertex v ∈ H is k -secure if there exist at least k subgraph isomorphisms each of which maps v to a distinct vertex in G . An obfuscated graph (circuit) H is k -secure if every vertex (gate) in H is k -secure. Frank Imeson, Waterloo ECE 3D Hardware Security 14/26

  25. Introduction Attack Model k -Security Layout Randomization Summary k -Security S(w) = 2 H G Y 5 S(v),S(u),S(x) = 2 W 2 V 4 S(y) = 1 X 3 U 1 A vertex v ∈ H is k -secure if there exist at least k subgraph isomorphisms each of which maps v to a distinct vertex in G . An obfuscated graph (circuit) H is k -secure if every vertex (gate) in H is k -secure. Frank Imeson, Waterloo ECE 3D Hardware Security 14/26

  26. Introduction Attack Model k -Security Layout Randomization Summary k -Security S(w) = 2 H G Y 5 S(v),S(u),S(x) = 2 W 2 V 4 S(y) = 1 X 3 S(H) = 1 U 1 A vertex v ∈ H is k -secure if there exist at least k subgraph isomorphisms each of which maps v to a distinct vertex in G . An obfuscated graph (circuit) H is k -secure if every vertex (gate) in H is k -secure. Frank Imeson, Waterloo ECE 3D Hardware Security 14/26

  27. Introduction Attack Model k -Security Layout Randomization Summary Computational Complexity � G , H � is k -secure ∈ NP -complete. We investigated two approaches: Reduction to Subgraph Isomorphism and use of VF2 solver Reduction to SAT and use of MiniSAT solver Avg Time 100 vf2 1 sat 0.01 0.0001 1e-06 0 200 400 600 800 1000 1200 1400 Number of Vertices Frank Imeson, Waterloo ECE 3D Hardware Security 15/26

  28. Introduction Attack Model k -Security Layout Randomization Summary Cost vs. Security Cost = Number of hidden edges G 5 6 Goal: Explore Cost vs. Security trade-off 2 4 3 1 Greedy approach Start with no edges in H . H 5 6 2 4 3 1 Frank Imeson, Waterloo ECE 3D Hardware Security 16/26

Recommend

Integrated-Circuit Surgery: getting to the heart of the problem with the smallest scalpel John

Integrated-Circuit Surgery: getting to the heart of the problem with the smallest scalpel John

Integrated-Circuit Surgery: getting to the heart of the problem with the smallest scalpel John Walker Hardware.io The Hague, Netherlands 1 September 2019 The need for secure hardware Software, Firmware and Hardware. All can contribute to

571 views • 30 slides
Applications Integrated circuit design: Computer graphics (hidden line removal):

Applications Integrated circuit design: Computer graphics (hidden line removal):

G EOMETRIC I NTERSECTION Determining if there are intersections between graphical objects Finding all intersecting pairs Geometric Intersection 1 Applications Integrated circuit design: Computer graphics (hidden line

194 views • 15 slides
Securing IoT with a hardware Secure Element Marc Renaudin - Serge Maginot - TIEMPO CONFIDENTIAL

Securing IoT with a hardware Secure Element Marc Renaudin - Serge Maginot - TIEMPO CONFIDENTIAL

Securing IoT with a hardware Secure Element Marc Renaudin - Serge Maginot - TIEMPO CONFIDENTIAL TIEMPO S.A.S. December 3, 2019 1 Outline Connected Objects Securing IoT with a hardware Secure Element Introduction Securing Treats

537 views • 10 slides
HOST Circuit Obfuscation I ECE 525 Hardware Obfuscation (Drawn from &quot;Hardware Protection

HOST Circuit Obfuscation I ECE 525 Hardware Obfuscation (Drawn from &quot;Hardware Protection

HOST Circuit Obfuscation I ECE 525 Hardware Obfuscation (Drawn from &quot;Hardware Protection thr Obfuscation) Circuit modification techniques designed to conceal or lock the functionality and/or circuit structure The modifications are designed

157 views • 11 slides
Mixed- -Signals Signals Mixed Integrated Circuit Testing Integrated Circuit Testing Salvador

Mixed- -Signals Signals Mixed Integrated Circuit Testing Integrated Circuit Testing Salvador

Mixed- -Signals Signals Mixed Integrated Circuit Testing Integrated Circuit Testing Salvador MIR TIMA Laboratory 46 Av. Flix Viallet 38031 Grenoble salvador.mir@imag.fr Montpellier, 27 th March 2007 1 Outline Introduction 1 Analog

456 views • 29 slides
Hardware description and verification Getting hardware designs right [using ideas from computer

Hardware description and verification Getting hardware designs right [using ideas from computer

Hardware description and verification Getting hardware designs right [using ideas from computer science] TECHNICAL VHDL PSL Gaislers 2 process method Writing VHDL code CTL (LTL) .... PSL circuit

386 views • 14 slides
Low-Level Hardware Programming for Non-Electrical Engineers Jefg Tranter Integrated Computer

Low-Level Hardware Programming for Non-Electrical Engineers Jefg Tranter Integrated Computer

Low-Level Hardware Programming for Non-Electrical Engineers Jefg Tranter Integrated Computer Solutions, Inc. Agenda Agenda About the Speaker Introduction Some History Safety Some Basics Hardware Interfaces Sensors

1.03k views • 73 slides
Hardware Design with VHDL Sequential Circuit Design I ECE 443 Sequential Circuit Design:

Hardware Design with VHDL Sequential Circuit Design I ECE 443 Sequential Circuit Design:

Hardware Design with VHDL Sequential Circuit Design I ECE 443 Sequential Circuit Design: Principle Outline: Overview of sequential circuits Synchronous circuits Danger of synthesizing asynchronous circuit Inference of basic

952 views • 72 slides
Low-Power RF Integrated Circuit Design Techniques for Short-Range Wireless Connectivity Marvin

Low-Power RF Integrated Circuit Design Techniques for Short-Range Wireless Connectivity Marvin

Low-Power RF Integrated Circuit Design Techniques for Short-Range Wireless Connectivity Marvin Onabajo Assistant Professor Analog and Mixed-Signal Integrated Circuits (AMSIC) Research Laboratory Dept. of Electrical and Computer Engineering

569 views • 28 slides
CSSE 232 Computer Architecture I Verilog 1 / 10 What it is Verilog is hardware description

CSSE 232 Computer Architecture I Verilog 1 / 10 What it is Verilog is hardware description

CSSE 232 Computer Architecture I Verilog 1 / 10 What it is Verilog is hardware description language Describes the functions of a hardware circuit Can be used to test circuits also Looks similar to C ( + , - , != , ~ , etc)

510 views • 10 slides
Computer Hardware Computer - hardware and software Like piano and music In this

Computer Hardware Computer - hardware and software Like piano and music In this

Computer Hardware Computer - hardware and software Like piano and music In this section: hardware The computer is an amazingly useful general-purpose technology, to the point that now cameras, phones, thermostats .. these are all now

390 views • 17 slides
Hardware Design with VHDL Combinational Circuit Design ECE 443 Combinational Circuit Design This

Hardware Design with VHDL Combinational Circuit Design ECE 443 Combinational Circuit Design This

Hardware Design with VHDL Combinational Circuit Design ECE 443 Combinational Circuit Design This slide set covers Derivation of efficient HDL description Operator sharing Functionality sharing Layout-related circuits

672 views • 50 slides
Inter&amp;Integrated*Circuit*Bus (I 2 C*Serial*Bus) http://www.i2c&amp;bus.org/ 1 I 2 C*OVERVIEW

Inter&amp;Integrated*Circuit*Bus (I 2 C*Serial*Bus) http://www.i2c&amp;bus.org/ 1 I 2 C*OVERVIEW

Inter&amp;Integrated*Circuit*Bus (I 2 C*Serial*Bus) http://www.i2c&amp;bus.org/ 1 I 2 C*OVERVIEW The'name'stands'for'Inter'3 Integrated'Circuit'Bus' (Developed'by'Philips'in'the'early'1980s)

393 views • 26 slides
SyCHOSys Synchronous Circuit Hardware Orchestration System Ronny Krashinsky Seongmoo Heo

SyCHOSys Synchronous Circuit Hardware Orchestration System Ronny Krashinsky Seongmoo Heo

SyCHOSys Synchronous Circuit Hardware Orchestration System Ronny Krashinsky Seongmoo Heo Michael Zhang Krste Asanovic MIT Laboratory for Computer Science www.cag.lcs.mit.edu/scale ronny@mit.edu Motivation Given a proposed processor

580 views • 26 slides
Hardware Design with VHDL Sequential Circuit Design II ECE 443 Sequential Circuit Design:

Hardware Design with VHDL Sequential Circuit Design II ECE 443 Sequential Circuit Design:

Hardware Design with VHDL Sequential Circuit Design II ECE 443 Sequential Circuit Design: Practice Topics Poor design practice More counters Register as fast temporary storage Pipelining Synchronous design is the most

875 views • 75 slides
Computer Hardware Hardware components are the physical parts of the computer Main Hardware

Computer Hardware Hardware components are the physical parts of the computer Main Hardware

Computer Hardware Hardware components are the physical parts of the computer Main Hardware Components are: CPU Also known as processor. Brains of the computer Responsible for fetching instructions from memory and executing

1.61k views • 136 slides
Securing Systems with Insecure Hardware Kaveh Razavi About VUSec ~20 members Software

Securing Systems with Insecure Hardware Kaveh Razavi About VUSec ~20 members Software

Securing Systems with Insecure Hardware Kaveh Razavi About VUSec ~20 members Software protections Binary and malware analysis Fuzzing Network security Hardware and OS security 2 Assuming secure software, what is

984 views • 72 slides
CSC 6991: Using Hardware Isolated Execu;on Environments for

CSC 6991: Using Hardware Isolated Execu;on Environments for

CSC 6991: Using Hardware Isolated Execu;on Environments for Securing Systems Fengwei Zhang Wayne State University CSC 6991 Advanced Computer Security 1

302 views • 19 slides
3. Computer Hardware CHAPTER HIGHLIGHTS Computer systems Hardware components

3. Computer Hardware CHAPTER HIGHLIGHTS Computer systems Hardware components

10/12/2016 CHAPTER 3. Computer Hardware CHAPTER HIGHLIGHTS Computer systems Hardware components Supercomputer System Unit p p y Mainframe computer Peripheral Devices Personal computer Computers &amp;

575 views • 22 slides
Getting Acquainted W ith Zoom Outline Securing Your Computer Your Invitation The

Getting Acquainted W ith Zoom Outline Securing Your Computer Your Invitation The

Getting Acquainted W ith Zoom Outline Securing Your Computer Your Invitation The Waiting Room Working with Audio Working with Video Using the Tool Tray Chat In the Meeting When Things Go Wrong 2 Securing Your

325 views • 14 slides
Quick Intro to Computer Security What is computer security? Securing communication

Quick Intro to Computer Security What is computer security? Securing communication

Carnegie Mellon Quick Intro to Computer Security What is computer security? Securing communication Cryptographic tools Access control User authentication Computer security and usability Thanks to Mike Reiter for the

413 views • 38 slides
Position Paper: Challenges Towards Securing Hardware-assisted Execution Environments Zhenyu Ning 1

Position Paper: Challenges Towards Securing Hardware-assisted Execution Environments Zhenyu Ning 1

Position Paper: Challenges Towards Securing Hardware-assisted Execution Environments Zhenyu Ning 1 Fengwei Zhang 1 Weisong Shi 1 Larry Shi 2 1 Wayne State University 2 University of Houston November 21, 2019 1 Overview of The Talk Motivation

575 views • 24 slides
Securing Home Networks Securing Home Networks protocols protocols A SWN04 A SWN04 K.

Securing Home Networks Securing Home Networks protocols protocols A SWN04 A SWN04 K.

Securing Home Networks Securing Home Networks protocols protocols A SWN04 A SWN04 K. MASMOUDI, K. MASMOUDI, H. AFIFI H. AFIFI Boston, 08/2004 6 th PCRD Integrated Project Goal : provide secure communication

450 views • 22 slides
Entity declaration mode: in: flow into the circuit out: flow out of the circuit

Entity declaration mode: in: flow into the circuit out: flow out of the circuit

Outline 1. Basic VHDL program Basic Language Constructs of 2. Lexical elements and program format 3. Objects VHDL 4. Data type and operators RTL Hardware Design Chapter 3 1 RTL Hardware Design Chapter 3 2 by P. Chu by P. Chu Design

375 views • 10 slides

More recommend