securing hardware platforms against malicious circuits
play

Securing Hardware Platforms Against Malicious Circuits Through - PowerPoint PPT Presentation

Apr 07, 2024 •335 likes •625 views

Securing Hardware Platforms Against Malicious Circuits Through Static Analysis Matthew Hicks - University of Illinois Samuel T. King - University of Illinois Milo M. K. Martin - University of Pennsylvania Jonathan M. Smith - University of

  1. Securing Hardware Platforms Against Malicious Circuits Through Static Analysis Matthew Hicks - University of Illinois Samuel T. King - University of Illinois Milo M. K. Martin - University of Pennsylvania Jonathan M. Smith - University of Pennsylvania

  2. Building Secure Systems � We make assumptions when designing secure systems � Break secure system, break assumptions � E.g., look for crypto keys in memory � People assume hardware is correct � What can we do if we can’t make this assumption?

  3. Why Hardware? � Key hardware properties � Complex � Expensive � Static � Base of the system

  4. The Threat

  5. Dead Circuit Identification (DCI) � Goal: Help designers by highlighting all potentially malicious circuits automatically

  6. Dead Circuit Identification (DCI) � Goal: Help designers by highlighting all potentially malicious circuits automatically � Intuition: Attacker is motivated to avoid impacting functionality during testing � Otherwise they would be caught

  7. Dead Circuit Identification (DCI) � Goal: Help designers by highlighting all potentially malicious circuits automatically � Intuition: Attacker is motivated to avoid impacting functionality during testing � Otherwise they would be caught � Detect all circuits where the output value is identical to the input value for all tests � Internal circuits don’t impact functionality

  8. Simple Example

  9. Simple Example

  10. Simple Example

  11. What the numbers say... so far

  12. Questions

  14. It Can Happen IF ( r.d.inst ( conv_integer ( r.d.set ) ) = X"80082000" ) THEN hackStateM1 < = '1'; ELSE hackStateM1 < = '0'; END IF; IF ( r.d.inst ( conv_integer ( r.d.set ) ) = X"80102000" ) THEN r.w.s.s < = hackStateM1 OR rin.w.s.s; ELSE r.w.s.s < = rin.w.s.s; END IF;

  15. Won’t there be a lot of pairs � Number of pairs is N 2 in the levels of logic

  16. Will I have to re-run my tests � Dataflow pairs analysis is additive � New tests can be added and tested independently of old tests

  17. What’s the relationship between pairs remaining and code coverage � Each uncovered branch is a missed opportunity for a unique assignment to a wire

  18. Complex Example k < = good when (C1 = ‘0’) else bad; process(clk)begin l < = good when (C2 = ‘0’) else bad; if(rising_edge(clk))then out < = m when (C1 = ‘0’) else n; m < = k; n < = l; end if; end process;

  19. Complex Example Pairs: Test cases: (good, k, 0) C1 C2 (good, m, 1) 0 0 (good, out, 1) 0 1 (bad, k, 0) 1 0 (bad, m, 1) 0 0 (bad, out, 1) ... ... (k, m, 1) 1 0 (k, out, 1) (m, out, 0) (good, l, 0) (good, n, 1) (bad, l, 0) (bad, n, 1) (l, n, 1) (l, out, 1) (n, out, 0)

  20. Complex Example Pairs: Test cases: (good, k, 0) C1 C2 (good, m, 1) 0 0 (good, out, 1) 0 1 (bad, k, 0) 1 0 (bad, m, 1) 0 0 (bad, out, 1) ... ... (k, m, 1) 1 0 (k, out, 1) (m, out, 0) k = good (good, l, 0) (good, n, 1) l = good (bad, l, 0) (bad, n, 1) m = NA (l, n, 1) n = NA (l, out, 1) (n, out, 0) out = NA

  21. Complex Example Pairs: Test cases: (good, k, 0) C1 C2 (good, m, 1) 0 0 (good, out, 1) 0 1 (bad, k, 0) 1 0 (bad, m, 1) 0 0 (bad, out, 1) ... ... (k, m, 1) 1 0 (k, out, 1) (m, out, 0) k = good (good, l, 0) (good, n, 1) l = bad (bad, l, 0) (bad, n, 1) m = good (l, n, 1) n = good (l, out, 1) (n, out, 0) out = good

  22. Complex Example Pairs: Test cases: (good, k, 0) C1 C2 (good, m, 1) 0 0 (good, out, 1) 0 1 (bad, k, 0) 1 0 (bad, m, 1) 0 0 (bad, out, 1) ... ... (k, m, 1) 1 0 (k, out, 1) (m, out, 0) k = bad (good, l, 0) (good, n, 1) l = good (bad, l, 0) (bad, n, 1) m = good (l, n, 1) n = bad (l, out, 1) (n, out, 0) out = good

  23. Complex Example Pairs: Test cases: (good, k, 0) C1 C2 (good, m, 1) 0 0 (good, out, 1) 0 1 (bad, k, 0) 1 0 (bad, m, 1) 0 0 (bad, out, 1) ... ... (k, m, 1) 1 0 (k, out, 1) (m, out, 0) k = good (good, l, 0) (good, n, 1) l = good (bad, l, 0) (bad, n, 1) m = bad (l, n, 1) n = good (l, out, 1) (n, out, 0) out = good

  24. Complex Example Pairs: Test cases: (good, k, 0) C1 C2 (good, m, 1) 0 0 (good, out, 1) 0 1 (bad, k, 0) 1 0 (bad, m, 1) 0 0 (bad, out, 1) ... ... (k, m, 1) 1 0 (k, out, 1) (m, out, 0) (good, l, 0) (good, n, 1) (bad, l, 0) (bad, n, 1) (l, n, 1) (l, out, 1) (n, out, 0)

  25. Problems � Undefined state � Low visibility test cases � Control information � Implementation dependent

  26. Hardware Attack Properties � Small � Avoids visual, and side-channel analysis � Powerful � Can contaminate the entire system � Difficult to stop � Ingrained deep within the system, potentially impacting common functionality

  27. What Happens?

Recommend

Hardware FUNDAMENTALS Getting started with Do It Yourself circuits and Raspberry Pi Hardware?

Hardware FUNDAMENTALS Getting started with Do It Yourself circuits and Raspberry Pi Hardware?

Hardware FUNDAMENTALS Getting started with Do It Yourself circuits and Raspberry Pi Hardware? Three main types of hardware (in this course) Commercial, off-the-shelf devices/appliances Do It Yourself solutions The central gateway

500 views • 33 slides
The Bw-Tree: A B-tree for New Hardware Platforms Author: J. Levandoski et al. B uzz w ord The

The Bw-Tree: A B-tree for New Hardware Platforms Author: J. Levandoski et al. B uzz w ord The

The Bw-Tree: A B-tree for New Hardware Platforms Author: J. Levandoski et al. B uzz w ord The Bw-Tree: A B-tree for New Hardware Platforms DRAM + Flash storage Author: J. Levandoski et al. Hardware Trends Multi-core + large main

588 views • 29 slides
Securing IoT with a hardware Secure Element Marc Renaudin - Serge Maginot - TIEMPO CONFIDENTIAL

Securing IoT with a hardware Secure Element Marc Renaudin - Serge Maginot - TIEMPO CONFIDENTIAL

Securing IoT with a hardware Secure Element Marc Renaudin - Serge Maginot - TIEMPO CONFIDENTIAL TIEMPO S.A.S. December 3, 2019 1 Outline Connected Objects Securing IoT with a hardware Secure Element Introduction Securing Treats

537 views • 10 slides
HOST Hardware Trojans I ECE 525 Hardware Trojans (HT) What is a hardware Trojan? A deliberate

HOST Hardware Trojans I ECE 525 Hardware Trojans (HT) What is a hardware Trojan? A deliberate

HOST Hardware Trojans I ECE 525 Hardware Trojans (HT) What is a hardware Trojan? A deliberate and malicious change to an IC that adds or removes functionality or reduces reliability The modifications may be designed to leak sensitive

394 views • 23 slides
A2:$Analog$Malicious$Hardware$ Kaiyuan$Yang,$Ma8hew$Hicks,$Qing$Dong,$Todd$Aus&gt;n,$and$Dennis$

A2:$Analog$Malicious$Hardware$ Kaiyuan$Yang,$Ma8hew$Hicks,$Qing$Dong,$Todd$Aus&gt;n,$and$Dennis$

A2:$Analog$Malicious$Hardware$ Kaiyuan$Yang,$Ma8hew$Hicks,$Qing$Dong,$Todd$Aus&gt;n,$and$Dennis$ Sylvester$ $ University$of$Michigan$ Founda&gt;ons$are$important$ 2$ Applica5ons) Opera5ng)System) Weakened$hardware$ Hypervisor)

507 views • 38 slides
Securing Circuits Against Constant-Rate Tampering Dana Dachman-Soled Yael Tauman Kalai

Securing Circuits Against Constant-Rate Tampering Dana Dachman-Soled Yael Tauman Kalai

Securing Circuits Against Constant-Rate Tampering Dana Dachman-Soled Yael Tauman Kalai Microsoft Research Tamper-Resilient Circuits [Ishai-Prabhakaran-Sahai-Wagner06] wire tampering: Tamper with me toggle, set wire to 0/1 I will

564 views • 20 slides
Securing Digital Assets on Hybrid Platforms Business Development Jeremie Francois Discover

Securing Digital Assets on Hybrid Platforms Business Development Jeremie Francois Discover

Securing Digital Assets on Hybrid Platforms Business Development Jeremie Francois Discover Troubleshooting Issues We know Synology better than anyone else Synology Active Insight Predict. Notify. Resolve Customer Partners Support

1.08k views • 73 slides
Securing Systems with Insecure Hardware Kaveh Razavi About VUSec ~20 members Software

Securing Systems with Insecure Hardware Kaveh Razavi About VUSec ~20 members Software

Securing Systems with Insecure Hardware Kaveh Razavi About VUSec ~20 members Software protections Binary and malware analysis Fuzzing Network security Hardware and OS security 2 Assuming secure software, what is

984 views • 72 slides
Designing and Implementing Malicious Hardware Samuel T. King, Joseph Tucek, Anthony Cozzie, Chris

Designing and Implementing Malicious Hardware Samuel T. King, Joseph Tucek, Anthony Cozzie, Chris

Designing and Implementing Malicious Hardware Samuel T. King, Joseph Tucek, Anthony Cozzie, Chris Grier, Weihang Jiang, and Yuanyuan Zhou Presented by Lauren Biernacki and Shuang Qiu Background Design Fabrication Packaging Testing Assembly

445 views • 25 slides
HPC Architectures Types of HPC hardware platforms currently in use Funding Partners bioexcel.eu

HPC Architectures Types of HPC hardware platforms currently in use Funding Partners bioexcel.eu

HPC Architectures Types of HPC hardware platforms currently in use Funding Partners bioexcel.eu Reusing this material This work is licensed under a Creative Commons Attribution- NonCommercial-ShareAlike 4.0 International License.

355 views • 20 slides
Securing Computer Hardware Using 3D Integrated Circuit (IC) Technology and Split Manufacturing

Securing Computer Hardware Using 3D Integrated Circuit (IC) Technology and Split Manufacturing

Introduction Attack Model k -Security Layout Randomization Summary Securing Computer Hardware Using 3D Integrated Circuit (IC) Technology and Split Manufacturing for Obfuscation Frank Imeson ECE, University of Waterloo USENIX Security 13

540 views • 43 slides
Videos IoTSSC - Lecture 3 Hardware Platforms and Sensors Tom Spink Including material adapted

Videos IoTSSC - Lecture 3 Hardware Platforms and Sensors Tom Spink Including material adapted

IoTSSC - Lecture 3 Videos IoTSSC - Lecture 3 Hardware Platforms and Sensors Tom Spink Including material adapted from Bjoern Franke and Michael OBoyle IoTSSC - Lecture 3 Hardware Platform A hardware platform describes the physical

658 views • 31 slides
Formal verification of low-level execution platforms Apps OS Hardware Host 1 Motivations

Formal verification of low-level execution platforms Apps OS Hardware Host 1 Motivations

Roberto Guanciale Estonian Winter School Day 02 Formal verification of low-level execution platforms Apps OS Hardware Host 1 Motivations Apps Crypto Service OS Hypervisor/ Separation Kernel Hardware Host 1 Motivations Separation

850 views • 63 slides
Position Paper: Challenges Towards Securing Hardware-assisted Execution Environments Zhenyu Ning 1

Position Paper: Challenges Towards Securing Hardware-assisted Execution Environments Zhenyu Ning 1

Position Paper: Challenges Towards Securing Hardware-assisted Execution Environments Zhenyu Ning 1 Fengwei Zhang 1 Weisong Shi 1 Larry Shi 2 1 Wayne State University 2 University of Houston November 21, 2019 1 Overview of The Talk Motivation

575 views • 24 slides
Fisheye Lens Distortion Correction on Multicore and Hardware Accelerator Platforms Konstantis

Fisheye Lens Distortion Correction on Multicore and Hardware Accelerator Platforms Konstantis

Fisheye Lens Distortion Correction on Multicore and Hardware Accelerator Platforms Konstantis Christos D. Nikolaos Sek M. Daloukas 1 Antonopoulos 1 Bellas 1 Chai 2 1 Department of Computer and Communications Engineering University of Thessaly

331 views • 30 slides
Malicious Code Malicious Code for Fun and Profit for Fun and Profit Mihai Christodorescu

Malicious Code Malicious Code for Fun and Profit for Fun and Profit Mihai Christodorescu

Malicious Code Malicious Code for Fun and Profit for Fun and Profit Mihai Christodorescu mihai@cs.wisc.edu 10 March 2005 What is Malicious Code? What is Malicious Code? Viruses, worms, trojans, Code that breaks your security policy.

1.16k views • 94 slides
Malicious Code Malicious Code for Fun and Profit for Fun and Profit Mihai Christodorescu

Malicious Code Malicious Code for Fun and Profit for Fun and Profit Mihai Christodorescu

Malicious Code Malicious Code for Fun and Profit for Fun and Profit Mihai Christodorescu mihai@cs.wisc.edu 23 March 2006 What is Malicious Code? What is Malicious Code? Viruses, worms, trojans, Code that breaks your security policy.

707 views • 69 slides
Keyboards and Covert Channels G. Shah, A. Molina, M. Blaze USENIX 2006 Eric Hennenfent The

Keyboards and Covert Channels G. Shah, A. Molina, M. Blaze USENIX 2006 Eric Hennenfent The

Keyboards and Covert Channels G. Shah, A. Molina, M. Blaze USENIX 2006 Eric Hennenfent The Humble Keylogger Malware Malicious Hardware In-Cable Devices Malicious Keyboards Supply Chain Attacks Malicious BIOS

591 views • 14 slides
Hardware Design for Cryptographers P . Schaumont Bradley Department of Electrical and Computer

Hardware Design for Cryptographers P . Schaumont Bradley Department of Electrical and Computer

Hardware-oriented Specification Hardware Circuits Hardware Description in C Hardware Design for Cryptographers P . Schaumont Bradley Department of Electrical and Computer Engineering Virginia Tech Blacksburg, VA Design and Security of

1.01k views • 63 slides
Hardware Platforms Presented by: Sidharth Raj An Alternate Title The BW -Tree: A Latch-free,

Hardware Platforms Presented by: Sidharth Raj An Alternate Title The BW -Tree: A Latch-free,

The BW-Tree: A B-tree for New Hardware Platforms Presented by: Sidharth Raj An Alternate Title The BW -Tree: A Latch-free, Log- structured B-tree for Multi-core Machines with Large Main Memories and Flash Storage BW = Buzz Word

454 views • 12 slides
Chapter 4 Programming Hardware Gates and Circuits Information 2-2 Chapter Goals Computers

Chapter 4 Programming Hardware Gates and Circuits Information 2-2 Chapter Goals Computers

2018/10/17 Communication Application Operating System Chapter 4 Programming Hardware Gates and Circuits Information 2-2 Chapter Goals Computers and Electricity Identify the basic gates and describe the Gate

317 views • 8 slides
What role do broadband providers have in securing the residential IoT ecosystem? Steven Bauer

What role do broadband providers have in securing the residential IoT ecosystem? Steven Bauer

What role do broadband providers have in securing the residential IoT ecosystem? Steven Bauer James Loving Bill Lehr MIT Dec 9 th , 2016 Residential source identification problem: identify device(s) that are source of malicious traffic

356 views • 7 slides
CS356 Unit 12a Processor Hardware Organization BASIC HW Pipelining 12a.3 12a.4 Logic Circuits

CS356 Unit 12a Processor Hardware Organization BASIC HW Pipelining 12a.3 12a.4 Logic Circuits

12a.1 12a.2 CS356 Unit 12a Processor Hardware Organization BASIC HW Pipelining 12a.3 12a.4 Logic Circuits Combinational Logic Gates Combinational ________________ logic Main Idea: Circuits called &quot;gates&quot; perform Logic

465 views • 15 slides
Hardware is too important to trust U NTRUSTED C OMPUTING B ASE : blindly Detecting and Removing

Hardware is too important to trust U NTRUSTED C OMPUTING B ASE : blindly Detecting and Removing

Overcoming an Hardware is too important to trust U NTRUSTED C OMPUTING B ASE : blindly Detecting and Removing Malicious Hardware Automatically Rest of the system Matthew Hicks Murph Finnicum Samuel T. King University of Illinois

428 views • 9 slides

More recommend