Trust Issues in Microelectronics: The Concerns and the Countermeasures

The semiconductor industry is constantly striving to improve the performance, reliability, and cost of electronic devices. The growing complexity in the design process of microelectronics coupled with the requirement of significant investment in research and development means that there is hardly any entity in the industry that is capable of acquiring the state-of-the-art technologies for all facets of the development process across myriad niche device technologies. Therefore, for economic and practical reasons, the modern electronic supply chain relies on several different vendors that specialize in a specific area of the design and fabrication process. From a security perspective, this distributed manufacturing process violates the trust of the underlying hardware as any entity in the supply chain could maliciously modify the design. This poses a significant concern, especially for government, military applications, and consumer electronic products handling private and critical data during the acquisition of untrusted microelectronic designs and components. Hence, trust has emerged as a crucial constraint that the various steps in the microelectronic manufacturing process should consider in order to ensure that no malicious functionality exists in the hardware. In the last decade, several works have proposed steps both to establish and verify trust in microelectronics. However, not all threat models are adequately covered, and the solutions are pertinent to a limited category of devices. In this article, we present the challenges in establishing trust in today's distributed supply chain environment by discussing the attack models at each step of the manufacturing process. We also shed light on the existing solutions that try to address these threats and discuss their limitations. Finally, we elaborate on one of the existing supply chain standards where trust verification is still infeasible and identify avenues for future research.

[1]  Yiorgos Makris,et al.  Proof-Carrying Hardware Intellectual Property: A Pathway to Trusted Module Acquisition , 2012, IEEE Transactions on Information Forensics and Security.

[2]  Qihang Shi,et al.  Golden Gates: A New Hybrid Approach for Rapid Hardware Trojan Detection using Testing and Imaging , 2019, 2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[3]  Anirban Sengupta Hardware Vulnerabilities and Their Effects on CE Devices: Design for Security Against Trojans [Hardware Matters] , 2017, IEEE Consumer Electronics Magazine.

[4]  Ankur Srivastava,et al.  Temperature Tracking: Toward Robust Run-Time Detection of Hardware Trojans , 2015, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[5]  M. Tehranipoor,et al.  Hardware Trojans: Lessons Learned after One Decade of Research , 2016, TODE.

[6]  Swarup Bhunia,et al.  Security Against Hardware Trojan Attacks Using Key-Based Design Obfuscation , 2011, J. Electron. Test..

[7]  Simha Sethumadhavan,et al.  FANCI: identification of stealthy malicious logic using boolean functional analysis , 2013, CCS.

[8]  Swaroop Ghosh,et al.  How Secure Are Printed Circuit Boards Against Trojan Attacks? , 2015, IEEE Design & Test.

[9]  Prabhat Mishra,et al.  Scalable Hardware Trojan Activation by Interleaving Concrete Simulation and Symbolic Execution , 2018, 2018 IEEE International Test Conference (ITC).

[10]  Jie Zhang,et al.  DeTrust: Defeating Hardware Trust Verification with Stealthy Implicitly-Triggered Hardware Trojans , 2014, CCS.

[11]  Franco Stellari,et al.  Verification of untrusted chips using trusted layout and emission measurements , 2014, 2014 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[12]  Swarup Bhunia,et al.  MERS: Statistical Test Generation for Side-Channel Analysis based Trojan Detection , 2016, CCS.

[13]  Axel Jantsch,et al.  Malicious LUT: A stealthy FPGA Trojan injected and triggered by the design flow , 2016, 2016 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[14]  Swarup Bhunia,et al.  Hardware Trojan attacks in embedded memory , 2018, 2018 IEEE 36th VLSI Test Symposium (VTS).

[15]  Tinoosh Mohsenin,et al.  Adaptive real-time Trojan detection framework through machine learning , 2016, 2016 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[16]  Christos A. Papachristou,et al.  MERO: A Statistical Approach for Hardware Trojan Detection , 2009, CHES.

[17]  Mark R. Beaumont,et al.  SAFER PATH: Security architecture using fragmented execution and replication for protection against trojaned hardware , 2012, 2012 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[18]  Swarup Bhunia,et al.  Golden-Free Hardware Trojan Detection with High Sensitivity Under Process Noise , 2017, J. Electron. Test..

[19]  Robert Karam,et al.  Detecting RTL Trojans using Artificial Immune Systems and High Level Behavior Classification , 2018, 2018 Asian Hardware Oriented Security and Trust Symposium (AsianHOST).

[20]  Mark Mohammad Tehranipoor,et al.  Case study: Detecting hardware Trojans in third-party digital IP cores , 2011, 2011 IEEE International Symposium on Hardware-Oriented Security and Trust.

[21]  Mark Mohammad Tehranipoor,et al.  A Novel Technique for Improving Hardware Trojan Detection and Reducing Trojan Activation Time , 2012, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[22]  Mark Mohammad Tehranipoor,et al.  Benchmarking of Hardware Trojans and Maliciously Affected Circuits , 2017, Journal of Hardware and Systems Security.

[23]  Christof Paar,et al.  MOLES: Malicious off-chip leakage enabled by side-channels , 2009, 2009 IEEE/ACM International Conference on Computer-Aided Design - Digest of Technical Papers.

[24]  Peter Gadfort,et al.  Split-fabrication obfuscation: Metrics and techniques , 2014, 2014 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[25]  Ramesh Karri,et al.  Building Trustworthy Systems Using Untrusted Components: A High-Level Synthesis Approach , 2016, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[26]  Sally Adee,et al.  The Hunt For The Kill Switch , 2008, IEEE Spectrum.

[27]  Swarup Bhunia,et al.  An automated configurable Trojan insertion framework for dynamic trust benchmarks , 2018, 2018 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[28]  Yiorgos Makris,et al.  Hardware Trojan detection using path delay fingerprint , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[29]  Yiqiang Zhao,et al.  Hardware Trojan Detection Through Chip-Free Electromagnetic Side-Channel Statistical Analysis , 2017, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[30]  Swarup Bhunia,et al.  Hardware IP Trust Validation: Learn (the Untrustworthy), and Verify , 2018, 2018 IEEE International Test Conference (ITC).