Building Trustworthy Systems Using Untrusted Components: A High-Level Synthesis Approach

Trustworthiness of system-on-chip designs is undermined by malicious logic (Trojans) in third-party intellectual properties (3PIPs). In this paper, duplication, diversity, and isolation principles have been extended to detect build trustworthy systems using untrusted, potentially Trojan-infected 3PIPs. We use a diverse set of vendors to prevent collusions between the 3PIPs from the same vendor. We identify design constraints for Trojan detection to achieving detection, collusion prevention, and isolating the Trojan-infected 3PIP, and incorporate them during high-level synthesis. In addition, we develop techniques to reduce the number of vendors. The effectiveness of the proposed techniques is validated using the high-level synthesis benchmarks.

[1]  W.C. Gangloff,et al.  Common mode failure analysis , 1975, IEEE Transactions on Power Apparatus and Systems.

[2]  Algirdas Avizienis,et al.  The N-Version Approach to Fault-Tolerant Software , 1985, IEEE Transactions on Software Engineering.

[3]  Thomas Risse On the Evaluation of the Reliability of k-out-of-n Systems , 1987, IEEE Transactions on Reliability.

[4]  Fadi J. Kurdahi,et al.  REAL: A Program for REgister ALlocation , 1987, 24th ACM/IEEE Design Automation Conference.

[5]  Barry W. Johnson Design & analysis of fault tolerant digital systems , 1988 .

[6]  R. Ramaswami,et al.  Book Review: Design and Analysis of Fault-Tolerant Digital Systems , 1990 .

[7]  Yu-Chin Hsu,et al.  Data path allocation based on bipartite weighted matching , 1990, 27th ACM/IEEE Design Automation Conference.

[8]  Mark Russinovich,et al.  Application transparent fault management in fault tolerant Mach , 1993, FTCS-23 The Twenty-Third International Symposium on Fault-Tolerant Computing.

[9]  Olivier Sentieys,et al.  GAUT: An architectural synthesis tool for dedicated signal processors , 1993, Proceedings of EURO-DAC 93 and EURO-VHDL 93- European Design Automation Conference.

[10]  Miodrag Potkonjak,et al.  Optimum and heuristic transformation techniques for simultaneous optimization of latency and throughput , 1995, IEEE Trans. Very Large Scale Integr. Syst..

[11]  Anoop Gupta,et al.  Implementing efficient fault containment for multiprocessors: confining faults in a shared-memory multiprocessor environment , 1996, CACM.

[12]  Jean Arlat,et al.  MetaKernels and fault containment wrappers , 1999, Digest of Papers. Twenty-Ninth Annual International Symposium on Fault-Tolerant Computing (Cat. No.99CB36352).

[13]  Jing-Yang Jou,et al.  Coverage Analysis Techniques for HDL Design Validation , 1999 .

[14]  Titos Saridakis,et al.  Design Patterns for Fault Containment , 2003, EuroPLoP.

[15]  Berk Sunar,et al.  Trojan Detection using IC Fingerprinting , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[16]  Yiorgos Makris,et al.  Hardware Trojan detection using path delay fingerprint , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[17]  Susmit Jha,et al.  Randomization Based Probabilistic Approach to Detect Trojan Circuits , 2008, 2008 11th IEEE High Assurance Systems Engineering Symposium.

[18]  Mark Mohammad Tehranipoor,et al.  Detecting malicious inclusions in secure hardware: Challenges and solutions , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[19]  Jie Li,et al.  At-speed delay characterization for IC authentication and Trojan Horse detection , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[20]  Swarup Bhunia,et al.  Towards Trojan-Free Trusted ICs: Problem Analysis and Detection Scheme , 2008, 2008 Design, Automation and Test in Europe.

[21]  Mark Mohammad Tehranipoor,et al.  New design strategy for improving hardware Trojan detection and reducing Trojan activation time , 2009, 2009 IEEE International Workshop on Hardware-Oriented Security and Trust.

[22]  Miodrag Potkonjak,et al.  SVD-Based Ghost Circuitry Detection , 2009, Information Hiding.

[23]  Michael S. Hsiao,et al.  A Novel Sustained Vector Technique for the Detection of Hardware Trojans , 2009, 2009 22nd International Conference on VLSI Design.

[24]  Miodrag Potkonjak,et al.  Hardware Trojan horse detection using gate-level characterization , 2009, 2009 46th ACM/IEEE Design Automation Conference.

[25]  Mark Mohammad Tehranipoor,et al.  Trustworthy Hardware: Identifying and Classifying Hardware Trojans , 2010, Computer.

[26]  Michael S. Hsiao,et al.  Trusted RTL: Trojan detection methodology in pre-silicon designs , 2010, 2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[27]  Kaushik Roy,et al.  Multiple-parameter side-channel analysis: A non-invasive hardware Trojan detection approach , 2010, 2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[28]  R. Obermaisser,et al.  Fault containment in a reconfigurable Multi-Processor System-on-a-Chip , 2011, 2011 IEEE International Symposium on Industrial Electronics.

[29]  Mark Mohammad Tehranipoor,et al.  Case study: Detecting hardware Trojans in third-party digital IP cores , 2011, 2011 IEEE International Symposium on Hardware-Oriented Security and Trust.

[30]  Simha Sethumadhavan,et al.  Silencing Hardware Backdoors , 2011, 2011 IEEE Symposium on Security and Privacy.

[31]  Sujit Dey,et al.  Recovery-based design for variation-tolerant SoCs , 2012, DAC Design Automation Conference 2012.

[32]  Yiorgos Makris,et al.  Proof carrying-based information flow tracking for data secrecy protection and hardware trust , 2012, 2012 IEEE 30th VLSI Test Symposium (VTS).

[33]  Yiorgos Makris,et al.  Proof-Carrying Hardware Intellectual Property: A Pathway to Trusted Module Acquisition , 2012, IEEE Transactions on Information Forensics and Security.

[34]  Mark Mohammad Tehranipoor,et al.  Analyzing circuit vulnerability to hardware Trojan insertion at the behavioral level , 2013, 2013 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFTS).

[35]  Yiorgos Makris,et al.  A proof-carrying based framework for trusted microprocessor IP , 2013, 2013 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[36]  Jeyavijayan Rajendran,et al.  High-level synthesis for security and trust , 2013, 2013 IEEE 19th International On-Line Testing Symposium (IOLTS).

[37]  Simha Sethumadhavan,et al.  FANCI: identification of stealthy malicious logic using boolean functional analysis , 2013, CCS.

[38]  Michael S. Hsiao,et al.  Hardware Trojan Attacks: Threat Analysis and Countermeasures , 2014, Proceedings of the IEEE.

[39]  Jie Zhang,et al.  DeTrust: Defeating Hardware Trust Verification with Stealthy Implicitly-Triggered Hardware Trojans , 2014, CCS.

[40]  Pramod Subramanyan,et al.  Formal verification of taint-propagation security properties in a commercial SoC design , 2014, 2014 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[41]  Jeyavijayan Rajendran,et al.  Shielding Heterogeneous MPSoCs From Untrustworthy 3PIPs Through Security- Driven Task Scheduling , 2013, IEEE Transactions on Emerging Topics in Computing.

[42]  Liang Shi,et al.  High-level synthesis for run-time hardware Trojan detection and recovery , 2014, 2014 51st ACM/EDAC/IEEE Design Automation Conference (DAC).

[43]  Jeyavijayan Rajendran,et al.  Detecting malicious modifications of data in third-party intellectual property cores , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[44]  R. Karri,et al.  Security verification of 3rd party intellectual property cores for information leakage , 2015 .

[45]  Anirban Sengupta,et al.  Untrusted Third Party Digital IP Cores: Power-Delay Trade-off Driven Exploration of Hardware Trojan Secured Datapath during High Level Synthesis , 2015, ACM Great Lakes Symposium on VLSI.

[46]  Jie Zhang,et al.  VeriTrust: Verification for Hardware Trust , 2015, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..