OS support for detecting Trojan circuit attacks

Rapid advances in integrated circuit (IC) development predicted by Moore's Law lead to increasingly complex, hard to verify IC designs. Design insiders or adversaries employed at untrusted locations can insert malicious Trojan circuits capable of launching attacks in hardware or supporting software-based attacks. In this paper, we provide a method for detecting Trojan circuit denial-of-service attacks using a simple, verifiable hardware guard external to the complex CPU. The operating system produces liveness checks, embedded in the software clock, to which the guard can respond. We also present a novel method for the OS to detect a hardware-software (HW/SW) Trojan privilege escalation attack by using OS-generated checks to test if the CPU hardware is enforcing memory protection (MP). Our implementation of fine-grained periodic checking of MP enforcement incurs only 2.2% overhead using SPECint 2006.

[1]  Mark Mohammad Tehranipoor,et al.  Detecting malicious inclusions in secure hardware: Challenges and solutions , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[2]  Jia Di,et al.  Detecting Malicious Logic Through Structural Checking , 2007, 2007 IEEE Region 5 Technical Conference.

[3]  Swarup Bhunia,et al.  On-demand transparency for improving hardware Trojan detectability , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[4]  Berk Sunar,et al.  Trojan Detection using IC Fingerprinting , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[5]  Bhagirath Narahari,et al.  Providing secure execution environments with a last line of defense against Trojan circuit attacks , 2009, Comput. Secur..

[6]  Li Li,et al.  Trust-Based Design and Check of FPGA Circuits Using Two-Level Randomized ECC Structures , 2009, TRETS.

[7]  Michael S. Hsiao,et al.  A region based approach for the identification of hardware Trojans , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[8]  Sally Adee,et al.  The Hunt For The Kill Switch , 2008, IEEE Spectrum.

[9]  Mohammad Tehranipoor,et al.  IEEE International Workshop on Hardware-Oriented Security and Trust, HOST 2008, Anaheim, CA, USA, June 9, 2008. Proceedings , 2008, IEEE International Symposium on Hardware Oriented Security and Trust.

[10]  Swarup Bhunia,et al.  Towards Trojan-Free Trusted ICs: Problem Analysis and Detection Scheme , 2008, 2008 Design, Automation and Test in Europe.

[11]  Yuanyuan Zhou,et al.  Designing and Implementing Malicious Hardware , 2008, LEET.

[12]  Mark Mohammad Tehranipoor,et al.  Sensitivity analysis to hardware Trojans using power supply transient signals , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[13]  P. Gerum Xenomai-Implementing a RTOS emulation framework on GNU / Linux , 2022 .

[14]  Jie Li,et al.  At-speed delay characterization for IC authentication and Trojan Horse detection , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[15]  Yiorgos Makris,et al.  Hardware Trojan detection using path delay fingerprint , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.