Blue team red team approach to hardware trust assessment

Hardware security techniques are validated using fixed in-house methods. However, the effectiveness of such techniques in the field cannot be the same as the attacks are dynamic. A red team blue team approach mimics dynamic attack scenarios and thus can be used to validate such techniques by determining the effectiveness of a defense and identifying vulnerabilities in it. By following a red team blue team approach, we validated two trojan detection techniques namely, path delay measurement and ring oscillator frequency monitoring, in the Embedded Systems Challenge (ESC) 2010. In ESC, one team performed the blue team activities and eight other teams performed red team activities. The path delay measurement technique detected all the trojans. The ESC exposed a vulnerability in the RO-based technique which was exploited by the red teams causing some trojans to be undetected. Post ESC, we developed a technique to fix this vulnerability.

[1]  Subhasish Mitra,et al.  Delay defect characteristics and testing strategies , 2003, IEEE Design & Test of Computers.

[2]  Jeyavijayan Rajendran,et al.  Design and analysis of ring oscillator based Design-for-Trust technique , 2011, 29th VLSI Test Symposium.

[3]  Mark Mohammad Tehranipoor,et al.  Trustworthy Hardware: Identifying and Classifying Hardware Trojans , 2010, Computer.

[4]  Yiorgos Makris,et al.  Hardware Trojan detection using path delay fingerprint , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[5]  Jarrod A. Roy,et al.  EPIC: Ending Piracy of Integrated Circuits , 2008, 2008 Design, Automation and Test in Europe.

[6]  Mark Mohammad Tehranipoor,et al.  Trustworthy Hardware: Trojan Detection and Design-for-Trust Challenges , 2011, Computer.

[7]  Miodrag Potkonjak,et al.  SVD-Based Ghost Circuitry Detection , 2009, Information Hiding.

[8]  Stefan Mangard,et al.  Power analysis attacks - revealing the secrets of smart cards , 2007 .

[9]  Roger M. Needham,et al.  TEA, a Tiny Encryption Algorithm , 1994, FSE.

[10]  Swarup Bhunia,et al.  Security against hardware Trojan through a novel application of design obfuscation , 2009, 2009 IEEE/ACM International Conference on Computer-Aided Design - Digest of Technical Papers.

[11]  Gang Qu,et al.  Hardware metering , 2001, Proceedings of the 38th Design Automation Conference (IEEE Cat. No.01CH37232).

[12]  Mark Mohammad Tehranipoor,et al.  Hardware Trojan Detection and Isolation Using Current Integration and Localized Current Analysis , 2008, 2008 IEEE International Symposium on Defect and Fault Tolerance of VLSI Systems.

[13]  Patrick Schaumont,et al.  A large scale characterization of RO-PUF , 2010, 2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).