New Lightweight Architectures for Secure FSM Design to Thwart Fault Injection and Trojan Attacks

Finite state machine (FSM) is a critical part in digital processing devices used in Internet of Things (IoT) applications as it controls complete functionality of the device. The synthesis tool implements deterministic FSM by adding extra don’t care states/transitions during optimization. This additional insertion makes the FSM vulnerable to setup-time violation based fault injection (STVFI) and hardware Trojan attacks. The existing techniques are inefficient to completely mitigate these vulnerabilities and exhibit significant design overhead. Therefore, this paper presents a novel lightweight secure machine design technique that completely mitigates the vulnerabilities with minimum overhead. The paper first proposes a new metric to identify all types of vulnerable transitions (VTs) followed by a trustworthy FSM design algorithm and efficient vulnerability mitigation architecture (EVMA). Though our EVMA completely alleviates the vulnerabilities to STVFI and Trojan attacks, it slightly increases the overhead due to additional multiplexers. Hence, we also propose new secure FSM design algorithm and two new lightweight vulnerability mitigation architectures (LVMA-I and LIVMA-II) that control the FFs using existing clear and/or preset pins instead of multiplexers. The experimental results on AES and RSA encryption modules show that the proposed technique detects 100% VTs. Further, ASIC and FPGA implementation of the proposed LIVMA-II using Cadence RTL and Xilinx Vivado presents on an average 40%, 59.6%, and 51.1% reduced area, power and delay respectively compared to the well-known technique. Due to negligible design overhead, our technique is best suitable for designing secure controller of portable IoT devices.

[1]  Gang Qu,et al.  Designing Trusted Embedded Systems from Finite State Machines , 2014, TECS.

[2]  M. Tehranipoor,et al.  Hardware Trojans: Lessons Learned after One Decade of Research , 2016, TODE.

[3]  Swarup Bhunia,et al.  Security Against Hardware Trojan Attacks Using Key-Based Design Obfuscation , 2011, J. Electron. Test..

[4]  Mark G. Karpovsky,et al.  Robust FSMs for cryptographic devices resilient to strong fault injection attacks , 2010, 2010 IEEE 16th International On-Line Testing Symposium.

[5]  Michael S. Hsiao,et al.  Hardware Trojan Attacks: Threat Analysis and Countermeasures , 2014, Proceedings of the IEEE.

[6]  S. Niranjan,et al.  A comparison of fault-tolerant state machine architectures for space-borne electronics , 1996, IEEE Trans. Reliab..

[7]  Berk Sunar,et al.  Sequential Circuit Design for Embedded Cryptographic Applications Resilient to Adversarial Faults , 2008, IEEE Transactions on Computers.

[8]  Alessandro Barenghi,et al.  Fault Injection Attacks on Cryptographic Devices: Theory, Practice, and Countermeasures , 2012, Proceedings of the IEEE.

[9]  Mark G. Karpovsky,et al.  Design of Cryptographic Devices Resilient to Fault Injection Attacks Using Nonlinear Robust Codes , 2012, Fault Analysis in Cryptography.

[10]  Mark Mohammad Tehranipoor,et al.  Hardware-Assisted Cybersecurity for IoT Devices , 2017, 2017 18th International Workshop on Microprocessor and SOC Test and Verification (MTV).

[11]  Mark Mohammad Tehranipoor,et al.  AVFSM: A framework for identifying and mitigating vulnerabilities in FSMs , 2016, 2016 53nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[12]  Ramesh Karri,et al.  A Primer on Hardware Security: Models, Methods, and Metrics , 2014, Proceedings of the IEEE.

[13]  Meng Li,et al.  Cross-level Monte Carlo framework for system vulnerability evaluation against fault attack , 2017, 2017 54th ACM/EDAC/IEEE Design Automation Conference (DAC).

[14]  Ingrid Verbauwhede,et al.  Hardware Designer's Guide to Fault Attacks , 2013, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[15]  Osnat Keren,et al.  Designing fault tolerant FSM by nano-PLA , 2009, 2009 15th IEEE International On-Line Testing Symposium.

[16]  Mark Mohammad Tehranipoor,et al.  Analyzing circuit vulnerability to hardware Trojan insertion at the behavioral level , 2013, 2013 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFTS).

[17]  Nahid Farhady Ghalaty,et al.  TVVF: Estimating the vulnerability of hardware cryptosystems against timing violation attacks , 2015, 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[18]  Prabhat Mishra,et al.  FSM Anomaly Detection Using Formal Analysis , 2017, 2017 IEEE International Conference on Computer Design (ICCD).

[19]  Vijaypal Singh Rathor,et al.  New Light Weight Threshold Voltage Defined Camouflaged Gates for Trustworthy Designs , 2017, J. Electron. Test..

[20]  Qiaoyan Yu,et al.  Hardware security assurance in emerging IoT applications , 2016, 2016 IEEE International Symposium on Circuits and Systems (ISCAS).

[21]  Mark G. Karpovsky,et al.  New class of nonlinear systematic error detecting codes , 2004, IEEE Transactions on Information Theory.

[22]  Mark G. Karpovsky,et al.  Multilinear codes for robust error detection , 2009, 2009 15th IEEE International On-Line Testing Symposium.

[23]  Vijaypal Singh Rathor,et al.  An Energy-Efficient Trusted FSM Design Technique to Thwart Fault Injection and Trojan Attacks , 2018, 2018 31st International Conference on VLSI Design and 2018 17th International Conference on Embedded Systems (VLSID).

[24]  Vijaypal Singh Rathor,et al.  A Novel Low Complexity Logic Encryption Technique for Design-for-Trust , 2020, IEEE Transactions on Emerging Topics in Computing.

[25]  Eli Biham,et al.  Differential Fault Analysis of Secret Key Cryptosystems , 1997, CRYPTO.

[26]  Ronald P. Cocchi,et al.  Circuit camouflage integration for hardware IP protection , 2014, 2014 51st ACM/EDAC/IEEE Design Automation Conference (DAC).

[27]  Andrzej Krasniewski Concurrent error detection for finite state machines implemented with embedded memory blocks of SRAM-based FPGAs , 2008, Microprocess. Microsystems.

[28]  Domenic Forte,et al.  Security-Aware FSM Design Flow for Identifying and Mitigating Vulnerabilities to Fault Attacks , 2019, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[29]  Patrick Schaumont,et al.  State-of-the-art of secure ECC implementations: a survey on known side-channel attacks and countermeasures , 2010, 2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).