Scribd
Upload
47 views

H S C I: I T (I T) : Ardware Ecurity For Yber Nfrastructure Nternet of Hings O

The document discusses hardware security concerns for cyber infrastructure and the Internet of Things. It notes that modern outsourced manufacturing models have led to a fragmented ecosystem that is more vulnerable to security breaches. The document outlines various hardware attack modes like reverse engineering, cloning, tampering, and the use of side channels. It argues that security needs to be addressed at the hardware level since software-only solutions are not sufficient if the underlying hardware is not secure. Supply chain risks are identified at different stages of the design and manufacturing process.

Uploaded by

ottopor
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
47 views

H S C I: I T (I T) : Ardware Ecurity For Yber Nfrastructure Nternet of Hings O

The document discusses hardware security concerns for cyber infrastructure and the Internet of Things. It notes that modern outsourced manufacturing models have led to a fragmented ecosystem that is more vulnerable to security breaches. The document outlines various hardware attack modes like reverse engineering, cloning, tampering, and the use of side channels. It argues that security needs to be addressed at the hardware level since software-only solutions are not sufficient if the underlying hardware is not secure. Supply chain risks are identified at different stages of the design and manufacturing process.

Uploaded by

ottopor
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 47

H ARDWARE S ECURITY FOR C YBER

I NFRASTRUCTURE : I NTERNET OF T HINGS (I O T)

EE457 Supplement Lecture

Note: Do not disseminate this lecture note without consent.


Some slides are from Mr. Farhang Yazdani Keynote
speech at IMAPS Devices 2016 in Scottsdale, Arizona
K EY M ESSAGE : S ECURITY C ONCERN

Fan-Out Fan-In Flip Chip Wirebond

2.5D/3D Through Pin

Source: Images taken from google


M OTIVATION

What do we mean by security?

What are modes of infection?

What’s the role of packaging?

What does package has to do with security?

What does it take for a package to function in modern environment?


T HERE IS M ORE TO PACKAGING

Form Factor Line Width/Spacing Reliability Thermal Signal/power

Packaging will contribute more than its traditional values


PAST E COSYSTEM : A M ORE S ECURE E COSYSTEM
Homogeneous ecosystem

Fully contained within the organization


Source: Images taken from google
M ODERN O UTSOURCE M ODEL : A F RAGMENTED E COSYSTEM
Somewhere, somehow along the journey things could go wrong Heterogeneous ecosystem
Modern ecosystem is a fragmented Ecosystem and unsecured

IP
IP

DFT

Layout FAB
IP
IP

Assembly & Test


Ship to system provider
Source: Images taken from google
S NAP S HOT

Nods have shrunk to 7nm

Fan-out is going mainstream

Price of silicon interposer plummeted considerably

2.5D/3D memory-logic making its way to the market

Yet the industry is still struggling with security breaches, losing


billions of $
Source: Images taken from google
P RESIDENT TO S IGN B ILL C OMBATING C OUNTERFEIT C HIPS

Law to Combat Counterfeit Chips

The circulation of counterfeit semiconductors has increased considerably.

Feb. 11, 2016: President Obama indicated he will sign into law a customs bill passed
by the U.S. Senate that includes a provision to combat counterfeit semiconductors.

The bill, mandates that U.S. Customs share information and samples of suspected
counterfeit parts for rapid identification of counterfeits. Full transparency!!

In 2011, the Semiconductor Industry Association (SIA) estimated that counterfeiting


costs U.S.-based semiconductor companies more than $7.5 billion per year.

http://www.eetimes.com/document.asp?doc_id=1328931
M ARKET P ROJECTION IS C ONSISTENT
Requirement of packaging for (in) modern era

Infected ecosystem
Infected chip
Infected package
I NTERNET OF A NIMALS , ( WEARABLE FOR PETS )
I NTERNET OF FARM ( WEARABLE FOR COW, SHEEP, …)
I NTERNET OF P LANTS
IOT SIP attached to monitor condition of growth plant that makes phone calls or tweets if it needs water

 SIP includes lithium batteries that last for years

 Upload encrypted data using cell phone network

 60% of tomato farmers and 40% of cotton growers in


Israel use the system
W IRELESS I MPLANTABLE M EDICAL D EVICES (IOT)
Deep Brain Hearing Implants
Neurostimulators

Gastric Cardiac Pacemakers


Neurostimulators

Insulin Pumps
Foot Drop
Implants

Unsecured IMD is a threat Only in US 25M are fitted with IMDs


Source: http://groups.csail.mit.edu/netmit/IMDShield
W HAT A RE T HE R ISKS OF A C ONNECTED W ORLD ?
Any connected thing can be tampered with to carry out an operation

Source: fraud419.blogspot.com Source: recombu.com Source: selectism.com

Source: entertainment.wikia.com
B ACK IN J ULY 2015
“Hackers Remotely Kill a Jeep on the Highway”
 Two hackers from their basement break into a car on the highway
 Vents started blasting cold air at maximum speed

 Radio switched to hip hop station at full volume

 Then the windshield wipers turned on

 Honked the horn www.wired.com

 Then accelerator stopped working

 Braking system was disabled

 Sending the car into a ditch

Congress Takes on Car Hacking


www.wired.com
C AN A S YSTEM BE P ROTECTED ?

Software
Assumption: Core Root of Trust (CRT) is secure

Operating
Applications Protocols
Systems

But: Core Root of Trust (CRT) is NOT secure


http://bizblog.blackberry.com/2015/02/blackberry-security-starts-at-endpoints/
H ARDWARE S ECURITY C ONCERN !
 A great product
 A great engineering achievement
 A global effort
www.wirelessdesignmag.com
 However, a gold mine for intruders
 Sniffing IOT SIP

 Spying MEMS Sensor


Analog/Wifi Memory
Controller
 Tampering
 …
IOT SIP S ECURITY C ONCERN

IOT SIP Concern


• May not give you the right data
• May send the data to other sources
• May perform tasks other than what it was intended for (Spying)
• May be activated or deactivated by adversaries
•…
M OVING F ORWARD

IOT SIP

MEMS Sensor
Analog/Wifi Memory
Controller
M ODES OF I NFECTION

Cyber Physical Side


Attack Attack Channel
Attack
Source: Images taken from Google
http://prioritylabs.com
http://www.snciweb.com/data-cabling
O UR F OCUS : H ARDWARE ATTACK M ODES

Side Channels
Trojan • Power variation Tampering &
Cloning and
• Timing variation Reverse
overbuilding (Malicious logic) Engineering
• Test Ports
(JTAG, Scan, …)
S UMMARY OF H ARDWARE S ECURITY T HREATS
Reverse Engineering: Probe the design and build your own
Cloning: Just copy the existing products
Overbuilding: The easiest form, fab and package more than the PO
Tampering: Unauthorized access the hardware
Inadequate Security Measures: Forgot to consider system level
Back Doors: Debug, test ports can be used to break in
Design Defect: Defects in design can be used to break in
Trojan Horse: Insertion of malicious circuit to gain access later
Side-Channel: Use of timing, power data to extract keys, gain access
System Defect: Manufacturing defects that can be used to gain access
T HREAT S OURCES ( HARDWARE ASPECT )!

IP Provider

Hardware Threat
System Integrator
Sources

Manufacturing &
Assembly/Test

https://ssli.ee.washington.edu/people/duh/projects/arbiter.html
http://buyersguide.mae.pennnet.com/microsemi-pmg/p/custom-memory-multichip-package-and-system-in-a-package.html
https://stickman.butterknifeestates.com/2010/05/08/a-3-bit-alu/
P OTENTIAL A REAS OF S UPPLY C HAIN R ISKS
Manufacturing &
Design Front
Assembly

Specs Fab, Mask


Trojans
Cloned
Tampered Tools Wafer probe
Overproduced
Defective
Library and Models Packaging & Test Counterfeit
Tampered
Untrusted Foundry
IP Development

DFT

Untrusted Design
2.5D/3D P ERSPECTIVE ( MORE RISKY )

Clean
Fully Infected
Clean
Min. Infected

Source: Images taken from google


Counterfeit
W HAT IS C OUNTERFEIT ?
 A counterfeit component
 An illegal copy
 Does not adhere to OCM specification and standard
 Produced by unauthorized organization
 A defective or used part sold as new

Source: Guin et al.: Counterfeit Integrated Circuits: A Rising Threat in the Global Semiconductor Supply Chain
C OMMON C OUNTERFEIT T YPES

Recycled, remarked and repackaged parts are major


contributor to counterfeit cases

Untrusted assembly and foundry contributes to


overproduced and defective components

Adversaries adopt cloning strategy (small to large


organizations)

Spying/sniffing is achieved using tampered parts


(backdoor to send the information out when needed)
C OMMON C OUNTERFEIT P RODUCTS ( EXPENSIVE PARTS )

 Analog ICs

 Processors

 Memory

 FPGA

 Transistors

 Tantalum
Capacitors
R ECYCLING PROCESS

Recycle PCB Removal IC Removal

Market New Package Refine IC

Source: Images taken from google


C OUNTERFEIT E XAMPLE

http://creativeelectron.com/counterfeit-components-explode/
TAXONOMY OF C OUNTERFEIT D ETECTION

Source: Guin et al.: Counterfeit Integrated Circuits: A Rising Threat in the Global Semiconductor Supply Chain
E XAMPLE (PARAMETRIC T EST )

 Power consumption

 Delay test

 Set up and hold time


test

 …

Real Part Counterfeit part

Source: Guin et al.: Counterfeit Integrated Circuits: A Rising Threat in the Global Semiconductor Supply Chain
E CONOMIC I MPACT OF C OUNTERFEIT PARTS

 A growing threat in the supply chain


 According to sources loss due to counterfeiting was ~$0.5B
USD in 2008 and estimated to grow to $1.5B USD by 2015
 Counterfeit parts represent $169B USD annual risk (HIS)
 Very challenging to detect and expensive
 Counterfeiter are using sophisticates tools and technologies and
are well financed
35

Hardware Trojan

http://www.ecnmag.com/article/2015/05/how-combat-counterfeit-semiconductors
H ARDWARE T ROJAN

Packaged IC that contains


malicious circuit
It can reduce the reliability

It can change the functionality

Transmit information when needed (spying)

Many sectors of industry at risk (Financial, Aerospace, …)

Connected World at risk


C OMMON T ROJAN T YPE

Original Addition

Parametric
Deletion

Source: Chongxi Bao


Dominic Forte
Ankur Srivastava
ISQED 2014
E MERGING T ROJANS

In the attack of the Ivy Bridge, researchers were able


Original Trojan to get their Trojan onto the processor at the sub-
transistor level: “Our Trojan is capable of reducing the
security of the produced random number from 128
Source: http://thehackernews.com/2013/09/Undetectable-hardware-Trojans.html
bits to n bits, where n can be chosen,”
B ACK D OOR ATTACK : C ONNECTED W ORLD AT G REATER R ISK

Adversaries spying over secret data

Manipulate circuit, sending wrong data, shutdown, blowup

Turn it on-off when needed

Difficult to detect

Source: Images taken from google


C HALLENGES OF T ROJAN DETECTION IN FABRICATED S YSTEMS

Challenges of Trojan detection


Size:
• compared to actual design, Trojans are very small and difficult to detect.

Dormant:
• Some don’t cause failure, but instead leak information (spying).
• Others can be activated when needed.
Difficult to model:
• Manufacturing defects can be modeled by very difficult to model Trojans.
T ROJAN D ETECTION

• Costly
• Time consuming
Destructive • Use SEM to extract layers images
• Identify all the elements

• Identify abnormal behavior during operation


• Test based approaches or side-channel
Non-destructive analysis (Delay, Radiation, Transient
Current…)
S YSTEM L EVEL T RUST R EQUIREMENT

Fabricated system must guarantee to


do its function and nothing more or less
R EQUIREMENT

Trusted
Trusted
Trusted Design Packaging
Fabrication
Assembly & Test

Trusted IP
Trusted Libraries & Models
Trusted EDA Tool
44

Summary
IOT SIP R EQUIREMENT

Footprint

Reliability/Quality

Performance

Security
S UMMARY

Connected world has many security


challenges to overcome

A trusted supply chain is in demand

Data ownership, privacy and legal loop holes


is being worked-out
Welcome to the connected world

You might also like