Skip to Main Content
 

Global Search Box

 
 
 
 

Files

File List


Thesis1ABasak.pdf (14.77 MB)

ETD Abstract Container

Abstract Header

INFRASTRUCTURE AND PRIMITIVES FOR HARDWARE SECURITY IN INTEGRATED CIRCUITS

Basak, Abhishek
http://orcid.org/0000-0001-6438-3539
http://rave.ohiolink.edu/etdc/view?acc_num=case1458787036

Abstract Details

2016, Doctor of Philosophy, Case Western Reserve University, EECS - Computer Engineering.
For logical correlation and clustering similar approaches together, this thesis is divided into two parts. Part I proposes three light-weight, proactive IC integrity validation approaches as countermeasures against the two major forms of counterfeit ICs namely Recycled and Cloned chips. Hence the security threats considered here revolve around the legitimacy of the procured components from the vast, ever-expanding global supply chain, used to design electronic systems. The first approach is a low overhead, on-die protection mechanism against both types of above-mentioned counterfeit digital ICs based on one-time programmable Antifuses inserted in the I/O port logic and a key stored in secure non-volatile memory. Second is an antifuse based IC package level solution against both counterfeit types, that does not require any design modi fication, on-die resources and hence can be applied to legacy designs (i.e. production ready designs), which comprise a signi ficant portion of the semiconductor market. The last is an intrinsic pin resistance based IC authentication approach against cloned ICs, which does not require any overhead (die or package), changes in the design cycle and is applicable to legacy ICs. In addition to digital ICs, the latter two techniques also work efficiently for analog and mixed-signal designs. The protection against recycling off ered by the fi rst two methods involves active defense rather than only detection, i.e. the ICs are non-functional (hence of no value) until the antifuses are programmed. Overall, as compared to existing Design-for-Security (DfS) techniques, utilization of one or more of these proposed approaches would incur minimal to virtually zero design modifi cations and associated hardware overhead, off er easy integrability in existing chips and are potentially applicable to legacy designs and ICs of all types at comparable security. Part II of the thesis revolves around efficient protection against threats arising due to the integration characteristics and interactions between di fferent hardware and/or software/fi rmware components on a platform required to perform system level functions. It particularly focuses on a System-on-Chip (SoC), which constitute the primary IC type in mobile and embedded electronic systems today and is essentially an entire platform on a single chip. We have proposed a novel architecture framework that provides a methodical, formal approach to implement system level security policies in these SoCs. SoCs incorporate di fferent types of hardware/fi rmware/software based Intellectual Property (IP) cores including gen- eral purpose processors, graphics cores, accelerators, memory subsystems, device controllers etc. Security policies protect the access of various security assets on chip sprinkled around in these IP blocks, like device keys, passwords, con figuration register settings, programmable fuses and private user data. They typically involve subtle interactions between diff erent IP components and their specifi cation as well as implementation often get modi fied over the design cycle involving various stakeholders. As a result, these policies are typically implemented in a rather adhoc fashion in SoCs presently. This creates signi ficant issues in post-Si SoC validation, in-fi eld testing as well as patch/upgrades in response to bugs or changing security requirements in fi eld. To address this issue, the thesis proposes a light-weight infrastructure framework for systematic, methodical implementation of diverse SoC security policies. The architecture is centered around smart security wrappers, which extract security critical event information from the IPs and a centralized, firmware upgradable micro-controlled policy controller, which analyzes the SoC security state at all phases and enforces the appropriate security controls via the wrappers. Furthermore, to reduce the security wrapper overheads as well as provide greater flexibility to adapt to new security requirements in- field, an interface is provided between the security architecture and the existing on-chip debug infrastructure to permit reuse of its Design-for-Debug (DfD) components for security policy implementation. The thesis concludes with an analysis of the threat due to malicious modi fications and/or covert backdoors in untrustworthy 3rd party IPs in use today for designing SoCs. In the absence of full-proof static trust analysis methods, potent run-time solutions have been proposed in the architectural framework as a last line of defense to ensure SoC security in presence of untrustworthy IPs.
Swarup Bhunia (Advisor)
Frank Merat (Committee Member)
Soumyajit Mandal (Committee Member)
Ming-Chun Huang (Committee Member)
Sandip Ray (Committee Member)
187 p.
Computer Engineering; Electrical Engineering
security, anti-counterfeiting, system-on-chip, security policies, debug infrastructure, design-for-debug, design-for-security, trust-aware, antifuse, active defense, recycled IC, cloned IC

Recommended Citations

Citations

  • Basak, A. (2016). INFRASTRUCTURE AND PRIMITIVES FOR HARDWARE SECURITY IN INTEGRATED CIRCUITS [Doctoral dissertation, Case Western Reserve University]. OhioLINK Electronic Theses and Dissertations Center. http://rave.ohiolink.edu/etdc/view?acc_num=case1458787036

    APA Style (7th edition)

  • Basak, Abhishek. INFRASTRUCTURE AND PRIMITIVES FOR HARDWARE SECURITY IN INTEGRATED CIRCUITS. 2016. Case Western Reserve University, Doctoral dissertation. OhioLINK Electronic Theses and Dissertations Center, http://rave.ohiolink.edu/etdc/view?acc_num=case1458787036.

    MLA Style (8th edition)

  • Basak, Abhishek. "INFRASTRUCTURE AND PRIMITIVES FOR HARDWARE SECURITY IN INTEGRATED CIRCUITS." Doctoral dissertation, Case Western Reserve University, 2016. http://rave.ohiolink.edu/etdc/view?acc_num=case1458787036

    Chicago Manual of Style (17th edition)

case1458787036
737
© 2016, all rights reserved.
This open access ETD is published by Case Western Reserve University School of Graduate Studies and OhioLINK.