Posts by Collection

Hardware Trojan Detection and Mitigation

Driven by the rising cost and complexity of integrated circuit (IC) fabrication, the semiconductor industry has become increasingly reliant on unaffiliated and untrusted entities for IC production. These untrusted entities are capable of inserting malicious hardware, known as hardware trojans, within an IC during fabrication. These malicious modifications can serve a wide variety of purposes including malfunctions in the field, lower reliability, confidential data leakage, and system destruction in specific conditions. They are also quite pernicious as they are difficult to detect with standard functional verification procedures and can often bypass software-implemented security. Therefore, hardware trojans are a massive security risk, especially for security-critical applications. <p>

Towards Crowd-Sourced Artifact Curation for Cyberattacks through a Learner-Centered AI Co-Pilot

About:

Creating robust and comprehensive cybersecurity solutions has become increasingly costly and time consuming due to the ever-expanding list of vulnerabilities to be considered and new attacks found continuously. On the other hand, security research quite often only focuses on a specific attack or even sub-components of it with a narrow scope. These constraints severely limit the opportunity in creating holistic, cross-disciplinary cybersecurity solutions. This project aims to develop a learner-centered co-pilot tool leveraging advances in artificial intelligence (AI) to produce attack scenarios and capture related data, which includes end-to-end attack interactions between the red team attacker and the cyber systems. The resulting high-quality and structured attack artifact repository will be a highly valuable resource to the cyber security research community, especially for the test and validation of security solutions.

This project adopts large language model (LLM) to help cybersecurity research. Through an LLM adaptation approach, the red-team co-pilot will incorporate techniques such as prompt engineering, reasoning, parameter-efficient fine-tuning, and few-shot learning to guide users to emulate attack scenarios. The project will develop a curator-friendly methodology to enable the crowd-sourced aggregation of high-quality cyberattack artifacts associated with attack behaviors and system settings, when the tool is deployed in the research community. The captured dataset contains both functional and behavioral aspects of attacks such as tactics, techniques, and procedures. A successful research outcome, including the tools generated, can help facilitate security benchmarking, AI-based penetration testing, adversarial modeling, and research reproducibility. In addition, the red-team co-pilot brings a useful tool to cyber security education and workforce development since it offers an accessible, adaptive, reusable, and learner-centric platform for users to emulate attacks and develop cyber defense experiences.

Design Space Modeling for Logic Obfuscation to Enable System-Wide Security during IC Manufacture and Test

About:

Due to the rising cost of semiconductor manufacturing, computer chip designers are increasingly reliant on offshore manufacturers. These manufacturers are generally considered to be untrusted, driving concerns of intellectual property (IP) piracy and theft. Logic obfuscation, also called logic locking, was developed to mitigate these threats, however, its effectiveness varies widely based on how obfuscation resources are allocated throughout a system. This project studies how to model, automate, and evaluate the high-level configuration of logic obfuscation in a system to maximize security with minimal design overhead. The project’s novelties are the system-wide view of the obfuscation resource allocation problem and the framework to generate mathematical models for this allocation problem. The purpose of these models is to automatically identify effective distributions of budgeted obfuscation resources in varied computer chips and provide intuition on how obfuscation secures a complex system. The project’s broader significance and importance are in lowering the barrier to developing secure computer chips for high-trust applications (e.g., healthcare, defense, finance, and automotive) through automation. The integration of education and research is a key objective. This includes research opportunities for graduate and undergraduate students as well as open-source course modules to train next-generation security experts for the workforce.

This project bridges the knowledge gap between combinational, gate-level logic obfuscation schemes and their security impact in the larger integrated circuit they protect. Specifically, the project develops a design space modeling framework for logic obfuscation system configuration in order to budget obfuscation resources, allocate resources to design regions, and specify obfuscation schemes in these regions. Given a fixed budget of various obfuscation resources, these models automatically identify obfuscation configurations that fulfill system-wide security goals with minimal design overhead. The research artifacts are 1) quantifiable system security metrics for obfuscation, 2) an open-source design space modeling framework for obfuscation, and 3) a verification of generated models.

Reverse Engineering Resistant Architecture Design

The need for high-end performance and cost savings has driven hardware design houses to outsource integrated circuit (IC) fabrication to untrusted manufacturing facilities. During fabrication, the entire chip design is exposed to these potentially malicious facilities, raising concerns of intellectual property (IP) piracy, reverse engineering, and malicious hardware modification. This is a major concern of both government and private organizations, especially in the context of military hardware. Logic obfuscation is a popular approach to mitigate these hardware security threats. Obfuscation techniques lock a circuit by inserting extra key logic into combinational blocks. The resulting design only exhibits its intended functionality when a correct key is applied after fabrication. Without a functional IC, malicious entities cannot obtain design secrets, alleviating security concerns. <p>

Security-Aware Electronic Design Automation

Nearly every hardware system is developed in a high-level language, such as Verilog, and converted into a gate-level netlist via some form of automated synthesis. This provides two benefits. 1) Designers can focus primarily on algorithm development, automating many challenges caused by the scale of modern ICs. 2) Design automation tools automate a wide array of optimizations to trade off design goals (power, area, timing, etc.) and ensure that all requirements are met. However, much hardware security research, particularly in the space of design obfuscation, secures the gate-level netlists produced following synthesis, forgoing traditional design automation processes almost entirely. Given the scale modern ICs, on the order of billions of transistors, efficient design automation is a necessity. The lack of security-aware design automation algorithms severely limits the adoption of many security schemes, such as logic obfuscation, in practice. <p>

Reverse Engineering Resistant Physical Design Strategies

Recent research has demonstrated that contactless electro-optical probing, a common IC test and evaluation technique, can be used to extract hardware keys from a circuit even when tamper-proof memory elements are used. This form of physical attack represents a fundamental shift in the hardware security threat model, particularly for design obfuscation, where such physical attacks were largely considered to be out-of-scope. These attacks are unique because they exploit the physical design (i.e. layout, placement, routing, etc.) of a circuit to compromise security. In order to protect our critical infrastructure and military technology from these novel security threats, we must fundamentally shift our view of hardware security to include an IC’s physical design. This opens the door to a new generation of research to rethink the nature of reverse engineering resistant design practices through the lens of physical design. Our work in this space develops rigorous theoretical models for contactless-probing-based attackers to infer secret keys, opening the door to secure physical design in the next generation of ICs.

CMPE361: Introduction to Hardware Security

Undergraduate Course, Rochester Institue of Technology, Fall 2023

The objective of this course is to build the knowledge and skills necessary to design, evaluate, and implement secure hardware systems. Course topics will span the fundamentals of hardware security and trust, which may include security principles and properties, encryption/decryption, side-channel attacks, hardware manufacture and test, physically uncloneable functions (PUF), true random number generation, hardware trojan detection, secure system design, and trusted execution environments. Laboratory assignments and projects facilitate the hands-on learning of course topics including cryptographic hardware design, side-channel attacks, integrated circuit test and verification, PUFs, true random number generation, and secure system design using a field programmable gate array (FPGA) and an embedded processor as an implementation platform.

CMPE530/630: Digital IC Design

Undergraduate/Graduate Course, Rochester Institue of Technology, Spring 2023

This course will cover the basic theory and techniques of Digital Integrated Circuit Design in CMOS technology. Topics include CMOS transistor theory and operation, design and implementation of CMOS circuits, fabrication process, layout and physical design, delay and power models, static and dynamic logic families, testing and verification, memory and nanoscale technologies. Laboratory assignments and project facilitate in hands-on learning of circuit-level design and simulation, layout and parasitic extractions, pre and post-layout verification and validation, full- custom flow and Synthesis based flow, using industry standard CAD tools.

ENEE640: Digital CMOS VLSI Design

Graduate Course, University of Maryland, College Park, Spring 2021

Review of MOS transistors: fabrication, layout, characterization; CMOS circuit and logic design: circuit and logic simulation, fully complementary CMOS logic, pseudo-nMOS logic, dynamic CMOS logic, pass-transistor logic, clocking strategies; sub system design: ALUs, multipliers, memories, PLAs; architecture design: datapath, floorplanning, iterative cellular arrays, systolic arrays; VLSI algorithms; chip design and test: full custom design of chips, possible chip fabrication by MOSIS and subsequent chip testing.