Documente Academic
Documente Profesional
Documente Cultură
Bronze Age
Not here
to
A ardware rojan is a
Malicious Modification of the
circuitry of an integrated circuit.
Bogus packaging
could disguise a
questionable chip as
legitimate one &
baking a chip for 24
hours after
fabrication could
shorten its life span
from 15 years to a
scant 6 months
Adding 1000 extra
transistors during
either the design or
the fabrication
process could create
a kill switch or a
trapdoor or could
enable access for a
hidden code that
shuts off all.
DESIGN
FABRICATION
Untrusted Third
party IP cores
Untrusted
Foundries
Untrusted if not
done in-house
Trusted if done in
house
Untrusted CAD
tools
Untrusted
automation scripts
Untrusted Libraries
****Focused ion beam is a technique used particularly in the semiconductor industry, materials
science for deposition, and ablation of materials.
Hardware Trojans
Physical
Distribution
Structure
Size
Type
Activation
Externally
Internally
Always on
Action
Conditional
Transmit
Antenna
Logic
Modify Specs
Sensor
Sensor
Modify Function
Hardware Trojans
Design
Phase
Specs
Fabrication
Abstraction
Level
System
Level
Development
Effects
Location
Change
Function
Part/Identity
Change
Specs
Processor
Internally
Externally
Test
RT Level
Leak Info
Memory
Assembly
and
Package
Gate Level
Denial of
Service
I/O
Physical
Level
Activation
Power
Supply
Clock
Always on
Triggered
Internet of Things
10 billion Devices and Counting
Everything right from your computer to your phone to
your microwave can be compromised without you ever
knowing about it.
Miscellaneous
Data centers IT Infrastructure, Personal Info
stored in Clouds, Government Systems in
Critical Setups etc
Attribute
Agency involved
to infect
Mode
Hardware Trojans
Pre fabrication embedding in
the hardware IC during
manufacturing or retrofitted
later.
Behavioral
Attribute
Software Trojans
Resides in code of the OS or
in the running applications
and gets activated whilst
execution.
Downloading malicious files
from internet or via social
engineering
methods
executing malicious files or
commonly sources USB etc.
Signatures
released
by
antivirus companies and
software patches based on
behavioral pattern observed.
Anatomy of a
Countermeasures
For
Hardware Trojans
Trojan
Detection
Approaches
Design For
Security
Prevent
Insertion
Run Time
Monitoring
Facilitate
Detection
Key Takeaway #1
Hardware is the
Root of Trust; Even
a small malicious
modification can be
devastating to
system security
Key Takeaway #2
Key Takeaway #3
Most
semiconductor
companies
OUTSOURCE their
manufacturing due
to the high capital
and operational
costs
Key Takeaway #4
Key Takeaway #5
A Hardware Trojan
is near Impossible
to detect in tests
because its
designed to trigger
in mission mode
Key Takeaway #6
http://www.eetimes.com/electronics-news/4373667/Report-reveals-fake-chips-in-military-hardware
http://www.theatlanticwire.com/technology/2011/06/us-military-fake-microchips-china/39359/
https://citp.princeton.edu/research/memory/media/
Cyber security in federal government, Booz Allen Hamilton
The hunt for the kill switch, IEEE Spectrum, May 2008
Report of the Defense Science Board Task Force on High Performance Microchip Supply, Defense Science
Board, US DoD, Feb. 2005; http://www.acq.osd.mil/dsb/ reports/2005-02-HPMS_Report_Final.pdf.
Innovation at Risk Intellectual Property Challenges and Opportunities, Semiconductor Equipment
and Materials International, June 2008.
www.darpa.mil/mto/solicitations/baa07-24/index.html
The hunt for the kill switch, IEEE Spectrum, May 2008
Towards a comprehensive and systematic classification of hardware Trojans, J Rajendran et.al.
http://larc.ee.nthu.edu.tw/~cww/n/625/6251/05DFT0603.pdf
X. Wang, M. Tehranipoor, and J. Plusquellic, Detecting Malicious Inclusions in Secure Hardware:
Challenges and
Hardware Trojan: Threats and Emerging Solutions, Rajat Subhra Chakraborty et al.
I am at :
anupam605@gmail.com
http://about.me/anupa
m.tiwari