Consistency-based System Security Techniques

Integrated circuits (ICs) are the fundamental building blocks of essentially all computer or electronic systems. While outsourcing has become a trend in the IC industry to reduce the manufacturing cost, an untrusted foundry that has full access to the hardware may easily compromise the security of the manufactured ICs, such as embedding hardware Trojans. Due to the presence of process variation during manufacturing and the huge numbers of transistors in the ICs, the traditional system or software security mechanisms cannot address the hardware security challenges. In this talk, I will introduce a consistency-based IC characterization approach to detect and diagnose hardware Trojans. My key observation is that the behavior of the malicious hardware components exhibit inconsistent patterns in the observable side channels of the target IC, such as power and timing properties. Therefore, my approach is to characterize the gate-level IC properties and conduct consistency analysis to identify the hardware Trojans. While introducing the technical approach, I will mainly focus on how the consistency-based technique can successfully address two major challenges, namely the scalability issue and the lack of Trojan-free golden chips. In addition, I will demonstrate how a similar IC side channel characterization approach, if not controlled properly, can be leveraged by an attacker to conduct reverse engineering attacks on physical unclonable functions (PUFs), as well as the countermeasure that I have developed to prevent such attacks.