PCB Netlist Obfuscation with Micro Electro Mechanical Systems and Additive Manufacturing Techniques (original) (raw)
Related papers
2020
The fabrication of digital Integrated Circuits (ICs) is increasingly outsourced. Given this trend, security is recognized as an important issue. The threat agent is an attacker at the IC foundry that has information about the circuit and inserts covert, malicious circuitry. The use of 3D IC technology has been suggested as a possible technique to counter this threat. However, to our knowledge, there is no prior work on how such technology can be used effectively. We propose a way to use 3D IC technology for security in this context. Specifically, we obfuscate the circuit by lifting wires to a trusted tier, which is fabricated separately. This is referred to as split manufacturing. For this setting, we provide a precise notion of security, that we call k-security, and a characterization of the underlying computational problems and their complexity. We further propose a concrete approach for identifying sets of wires to be lifted, and the corresponding security they provide. We conclu...
2013
The fabrication of digital Integrated Circuits (ICs) is increasingly outsourced. Given this trend, security is recognized as an important issue. The threat agent is an attacker at the IC foundry that has information about the circuit and inserts covert, malicious circuitry. The use of 3D IC technology has been suggested as a possible technique to counter this threat. However, to our knowledge, there is no prior work on how such technology can be used effectively. We propose a way to use 3D IC technology for security in this context. Specifically, we obfuscate the circuit by lifting wires to a trusted tier, which is fabricated separately. This is referred to as split manufacturing. For this setting, we provide a precise notion of security, that we call k-security, and a characterization of the underlying computational problems and their complexity. We further propose a concrete approach for identifying sets of wires to be lifted, and the corresponding security they provide. We conclu...
A structure for protection of security-sensitive ICs against attacks through silicon backside
2021
Security sensitive integrated circuits (ICs) are subject to hardware attacks on secure data. In the past few years, optical signal tracking methods accessing the IC through the chip backside have become the most successful attack risks. Modern ICs are equipped with various hardware and software countermeasures to protect secret data and intellectual property (IP) against known attacks. These countermeasures include protective mesh layers, different sensors, shields, and physically unclonable functions (PUFs). However, the chip backside is still exposed, and proper and affordable protection of the IC backside against focused ion beam (FIB) and optical attacks is missing. Accordingly, the available countermeasures can be circumvented by attacks through the silicon back surface. This work presents, realizes and develops an efficient and cost-effective structure to protect ICs against hardware attacks through the chip backside. Since there is no costefficient way to connect the backside to the frontside electrically, a proper protection structure for the backside must be based on optics. The structure presented here is an optically active thin film that is deposited on the IC back surface. The integrity of the layer is checked by an optical signal generated and detected inside the chip using IC elements. The protective layer is opaque to the infrared light and provides an angledependent reflectivity. Thus, the laser light cannot penetrate the IC, and the photon emission of the IC structure cannot leave the IC through the silicon backside. In the developed protection method, the IC structures are administrated as a light-emitting device and light-sensing devices. A p-n junction is forward-biased to emit an optical signal in all directions toward the IC backside. The light reflected from the IC backside is absorbed by several reverse-biased p-n junctions (drain or source of the transistors), creating a photocurrent. The layer changes the intensity of the reflected light depending on the angle of incidence of the light. Therefore, the photocurrent of the detectors is a signature of the layer. If the layer is damaged or removed, the signal of the detectors will change. Then, the device will not be able to confirm the integrity of the layer. Subsequently, the secret data stored on the device will be destroyed. In order to achieve an efficient protection structure, parameters including optical signals, the light emitter, detectors, the protection layer, and the position of the structures are optimized together. In this work, two optically active thin films that are qualified for this purpose are designed and produced by the sputtering method. The layers are characterized by ellipsometry and the Automated reflectance/transmittance analyzer (ARTA). The concept of the protection mechanism is evaluated by electrical measurements on the IC structure. The photocurrent of the detectors is analyzed when the layer is deposited on the IC backside and when the layer is removed. The results have confirmed the effect of the layer on the photocurrent of the detectors. Hence, any harms to the layer can be detected by electrical measurements on the IC circuit. This work also discusses the x Automatisierter Reflexions-/Durchlässigkeitsanalysator (ARTA) charakterisiert. Das Konzept des Schutzmechanismus wird durch elektrische Messungen an der IC-Struktur bewertet. Der Fotostrom der Detektoren wird sowohl analysiert, wenn die Schicht auf der IC-Rückseite aufgebracht ist, als auch wenn die Schicht entfernt wurde. Die Ergebnisse bestätigen den Einfluss der Schicht auf den Photostrom der Detektoren. Folglich können eventuelle Schädigungen der Schicht durch elektrische Messungen an der IC-Schaltung nachgewiesen werden. In dieser Arbeit werden auch die Vor-und Nachteile des Schutzmechanismus diskutiert und Möglichkeiten der Anwendung untersucht. Diese Untersuchungen lassen den Schluss zu, dass die Schutzstruktur, nach der Optimierung der kritischen Parameter, zu einer vollständigen Gegenmaßnahme wird. Es wäre ein sehr kostengünstiges Verfahren und in der Lage, sowohl physische als auch optische Angriffe durch die Chip-Rückseite zu verhindern. Diese Schutzstruktur kann für alle Arten von sicherheitsempfindlichen ICs mit unterschiedlicher Größe, Technologie und Dicke verwendet werden.
Capacitive PCB Security for Active Tamper and Alteration Detection
2018
The purpose of the research presented is to establish the viability of using capacitive based sensors for the purpose of hardware security at the Printed Circuit Board (PCB) level. Capacitive sensors are traditionally used to sense changes to the areas surrounding the sensing pads in applications such as sensing proximity, position, humidity, fluid levels and much more. The specific sensor used for this research is an inductor-capacitor (LC) based Capacitance-to-Digital Converter. This configuration is virtually immune to EM noise because it is a tank circuit and therefore filters out the noise which, in the past, caused reliability issues with these types of sensors. The research results show that the security system is capable of detecting active tampering as well as sensing extremely small physical alterations made to the PCB, even if those changes occurred when the system was powered down. In addition to establishing the viability of capacitive based PCB security, we assessed th...
Security Challenges of Additive Manufacturing with Metals and Alloys
IFIP Advances in Information and Communication Technology, 2015
Cyber-physical systems are under constant and increasing attacks as components of the critical infrastructure. Additive manufacturing systems are a new class of cyber-physical systems that produce threedimensional objects layer by layer. Agencies and companies such as NASA, the European Space Agency, General Electric and SpaceX have explored a broad range of application areas for additive manufacturing, including creating functional parts of safety-critical systems such as jet engines. The range of application areas and dependence on computerization makes additive manufacturing an attractive target for attackers. This chapter focuses on attacks that seek to change the physical properties of additive-manufactured components. Such attacks can weaken, damage or destroy manufactured components and, in scenarios where weak or damaged components are used in safety-critical systems, potentially endanger human lives. Attacks intended to damage additive manufacturing equipment and additive manufacturing environments are also discussed.
FLAW3D: A Trojan-Based Cyber Attack on the Physical Outcomes of Additive Manufacturing
IEEE/ASME Transactions on Mechatronics
Additive Manufacturing (AM) systems such as 3D printers use inexpensive microcontrollers that rarely feature cybersecurity defenses. This is a risk, especially given the rising threat landscape within the larger digital manufacturing domain. In this work we demonstrate this risk by presenting the design and study of a malicious Trojan (the FLAW3D bootloader) for AVR-based Marlin-compatible 3D printers (>100 commercial models). We show that the Trojan can hide from programming tools, and even within tight design constraints (less than 1.7 kilobytes in size), it can compromise the quality of additively manufactured prints and reduce tensile strengths by up to 50%.
IEEE Transactions on Emerging Topics in Computing
Split manufacturing (SM) and layout camouflaging (LC) are two promising techniques to obscure integrated circuits (ICs) from malicious entities during and after manufacturing. While both techniques enable protecting the intellectual property (IP) of ICs, SM can further mitigate the insertion of hardware Trojans (HTs). In this paper, we strive for the "best of both worlds," that is we seek to combine the individual strengths of SM and LC. By jointly extending SM and LC techniques toward 3D integration, an up-and-coming paradigm based on stacking and interconnecting of multiple chips, we establish a modern approach to hardware security. Toward that end, we develop a security-driven CAD and manufacturing flow for 3D ICs in two variations, one for IP protection and one for HT prevention. Essential concepts of that flow are (i) "3D splitting" of the netlist to protect, (ii) obfuscation of the vertical interconnects (i.e., the wiring between stacked chips), and (iii) for HT prevention, a security-driven synthesis stage. We conduct comprehensive experiments on DRC-clean layouts of multi-million-gate DARPA and OpenCores designs (and others). Strengthened by extensive security analysis for both IP protection and HT prevention, we argue that entering the third dimension is eminent for effective and efficient hardware security.
Manufacturing and Security Challenges in 3D Printing
JOM, 2016
As the manufacturing time, quality, and cost associated with additive manufacturing (AM) continue to improve, more and more businesses and consumers are adopting this technology. Some of the key benefits of AM include customizing products, localizing production and reducing logistics. Due to these and numerous other benefits, AM is enabling a globally distributed manufacturing process and supply chain spanning multiple parties, and hence raises concerns about the reliability of the manufactured product. In this work, we first present a brief overview of the potential risks that exist in the cyber-physical environment of additive manufacturing. We then evaluate the risks posed by two different classes of modifications to the AM process which are representative of the challenges that are unique to AM. The risks posed are examined through mechanical testing of objects with altered printing orientation and fine internal defects. Finite element analysis and ultrasonic inspection are also used to demonstrate the potential for decreased performance and for evading detection. The results highlight several scenarios, intentional or unintentional, that can affect the product quality and pose security challenges for the additive manufacturing supply chain. *Though the term ''3D printing'' traditionally referred only to deposition methods, we are following the popular trend to equate this term with AM.
SAT-Attack Resistant Hardware Obfuscation using Camouflaged Two-Dimensional Heterostructure Devices
2020
Reverse engineering (RE) is one of the major security threats to the semiconductor industry due to the involvement of untrustworthy parties in an increasingly globalized chip manufacturing supply chain [1-5]. RE efforts have already been successful in extracting device level functionalities from an integrated circuit (IC) with very limited resources [6]. Camouflaging is an obfuscation method that can thwart such RE [7-9]. Existing work on IC camouflaging primarily uses fabrication techniques such as doping and dummy contacts to hide the circuit structure or build cells that look alike but have different functionalities. While promising these Si complementary metal oxide semiconductor (CMOS) based obfuscation techniques adds significant area overhead and are successfully decamouflaged by the Satisfiability solver (SAT)-based reverse engineering techniques [9-13]. Emerging solutions, such as polymorphic gates based on giant spin Hall effect (GSHE) are promising but adds delay overhead in hybrid CMOS-GSHE designs restricting the camouflaging to a maximum of 15% of all the gates in the circuit. Here, we harness the unique properties of two-dimensional (2D) transition metal dichalcogenides (TMDs) including MoS2, MoSe2, MoTe2, WS2, and WSe2 and their optically transparent transition metal oxides (TMOs) to demonstrate novel area efficient camouflaging solutions that are resilient to SAT-attack and automatic test pattern generation (ATPG) attacks. We show that resistors with resistance values differing by 8 orders of magnitude, diodes with variable turn-on voltages and reverse saturation currents, and field effect transistors (FETs) with adjustable conduction type, threshold voltages and switching characteristics can be optically camouflaged to look exactly similar by engineering TMO/TMD heterostructures allowing hardware obfuscation of both digital and analog circuits. Since this 2D heterostructure devices family is intrinsically camouflaged, NAND/NOR/AND/OR gates in the circuit can be obfuscated with significantly less area overhead allowing 100% logic obfuscation compared to only 5% for CMOS-based camouflaging. Finally, we demonstrate that the largest benchmarking circuit from ISCAS'85, comprised of more than 4000 logic gates when obfuscated with the CMOS-based technique are successfully decamouflaged by SAT-attack in less than 40 minutes; whereas, it renders to be invulnerable even in more than 10 hours, when camouflaged with 2D heterostructure devices thereby corroborating our hypothesis of high resilience against RE. Our approach of connecting unique material properties to innovative devices to secure circuits can be considered as one of its kind demonstrations, highlighting the benefits of cross-layer optimization.
Techniques for enhanced physical-layer security
GLOBECOM - IEEE Global Telecommunications Conference, 2010
Page 1. Techniques for Enhanced Physical-Layer Security Pedro C. Pinto, Student Member, IEEE, João Barros, Member, IEEE, and Moe Z. Win, Fellow, IEEE AbstractInformation-theoretic securitywidely accepted as the ...