Hardware Trojan (HT) Detection in 3-D IC Wafi Danesh Instructor: Dr. Christopher Allen EECS 713...

transcript

Hardware Trojan (HT) Detection in 3-D IC

Wafi Danesh Instructor: Dr. Christopher Allen

EECS 713 High-Speed Digital Circuit Design

Final Project Presentation

Outline

Why is Hardware Trojan (HT) a major concern ?

Hardware Trojan (HT) Classification and Detection

Introduction to 3-D IC HT Detection in 3-D IC

Outline

Outsourcing Chip Manufacturing Modern fabrication facility is costly

• $4.6 billion, Global Foundries, Fab 8, 2012[1]

• $7 billion, Intel, upgrading 7 facilities, 2009[2]

Outsourcing fabrication is preferred

4[1] www.theguardian.com[2] www.forwardthinking.pcmag.com

https://www.ventureoutsource.com

Outsourcing brings in potential chip safety issues

Each stage designated to different companies• make malicious insertions• insert counterfeit parts• modify design specification

Real-life reports:• Counterfeit part reports increased

by factor of 700, iSupply report Feb. 24, 2012.

• 1800 cases of counterfeit parts over 2 year survey, Congressional hearing Nov. 8, 2011. 5

Supply chainSource: http://chipsecurity.org

Security Challenge from Outsourcing

Outline

HT Definition

• Extra circuitry added to specified design• can cause malfunction• steal secret information• create backdoor for attack

• Architecture divided into two parts:• Trigger, activates the HT• Payload, delivers the malicious effect

HT Classification

M. Tehranipoor and F. Koushanfar, IEEE Design & Test of Computers, 2010

Example of HT Effect

Combinational triggered HT

0Triggered

Modified output

AND gate (trigger)

XOR gate (Payload)

Original output

Example of HT Effect (continued)Sequential triggered HT

RS-232 transmittermodule

Hardware Trojan

2400 bits/second

32-bit triggerTrigger probability = 1/2^32Time to trigger = 662.8 days

HT Detection

J. Francq and F. Frick, ECCTD, 2015

Outline

What is a 3D IC?

Chip consisting of multiple “tiers” of thinned-active 2D ICs

“Tiers” are layers that are stacked, bonded, and electrically connected

Connection made using “Through-Silicon-Vias (TSVs)” or “posts”

Frequency of connections is user-defined and application specific

Generic architecture of 3D IC

Development process of a 3-D IC Example of a fabricated 3-D IC, a ring oscillator circuit

Three Dimensional System Integration, A Papanikolaou, 2010

Benefits and DrawbacksAdvantages of 3D IC for HT detection:

Heterogeneous IntegrationSmall form factorReduced power consumptionDecrease in overall cost of fabrication

Disadvantages:Additional process steps for TSVHigher operating temperatureMechanical stabilityVendor interfacesStandardization

Outline

HT Detection Methods in 3-D IC

Heterogeneous mix of ICs stacked vertically in standard 3-D IC die

Each IC can be fabricated from a different vendorThe process is a type of “Split Manufacture”Aim is to prevent attacker from having a complete

picture of IC designCritical functionality fabricated by a trusted foundry

while less “security intensive” functionality shipped out to untrusted foundry

Integration of 3-D Control PlaneInitial proposed method:

Computation plane shipped to untrusted foundry whereas 3-D control plane fabricated in trusted foundry

“Posts” tap required signals needed for security logic

“Sleep transistors” reroute, override, or disable lines on the computation plane.

Computation plane thus monitored from 3-D computation plane 18

J. Valamehr et. al, ACSAC, 2010

Hardware Obfuscation

Aim is to obscure the connections in the IC netlist to the attacker: Fabrication divided into two tiers: bottom

tier, fabricated by untrusted foundry and top tier, fabricated by trusted foundry

Neltist is split among the two tiers

Attacker has access to the bottom tier

The attack has to be random as gates in bottom tier are indistinguishable

Attack will also require larger overhead of HT risking detection

19 F. Imeson et. al, USENIX, 2013

Hardware Obfuscation Example

Example is of Virtex-7 2000T

Bottom tier, contains active CMOS transistors, expensive to fabricate and outsourced

Upper tier, called “interposer”, has additional connections for digital logic gates on the bottom tier

20 F. Imeson et. al, USENIX, 2013

Security-Aware 2.5D IC DesignOriginal netlist split into 3

partitions:2 sub-netlists detailing the logic

gates involved in the IC functionalityInterposer layer containing all

connections in the netlists

Attacker cannot determine the success of attack due to obfuscation

Layout is also obfuscated in order to deter layout based attacks 21

Y. Xie et. al, ACM, 2015

THANK YOU!!!QUESTIONS?

References1. Tehranipoor, Mohammad, and Farinaz Koushanfar. "A survey of hardware Trojan

taxonomy and detection." (2010).2. Francq, Julien, and Florian Frick. "Overview of hardware trojan detection and

prevention methods." Circuit Theory and Design (ECCTD), 2015 European Conference on. IEEE, 2015.

3. Papanikolaou, Antonis, Dimitrios Soudris, and Riko Radojcic. Three dimensional system integration: IC stacking process and design. Springer Science & Business Media, 2010.

4. Valamehr, Jonathan, et al. "Hardware assistance for trustworthy systems through 3-D integration." Proceedings of the 26th Annual Computer Security Applications Conference. ACM, 2010.

5. Imeson, Frank, et al. "Securing Computer Hardware Using 3D Integrated Circuit (IC) Technology and Split Manufacturing for Obfuscation." USENIX Security. Vol. 13. 2013.

References6. Xie, Yang, Chongxi Bao, and Ankur Srivastava. "Security-Aware Design Flow for 2.5 D IC Technology." Proceedings of the 5th International Workshop on Trustworthy Embedded Devices. ACM, 2015.

Hardware Trojan (HT) Detection in 3-D IC Wafi Danesh Instructor: Dr. Christopher Allen EECS 713...

Documents