MONDAY July 20, 1:30pm - 3:00pm
Tutorial 11 Part 1: Security Opportunities and Challenges of Emerging Technologies

Swaroop Ghosh - Pennsylvania State Univ., State College, PA
Ramesh Karri - New York Univ. Tandon School of Engineering, NY
Shivam Bhasin - Nanyang Technological Univ., Singapore, Singapore
Charles Thooris - Secure-IC SAS, Singapore, Singapore
Swaroop Ghosh - Pennsylvania State Univ., State College, PA
Ramesh Karri - New York Univ. Tandon School of Engineering, NY
Information security has emerged as an important system and application metric. Satisfying the functionality, frequency and Thermal Design Power (TDP) in today’s highly integrated circuits and systems is not adequate. Ensuring the trustworthiness and security of the design parts and overall system is the de-facto component of the design goal. This is largely due to the profit-driven business model that involves ‘untrusted’ third party in every step of Integrated Circuit (IC) manufacturing process ranging from design, synthesis, layout all the way to fabrication and packaging. The latest trend of integrating third party Intellectual Property (IP) blocks in the system makes the problem more intricate. Broadly the attacks could fall under: (i) Malicious modifications: Malware codes Secure-IC Pte Ltd such as hardware Trojans can be inserted in the ICs which once triggered leaks information, cause denial-of-service and malfunction to name few, (ii) Cloning/Fake IC: The adversary can copy the design, fabricate and sell at discounted price to lower the profit margin of genuine design. Another objective is to gain access to secure contents by impersonation, (iii) Hacking/snooping: The adversary snoops the communication in the channel to crack the secret key for malicious intent such as impersonation, hacking etc., (iv) Side Channel Attacks: Side channels e.g., current, voltage and timing are monitored to leak the secret information and extract secret keys, (v) Reverse Engineering: The design details are decoded, IC is hacked and secret information is stolen, (vi) IC Recycling: The discarded ICs from unused boards are recycled at lower price for profitability. Although software based security solutions are easy to implement, hardware solutions such as, encryption engines, Physically Unclonable Functions (PUFs), True Random Number Generators (TRNGs), hash functions, tamper detection sensors have shown great promise to meet power/performance while uncovering and solving emerging security issues such as, Trojan insertion, IC recycling, chip cloning and side channel attacks. This tutorial dive into the hardware security issues and design of security primitives for authentication, key generation, data encryption, device identification, digital forensics, tamper detection, and thwarting reverse engineering, and, trojan detection techniques. It will also cover the security assessment and certification. Finally, the outstanding challenges in hardware security will be summarized. The first part of this tutorial will motivate the need to investigate hardware security. It will cover the semiconductor supply chain vulnerabilities and focus on IP theft, and, state-of-the-art obfuscation techniques. The second part will cover physical attacks on hardware including side channel attacks, fault injection attacks and micro-architectural leakage attacks countermeasures. The third part will present various aspects of logic and memory trojans, detection and countermeasures. The final part will explore the aspect of security assessment and certification. Finally, we will investigate the impact of security vulnerabilities on a complete systems and methods to evaluate its resilience from the specifications up to real life.