Robust Secure Design by Increasing the Resilience of Attack Protection Blocks

Speaker: Sohrab Aftabjahani (Intel Corporation)

Abstract: The state of art secure digital computing systems heavily rely on secure hardware as the Trusted Computing Base to build upon the chain of trust for trusted computing. Attack Protection Blocks are added to the hardware to prevent an adversary from bypassing the security provided by hardware using various side channel, voltage, frequency, temperature, and other attacks. However, attackers can target the security protection features by designing experiments to understand the underlying power distribution network and its possible weaknesses. This can be used to temporarily turn off or damage the protection features by manipulation of the digital and analog voltage lines if over- and/or under- voltage protection for protection blocks is not present. Usually, in designs, the necessity of such protection has been overlooked just by the assumption that the probability of bypassing the protection without losing the functionality of the system is low. In this context, we present a robust system design approach which will enable the system to transition to a security safe (instead of unsafe) failure mode by increasing resilience of protection blocks against over- and under- voltage attacks. We show by probabilistic modeling why such attacks are possible and why our mitigation approach works.

System-on-Chip Security for the Internet of Things: Challenges and Recent Trends

Speaker: Sandip Ray (NXP)

Abstract: The Internet of Things (IoT) regime arguably began about a decade back, when the number of connected computing devices exceeded the human population. Today our environment includes billions of connected devices, coordinating and communicating to implement applications of the scale of intelligent homes, self-driving automobiles, and smart cities. The trend is towards even more proliferation of these devices with estimates of trillions within the next 15 years, representing the fastest growth for any sector at any time in the human history. Security is a critical requirements for computing systems in IoT applications. Unfortunately, in many cases, traditional security solutions are unsuitable for IoT devices, making trustworthy IoT architecture challenging.
In this talk, we look at security assurance challenges for System-on-Chip designs specifically targeted towards IoT applications. Security assurance mechanisms in current industrial practice is a highly complex activity, spanning the entire system life-cycle, and involving trade-offs and collaboration among a large number of stake-holders. Furthermore, IoT applications such as smart homes and automobiles have a long device life and critical in-field configurability and adaptation requirements. Finally, many traditional security solutions do not work for these systems due to constraints arising from unique form factor requirements, aggressive energy budget, etc. We will discuss the gaps between the current state of the practice and the assurance requirements, and some of the research initiatives undertaken to bridge these gaps. Research in the area marries several topics in computer science and engineering, including architecture, power/performance management, hardware/software co-design, and verification.

Establishing a Trust Chain in Electronic Manufacturing

Speaker: Michael Chen (Mentor)

Abstract: The continued growth of electronics, coupled with the consolidation of the semiconductor industry, will drive new multi-purpose SoCs and result in new complexities associated with managing the security of multiple chip variants as they proliferate in supply chain. The vast attack surface for potential intrusions poses increasing vulnerabilities in electronics devices threatening security, privacy, and safety. We have developed a secure end-to-end platform that enables SoC suppliers to create unique fingerprint SoCs, and a secure end-to-end design IP camouflage methodology. SoC supplier and consumer can protect their IP, authenticate chips at any point, monitor them, and gather analytics about their usage. As a result, connected SoC suppliers will be able to securely provision SoC features in the field, provide secure field updates, and improve product lifecycle management while protecting their crown jewel IP, prevent loss of revenue, and increase differentiation to their customers.

Back to the Technical Program