Hardware trust has become important and has seen major growth over the last several years. There is a large and active group of academic and industry researchers working on various aspects of the hardware trust problem. However, most research in this area is currently carried out in an ad-hoc fashion and results are reported using figures of merit that prevent objective cross-field comparisons of Trojan detection schemes.
A few benchmark circuits infected with hardware Trojans (called trust benchmarks) are developed. The trust benchmarks pass a thorough test procedure and several detection techniques. To support further validation of the trust benchmarks, hardware platforms are developed to validate trust benchmarks and a web portal is set up to make the benchmarks and hardware platforms available to help accelerate research in hardware security and trust. Technical meetings are scheduled to collect feedbacks from experts in the community about the benchmarks and hardware platforms.
The intellectual merit of this proposal include development of (i) a detailed taxonomy for Trojans, (ii) a set of static trust benchmarks, (iii) a number of hard-to-detect Trojans, (iv) hardware platforms for hardware emulation and validation of Trojan detection methods, and (v) a repository called Trust-Hub. A trust benchmark is selected for fabrication using the MOSIS program.
Our project was aiming to develop approaches, paradigms, techniques, and tools for ensuring and quantifying hardware and system security. In terms of intellectual merit, the obtained results can be classified in three broad dimensions: (i) new security paradigms; (ii) new hardware and system security attacks; and (iii) implementation and system defense techniques and tools. We have developed four major new system security paradigms. While process variation based randomness has been playing central role in hardware security since its beginning, we have created techniques that employ device aging to either increase or reduce the process variation-based randomness. Essentially, each transistor and wire are subject of reduction of their performance and alternation of their properties such as threshold voltage if they are exposed to demanding operation conditions. For example, when a transistor acts as open switch, its channel is under stress. We proposed that we intentionally expose devices to such conditions in order to alter the randomness and other characteristics of the overall chip. Our second security paradigm is full accountability where each device is characterized at gate or transistor level and used to establish the trust level of the integrated circuit in terms is there malicious circuitry or not. Our third system security paradigm paradigm is use of variable supply voltage to enable partial or full characterization of the integrated circuit. Variable voltage has nonlinear impact on delay and leakage energy and therefore eliminates all linear dependency that often prevent gate level characterization. Our final paradigm is that one can use all resources on the chip at all time instances in such a way to prevent security attacks. A special attention is placed to minimize addition energy consumption. We also have created four new system security attacks. The one uses unavoidable device aging to activate particular Trojan horse. The second employs manipulations of power supply network in order to create security attack. The third one uses operations conditions such as higher temperatures to activate security attack. Finally, we demonstrated how dopant manipulation can be used to create undetectable security attacks because any hardware trojan horse can be interpreted as the impact of process variation. Finally we have developed three system and hardware defense techniques. The first system and hardware technique uses variable supply voltage to rapidly detect Trojan horse. The second intentionally employs device aging for the same purpose. The third technique enables complete controllability and observability of each transistor and wire through use of localized delays measurements. The localized measurements enable that even low accuracy results are sufficient for accurate gate level characterizations. In terms of broader impact, we targeted four audiences: students, fellow researchers, industry, and government officials. We have created two new graduate course on hardware and system security that are used in combination with individual research to educate several research experts that in meantime joined industrial research labs and research and development groups of leading companies such as Adobe, Google, and Samsung. In addition several lectures are presented to UCLA undergraduate students that indicated a high interest in the topic. The new paradigms and our new security attacks enabled and inspired a significant number of our fellow researcher colleagues to better conduct their research as indicated by a higher number of citations to our papers. Finally, partly due to our efforts now both leading industrial companies and government official were able to better organize and conduct their efforts related to starting industrial hardware and system security and corresponding promotion of the topic. One potential indicator of our impact is that Design Automation Conference started a new track on hardware and system security. Our research group had the largest number of hardware and system security papers at Design Automation Conference until now.
