Hardware-level security and trust in many of society's microelectronic-based infrastructures, e.g., transportation, energy, etc., is inadequate. This project investigates chip-level hardware primitives that are designed to improve the security and trust in such systems. In particular, many security mechanisms depend on a secret, unique identifier that is associated with the chip or board in the system. An embedded digital signature inserted by the manufacturer is not secure because it can be extracted by adversaries. A physical unclonable function (PUF) is a recent approach for providing an entire set of secure, unique identifiers for each chip. PUFs are chip-level primitives that leverage the intrinsic and random manufacturing variations of the process technology. A PUF that measures the resistance variations in the chip's power grid is investigated as a hardware primitive for providing secure, unique identifiers. Similarly, integrated circuit trust relates to the degree of confidence one has that a fabricated instance of a chip implements only those functions described in the original specification -- nothing more and nothing less. There are increasing opportunities for adversaries to secretly change a chip's function given the trend of the industry to disseminate the chip fabrication process over many organizations. "Trust but verify" is likely the only approach to dealing with this threat. To support this verification process, a set of hardware primitives are investigated that are designed to measure the parametric, analog characteristics of chip as a means of detecting any malicious logic that might have been inserted by an adversary. A chip built in an advanced technology is used to experimentally validate the PUF and hardware Trojan detection methods.
We were able to invent and prove in hardware experiments on custom ASIC chips the feasibility of several Physical Unclonable Funcitons (PUFs). Several on-chip embebbed test structures were also designed and tested that are useful as security and trust primitives in and of themselves. We were able to demonstrate that we could reproduce over 1.6 million bits without error across a set of 9 temperature/voltage environmental corners by measuring metal resistance variations that occur across the 8 metal layers of a 90 nm test chip. A voltage-to-digital converter was designed and tested in hardware and shown to provide sufficent resolution to digitize the analog voltage produced by the transmission gate PUF. We built and tested a third PUF on an FPGA that is designed to measure delay variations in core logic functional units. We were able to show that all of our PUFs provide cryptographic quality bitstrings. We invented thresholding and triple modular redundancy techniques that were successful in reducing probability of bit flip errors to less than 1E-10. Several of these accomplishments are considered to be significant contributions to the field of PUFs. The funding provided by this grant supported 1 PhD student through her defense in 2013 and was used to support another PhD student up through the spring term of 2014.