DARPA’s SHIELD developed technologies for secure reliable authentication for ICs subject to hardware Trojans, cloning, counterfeit or recycling in Military systems that pose critical National Security Risk

Rajesh Uppal August 16, 2020 Cyber, Military Comments Off on DARPA’s SHIELD developed technologies for secure reliable authentication for ICs subject to hardware Trojans, cloning, counterfeit or recycling in Military systems that pose critical National Security Risk 1,752 Views

Outsourcing of integrated circuit (IC) and printed circuit board (PCB) design, fabrication, packaging, and testing have dramatically reduced the time and cost of product development. In doing so, this has enabled the widespread availability of microelectronics, which has indeed transformed modern life. However, unintended consequences include malicious design alteration (i.e., hardware Trojan insertion) and
the rise of the counterfeit electronics industry.

Time to market demand has forced integrated circuit design, manufacturing and testing to be done at different places across globe. This approach has led to numerous security concerns like overbuilding of chips from foundries, IP protection, counterfeiting and hardware Trojans. A counterfeit part is manufactured by the OEM and presented as new, but the performance and reliability of the part is questionable. Components may be recycled or remarked, they may have not passed OEM tests, they may be unlicensed or over manufactured. A cloned part is not manufactured by the OEM but may be designed to mimic the performance of the authentic part. Copies may be manufactured in foreign plant, or new design of reverse-engineered components using stolen IP, potentially with altered function to appear the same.

A 2012 Senate Armed Services Committee report on counterfeit electronic parts in the DoD supply chain found counterfeit parts to be a widespread problem in the defense supply chain. Faulty or fake components present a critical risk in military systems, electronics systems and sensors, where a malfunction of a single part could endanger missions and lives. The “supply chain” is how the Pentagon refers to its global network of suppliers that provide key components for weapons and other military systems.

Between semiconductor design, manufacturing and packaging, PCB production, and distribution a single chip can pass through more than 14 different locations. Post initial use, ICs are often shipped to a developing country, stripped from their boards, refurbished and remarked, and repackaged and sold again. During this process uncontrolled heating or mishandling can lead to immediate failure or latent electrostatic discharge failures. Because of these factors, its nearly impossible to know whether a particular IC is genuine or up to performance standards.

However, the increasingly complex nature of the global supply chain means that even primary government contractors have difficulty keeping track of subcontractors they rely on for many products. No one knows just how many recycled or counterfeit parts the government uses. “Right now, it is really difficult to tell the difference between recycled parts and new parts,” said Serge Leef, program manager of DARPA’s Supply Chain Hardware Integrity for Electronics Defense program. “They just end up back in our supply chain and get purchased without people really knowing.”

Apart from Counterfeit electronic components there is also risk of Hardware Trojans (HT), which are malicious circuit inclusions into the design from an adversary with an intention to damage the functionality of the chip at a much later date or leaking confidential information like keys used in cryptography. The hardware Trojans are designed in such a way that they are triggered only after the occurrence of rare event in the design or by a very rare inputs.

With all of these issues it is hard to tell whether a part is genuine. Visual inspection is time consuming and not always fully accurate. Each part must be carefully and manually inspected, but Trojan hardware attacks can easily escape close visual inspection. Instead of adding additional circuitry to the target design, hardware Trojans are made by changing the polarity of existing transistors. Since the modified circuit appears legitimate on all wiring layers (including all metal and polysilicon), it is resistant to most detection techniques, including fine-grain optical inspection and checking against original design specifications.

The Defense Advanced Research Projects Agency (DARPA) launched SHIELD whose goal was to eliminate counterfeit integrated circuits from the electronics supply chain by making counterfeiting too complex and time-consuming to be cost effective. It aimed to stop counterfeit electronic parts from entering the supply chain by implementing an authentication solution consisting of a miniaturized chip called a dielet, developed by Northrop Grumman, and software to validate the authenticity of electronic parts, being developed by RFID Global Solution. DARPA has begun development of tiny semiconductor chiplets known as “dielets,” which will enable the companies that install those microchips in circuit boards and other components to check whether the integrated circuits have been altered or substituted with fakes. DARPA’s SHIELD program

Parts and components are first “enrolled” in a database — the earlier in the production lifecycle the better — and given a unique ID number that can later be queried through a radio frequency wand. The wand can also ping the dielets, which contain a number of passive sensors, for a range of information. When activated by radio frequency, dielets share data on temperature changes, light exposure and other signs that a device has been opened or had parts removed, whether through brute force or more delicate manipulation of circuit boards.

SHIELD is now in the final phase of development, being road-tested by partners in the electronics supply chain. The US Defense Advanced Research Projects Agency (DARPA) has started working with IBM to integrate its SHIELD electronics anti-counterfeit system with the tech giant’s blockchain platform. “With this integration, IBM and DARPA are leveraging the open source Hyperledger platform with SHIELD to provide enhanced trust for smart contracts,” said DARPA in a tweet to announce the collaboration.

DUST Identity, a startup founded in 2018 by former MIT Media Lab researcher Ophir Gaathon, aims to accomplish the same kind of authentication for IT hardware using a different material: diamonds.

Counterfeit Microelectronics, a National Security Risk

Counterfeit electronic components such as microchips are a major problem for the Defense Department, where a single malfunctioning part can reduce reliability and threaten the lives of soldiers. A 2011 Senate Armed Services Committee investigation found at least 1,800 cases of counterfeit parts in U.S. weapons and about 1 million suspected counterfeit parts in the supply chain. In a single missile interceptor system, the Missile Defense Agency found 800 fake parts; costing over $2 million to replace them.

Suspect counterfeit parts found in some of the military’s equipment included a component part in the SH-60B Helicopter’s Forward Looking InfraRed System, a memory chip in the L-3 Display System on the USAF’s C-130J and C-27J cargo planes, and an ice detection module on a Navy P-8A Poseidon commercial airplane. All three parts were traced to manufacturing plants located in China.

There are other threats. Side Channel Attacks (SCA) is another well-known attack on cryptographic circuits to leak the key used in encryption of the secret data. The adversary can use power side channel, timing side channel to get the key. The recent literature reports attacks based on EM waves and LASERs. Another well known SCA is based on test structures (Design for Testability circuits) inside the chip. There are also concerns of Intellectual Property (IP) Protection, The IP used in products and solutions from original equipment manufacturers (OEM) should be protected.

DARPA’s Supply Chain Hardware Integrity for Electronics Defense (SHIELD)

The Supply Chain Hardware Integrity for Electronics Defense (SHIELD) is designed to ensure the US Department of Defense knows where components were built, when they claimed to have been built, who has had custody of those parts throughout the logistics process, and have those parts been compromised, Kerry Bernstein, a programme manager in the Microsystems Electronics Office for DARPA, and the programme manager for SHIELD, told Jane’s.

SHIELD takes the form of a 100 x 100 micrometre chip that includes NSA-level encryption, sensors, near-field power and communications that can be inserted into the packaging of an integrated circuit. DARPA describes it as a hardware “root of trust” – in addition to allowing the IC to be authenticated using an external probe, the dielet can detect any attempt to access or reverse engineer it, and self-destruct to avoid getting into the wrong hands. Each of these dielets will have features and functions remarkable for their scale, among them two-way radio communication, on-board encryption, an energy harvesting function that casts away the need for a battery, and passive sensors for tamper-detection—all the while consuming less than 50 microwatts and costing the equivalent of the portion of a penny occupied by Lincoln’s head, that is, a fraction of a cent.

SHIELD program began in 2015, and is currently in its demo phase in 2019, demonstrating component authentication performed using a challenge-response protocol with an AES encryption engine and the secret key stored on the chip. DARPA has now moved SHIELD into phase 3 testing phase. It will check the integrity of electronic components using a nearly microscopic sensor and an iPhone to immediately verify results on the trustworthiness of parts. SHIELD is a taggant; it resides on the package and can be read robotically on the line, but our proof of concept is that it is actually read with a probe plugged into an iPhone or smartphone,” Bernstein said.

“We are on track to build the world’s smallest highly integrated computer chip. If we succeed, then an untrained operator at any place along the supply chain will be able to interrogate the authenticity of any component used by the Defense Department or in the commercial sector, and get high-confidence results back immediately, on site, securely and essentially for free.” said Kerry Bernstein from DARPA. The intent of SHIELD is that at any time and any place an untrained operator with no special equipment can check the integrity of components.

To effectively serve as a practical solution for manufacturers, SHIELD must overcome a number of hurdles. Current technologies, like barcodes and RFID tags, are either ineffective or expensive to use at scale, meaning production costs for the dielets must be extremely low. Leef said the project is targeting a price point of one cent per dielet.

To do that, DARPA had to develop five core technologies. Bernstein noted all five have been demonstrated and function correctly. The technologies are standalone so they can be used in other applications. Those five technologies include an immutable hardware root of trust. “It has a 100,000 transistor on board encryption engine and it is open standard so whoever uses this can pull out our AES [Advanced Encryption Standard] engine and drop in their own. We wish to be trustworthy especially in the era where people are concerned about the theft of IP [intellectual property] and backdoors,” he said.

The 100 micrometer x 100 micrometer “dielet” will act as a hardware root of trust, detecting any attempt to access or reverse engineer the dielet. Authentication of the IC will be achieved through the use of an external probe that can provide power to the dielet, establish a secure link between the dielet and a server as well as verify the provenance of the IC. The chip has 2 chip antennas, one for 5.8 GHz power and the other for 3.6 GHz half-duplex data communication.

The SHIELD dielet design incorporates passive, unpowered sensors capable of capturing attempts to image, de-solder, de-lid or image the IC; mechanical processes that make the dielet fragile and prevent intact removal from its package; a full encryption engine and advanced near-field technology to power and communicate with the dielet.

Since the purpose of the dielet is to secure the supply chain for electronic components, the authentication server must be secure. The server is written in the Scala and hosted on Amazon Web Services (AWS). Users who are programming or authenticating dielets use OpenID Connect. The server takes place via a VPN connection and Transport Layer Security (TLS/HTTPS). When dielets are enrolled on the server, IDs and cryptographically secure keys are provided, and stored securely using the AWS Key Management Service. The dielet’s 32-bit sensor fingerprint is read and securely stored on the server as well.

Identifying information on each dielet would be read using a penlike probe plugged into a smartphone. Rather than containing its own power source a dielet would be inductively powered by the probe, which would communicate via radio frequency signals when placed within a half millimeter of the chiplet. The probe would relay encrypted information to an app on the smartphone, which would then connect via the internet with a database to confirm the dielet’s serial number. It would also read the dielet’s GPS location to make sure the chip is where it is supposed to be as well as check other unique characteristics. If the probe gets no response or if there are inconsistencies between the chip’s data and that stored in the integrated circuit inventory database—along with any device in which it might be installed—the circuit would be put aside for further inspection.

During authentication the an android device initiates the transaction by requesting a 128-bit nonce from the server, which is generated cryptographically secure. The nonce is passed from the Android device to a reader, which transmits it to the dielet. The dielet returns the AES-encrypted nonce and measured sensor fingerprint to the reader, together with its ID in the clear. The response packet is passed to the server, which authenticates the message and, if authentic, uses the dielet’s ID to look up its key, and decrypts the nonce and fingerprint. If the decrypted nonce has the same value as what was originally sent, and the fingerprint has the correct enrolled value, with some margin for variation, this indicates that the dielet is authentic and is in its original host package, and the server responds with a message that the dielet has passed authentication, as well as metadata about the transaction (Kane et al. N.D).

With the SHIELD program, DARPA wants to develop dependable, yet inexpensive technology which will provide unprecedented levels of assurance against recycled components that are sold as new; unlicensed overproduction of authorized components; test rejects and sub-standard components sold as high-quality; parts marked with falsely elevated reliability or newer date of manufacture; low-quality clones and copies that may include hidden functionality; and components that are covertly repackaged for unauthorized applications, DARPA officials say.

The goal of this passive RF dielet provides secure reliable authentication for ICs which may be subject to hardware Trojans, cloning, counterfeit or recycling which can create performance issues. Because ICs change hands so frequently, solution must exist that can confirm the identity of specific ICs and not simply their part number.

SHIELD awards

Officials of the U.S. Defense Advanced Research projects Agency (DARPA) in Arlington, Va., announced $12.3 million contract to Northrop Grumman for the agency’s Supply Chain Hardware Integrity for Electronics Defense (SHIELD) program. DARPA also has announced a $4.1 million contract to Draper Lab for the SHIELD program. Northrop Grumman and Draper will develop a tool to verify the trustworthiness of protected electronic components without disrupting or harming the system into which they have been designed.

RFID Global Delivers Supply Chain Innovation For DARPA’s SHIELD Program

RFID Global Solution, under contract from Northrop Grumman, has led the development of an enterprise-class electronics parts authentication application. If successful, the technology would help provide a secure, scalable authentication solution suitable for global roll-out to commercial and defense electronics manufacturers and their customers. The SHIELD program aims to eliminate counterfeit parts at a fraction of the cost of today’s manual processes, and will transition to commercial release in 2019.

DARPA awarded a $12.3 million contract to Northrop Grumman Corporation and its partners for the agency’s SHIELD (Supply Chain Hardware Integrity for Electronics Defense) program in 2015. SHIELD aims to stop counterfeit electronic parts from entering the supply chain by implementing an authentication solution consisting of a miniaturized chip called a dielet, under development by Northrop Grumman, and software to validate the authenticity of electronic parts, being developed by RFID Global Solution.

“The foundation of our SHIELD solution is an advanced 100Âµm x 100Âµm x 20Âµm near-field RFID “dielet” fabricated on 14nm CMOS. This dielet, which is targeted to cost about 1 cent, will be embedded in a host component’s packaging and provides a hardware root-of-trust through the integration of advanced key protection and cryptographic techniques. The authenticity of an electronic component can be checked and verified using an RF probe to energize and read the dielet, retrieving component data from a centralized secure database over an internet connection,”

“Our Visi-Trac application for DARPA SHIELD enables real-time authentication of components on a world-wide scale,” said Diana Hage, Chief Executive Officer of RFID Global Solution, Inc. “We are excited to be on the ground floor of such a monumental and important initiative.”

DUST Identity authentication for IT hardware using a diamonds.

DUST Identity, is working on developing unclonable security tags composed of microscopic diamond dust that can be applied in a variety of ways (spray coating, dipping or even stickers) onto devices, parts and components that creates a “a very complex fingerprint” that can be used to catalogue and scan items for identity and provenance.

Why diamonds? “You really want a material that lasts forever … where there’s no concern about degradation of the technology over time,” Gaathon said. Gaathon told FCW the company purchases bulk “waste” diamond dust from the abrasive industry — ones too small to be of value — that are later purified and nanoengineered to contain defects that can store unique identifying information. It’s the same principle underlying a 2017 study by MIT researchers that found diamond-defect optical circuits could store information to advance the development of quantum computing.

DUST Identity offers the first-ever unclonable, and uncompromisable security tracking solution for hardware authentication. The startup, born at the MIT, developed its core technology under a DARPA funded program into a commercial product and enterprise solution for modern supply-chain security and manufacturing. DUST Identity was founded by Ophir Gaathon, PhD, Jonathan Hodges, PhD, and Dirk Englund, PhD, and its technology was developed to address a key pain point for businesses experiencing new vulnerabilities and security disruptions as their global supply chains became more complex and dynamic.

“DUST Identity is introducing a scientifically-backed solution for supply chain management fit for mission-critical enterprises – from military defense to automation to healthcare – who prioritize security first, but also want tools that are cost-efficient and easy to deploy,” said Ilya Fushman, General Partner at Kleiner Perkins. “DUST Identity’s technology is truly cutting-edge and we’re excited to partner with this unique team of scientists, engineers and technologists.”

The product, Diamond Unclonable Security Tag (DUST), is an inexpensive, invisible and easy-to-apply coating of tiny diamonds that allow a manufacturer or enterprise to combine high-security authentication with full lifecycle tracking that traces down to the component level. An optical scanner and cloud-based infrastructure provides an interface to the object identity and provenance.

“What we’ve built is a game changer for supply-chain security,” said Ophir Gaathon, CEO and Co-founder, DUST Identity. “Lack of hardware integrity can have a devastating impact on many levels, and our goal is to elevate the entire business operations ecosystem with more accountability and transparency. We help Enterprises and Governments to prevent hardware tampering and data breaches, improve suppliers trust, and modernize supply chain data management. Compared to other technologies such as RFID, holograms or barcodes, our proprietary solution is significantly more secure, durable, agile, customizable and cost effective.”

DUST Identity is working with some of the U.S. government’s biggest agencies as well as leading technology leaders in supply chain and business operations including SAP to ensure the integrity of critical assets. The company’s holistic approach to verifiable provenance is an essential piece of the integrity solution.