International Defense Security & Technology Your trusted Source for News, Research and Analysis
Commercially available ICT solutions present significant benefits including low cost, interoperability, rapid innovation, a variety of product features, and choice among competing vendors. However, the same globalization and other factors that allow for such benefits also increase the risk of a threat event which can directly or indirectly affect the ICT supply chain, often undetected, and in a manner that may result in risks to the end user. These ICT supply chain risks may include insertion of counterfeits, unauthorized production, tampering, theft, insertion of malicious software and hardware, as well as poor manufacturing and development practices in the ICT supply chain
Counterfeit electronic components such as microchips are a major problem for the Defense Department, where a single malfunctioning part can reduce reliability and threaten the lives of soldiers. A 2011 Senate Armed Services Committee investigation found at least 1,800 cases of counterfeit parts in U.S. weapons and about 1 million suspected counterfeit parts in the supply chain. In a single missile interceptor system, the Missile Defense Agency found 800 fake parts; costing over $2 million to replace them.
Between semiconductor design, manufacturing and packaging, PCB production, and distribution a single chip can pass through more than 14 different locations. Post initial use, ICs are often shipped to a developing country, stripped from their boards, refurbished and remarked, and repackaged and sold again. During this process uncontrolled heating or mishandling can lead to immediate failure or latent electrostatic discharge failures. Because of these factors, its nearly impossible to know whether a particular IC is genuine or up to performance standards.
Hardware Trojans (HT), which are malicious circuit inclusions into the design from an adversary with an intention to damage the functionality of the chip at a much later date or leaking confidential information like keys used in cryptography. Time to market demand has forced integrated circuit design, manufacturing and testing to be done at different places across globe. This approach has led to numerous security concerns like overbuilding of chips from foundries, IP protection, counterfeiting and hardware Trojans.
A hardware Trojan can be designed as a time bomb to disable and/or destroy a system at some future time. Hardware Trojans can be inserted at any stage of the design flow by an adversarial third party to tamper the original design. It is important to establish a root of trust from design house to supply chain. To distinguish malicious alterations in the design, authors have used power as the side-channel signal. To make the Trojan(s) more observable on outputs, voltage switching on supply rails to alter the circuit logic has also been proposed. Additional gate delay could be introduced by Trojan(s) which can be exploited and it will alter the delay signature of the path where it occupies. In pre-silicon stage, a four-step approach is proposed to filter and locate malicious insertion(s) implanted in a third party Intellectual Property.
As most IC designs are extremely large and contain a huge amount of hardware description, these inclusions are difficult to detect and the sheer size of the code can require many people having access to the code at production level. It is difficult to protect against such threats, but some solutions based on ad hoc design and verification methods have been proposed.
https://www.youtube.com/watch?v=QGIKhJrb9aA
Semiconductor technology has become an integral part of our everyday life, as ICs and embedded systems have been becoming ubiquitous. The spectrum of the applications of these devices and systems covers various areas including, but not limited to, household appliances, critical infrastructures (i.e., commercial facilities sector, government facilities, energy sector, etc.), and military systems. Regardless of these applications, their trustworthiness and reliability must be assured.
Technologies to detect and prevent Counterfeit electronic components and Hardware Trojans
Researchers are developing many technological solutions in the area of IC counterfeits, hardware assurance, cyber physical systems security, and embedded systems security.
With all of these issues it is hard to tell whether a part is genuine. Visual inspection is time consuming and not always fully accurate. Each part must be carefully and manually inspected, but Trojan hardware attacks can easily escape close visual inspection. Instead of adding additional circuitry to the target design, hardware Trojans are made by changing the polarity of existing transistors. Since the modified circuit appears legitimate on all wiring layers (including all metal and polysilicon), it is resistant to most detection techniques, including fine-grain optical inspection and checking against original design specifications.
Reverse Engineering of electronic chips and systems refers to the process of retrieving an electronic design layout and/or netlist, stored information (memory contents, firmware, software, etc.), and functionality/specification through electrical testing and/or physical inspection. In the detection process, the incoming electronic components undergo a physical or electrical inspection process to examine authenticity. As RE is an interior, physical-inspection-based approach, to decide whether a chip/system is cloned or to detect a Trojan, one should rely on the availability of golden data. Golden data can be images from a known authentic chip or PCB, bill of materials (BoM), schematic, layout, or device, whose functionality, structural and electrical parametric signatures are available for comparison. A golden layout or design can provide a benchmark for assessing the functionality of the chip or analyzing its physical structure.
Counterfeit detection tests broadly fall into two categories: physical/mechanical and electrical performance based tests. Using physical and electrical test methods, significant numbers of counterfeit ICs can be detected. As counterfeiters start using more advanced mechanisms that are not easily detected by physical and electrical test methods, new detection techniques are needed – specifically, those that are designed for security and low-cost. For example, new optical photon-counting security tagging and verification of integrated circuits (IC) using optically encoded QR codes might present such a low-cost mechanism.
Furthermore, Trojan prevention approach could be used to make it more difficult (ideally impossible) to insert hardware Trojans at the fab. The authors in proposed a technique called built-in self-authentication (BISA). This technique could be used to fill unused spaces in a circuit layout with functional standard cells instead of nonfunctional filler cells during layout design. Therefore, BISA could prevent hardware Trojan insertion in limited available spaces. In spite of the amount of work that has been done on hardware Trojan detection and prevention, by no means is this a solved problem.
Functional testing, often referred to as Automatic Test Pattern Generation (ATPG) technique is more commonly used to locate manufacturing faults; it has been shown to be effective in detecting hardware trojans. ATPG involves inputs of ports are stimulated and then the output ports are monitored for variations that may indicate a hardware trojan has been activated. Functional testing techniques can also be useful when attempting to determine the trigger patterns of conditional trojans.
In 2018, Catherine Rooney and others from UK, have utilized and demonstrated three different detection techniques to detect hardware trozon, the first utilises power analysis techniques as well as side channel analysis, allowing security investigators to measure both the power variance, traces and current leakage, followed by a concentrated heat measurements using an infrared thermometer, and finally a thermal camera test is carried out. The three experiments are carried out using off-the-shelf hardware and are applied to both the trojan-free and trojan-inserted designs. Attempts are then made to detect the trojan in its dormant form.
PCBs give another opportunity for an attacker to tamper, clone, counterfeit, and insert a hardware Trojan. In fact, since PCBs lie at the heartof an electronic system and integrate several components to achieve the desired functionality, it is increasingly important to guarantee a high level of trust and reliability at such an integration stage. The incident allegedly at Supermicro serves as an example.
For PCBs, counterfeiting and Trojan insertion is a similarly prevalent problem. While there are existing chip-level integrity validation approaches, as mentioned above, they are not readily adaptable to PCBs which is a cause for concern. In response to this concern, a common method for preventing and protecting against PCB counterfeiting is to take advantage of intrinsic characteristics of PCBs making each and every of them (quite) unique. Another approach has explored using unique patterns seen in images of surface vertical interconnect access (via) as fingerprints of design to overcome the problem of counterfeit PCB distribution. While both of these approaches can help us to improve reliability and assurance of a PCB after manufacturing, these techniques would still have to face difficulties in detecting small Trojans. Advances in the RE automation process can enable us to shorten the time to identify these type of threats at multiple levels of an electronic system.
The RE process comprises delayering, imaging, annotation, and netlist extraction. The current state-of-the-art practices are tedious, challenging, and expensive. They usually require a suite of cleanroom and microscopy equipment, very long imaging times, and manual or semi-automated postprocessing steps for converting images to netlists. Despite this, recent advancements in failure analysis tools and delayering processes are opening up new dimensions in RE. As an example, plasma etching has achieved better control over ion-energy distribution, thereby improving selective and automation in delayering.
Furthermore, the introduction of non-destructive X-ray computed tomography (X-Ray CT) and ptychography in recent years can eliminate the process of delayering, and hence, can speed up the imaging time for the upper metal layers of an IC and an entire PCB. New scanning
electronic microscopes (SEMs), such as multi-beam systems, have also been introduced to significantly speed up imaging of nanoscale samples. Nevertheless, they are not widely available and are still several times more expensive than standard SEMs. In addition, since such tools could yield petabytes of data in only a day, the research on automated and intelligent image analysis algorithms is an urgent need to reduce the time and cost of RE.
Military Enlists Digital Twin Technology to Secure Chips
The U.S. military is again attempting to secure the nation’s semiconductor supply chain with a handful of industrial base initiatives that include a digital twin capability that used data-driven virtualization to validate the integrity of individual devices or an assembly of chips. That capability would in turn help secure devices incorporated into weapons.
BRIDG, the public-private partnership recently received a $7.5 million contract from the Air Force Research Laboratory aimed at gathering data on chip design and manufacturing processes. Air Force contract calls for BRIDG to develop security standards and manufacturing processes. Those benchmarks would be used to protect against malicious functions inserted into mission-critical chips as well as spotting fake chips and intellectual property theft while boosting reliability.
BRIDG is currently ramping up a 200-mm production line designed primarily for silicon components such as digital and RF interposers. Those devices and other secure production capabilities target applications like sensors and optoelectronics. Among the first deliverables under the Air Force contract is a product design kit for silicon interposers.
Meanwhile, the emerging digital twin capability will leverage fab data to create virtual chips model while designs progress through the production process. Along with improving chips production yields, the approach also will add a layer of secure “provenance tracking,” Attaway said. The goal of the Air Force effort, he added, is “improving the ecosystem for creating trusted and assured chips.”
Nanoscale ‘Signatures’ Could Keep Counterfeit Parts Out of Military Equipment
Navy scientist Alison Smith, who studies materials science on the campus of the Naval Surface Warfare Center (NSWC) realized that sensitive components could be certified through the use of nanoscale signatures, allowing the military to quickly and easily root out poorly sourced tech and keep its members safe.
To illustrate the basic principle of nano-signatures in an accessible way, Smith will have museumgoers cut out paper snowflakes, use them to mask the undersides of CDs, and then analyze how the patterns of light the CDs reflect differ as a result. Altering materials at the atomic level is obviously a more involved process, but this demonstration drives home the point that small-scale alterations can have large-scale impacts on a material’s optical properties
By embedding arrays of crystal nanoparticles in materials, Smith found that she could change the macroscopic optics of those materials in distinctive ways without impairing their functionality in the slightest. Once the military settles on an official protocol for nano-certification, sketchy suppliers won’t have a chance of getting bogus parts into military equipment. Opportunists in China and elsewhere have been known to spray-paint old, shoddy parts and pawn them off as new alongside legitimate vendors; Smith’s tech will take uncertainty out of the equation and allow the military to separate the wheat from the chaff headache-free.
Tina Closser, who coordinates NSWC Crane’s youth-oriented STEM outreach, explained in an interview the elegance of Smith’s research. “At the nano level, [Smith’s team] can manipulate the geometry of these particles the way they want, to make different reflections.” But these unique reflections, crucially, are macro-scale, and they can be verified with basic cell phone cameras like tiny QR codes. With this new tech, green-lighting a part will be as simple for military manufacturers as scanning a printed code is for ticket takers at the movies. Once the camera detects the desired reflection pattern, a dedicated app will inform the scanner that the component in question is legitimate.
This will allow for on-the-fly onsite authentication of components at every stage of equipment assembly. “You can scan it and say, ‘This is a good part,’” Closser summarizes. “If you had to take it into a lab, it wouldn’t really be worth it.” In time, this sort of nano-tagging could extend beyond the military, and bolster quality control in industries the world over.
Metasurface and UV and Visible Light System Conquer Counterfeits reported in March 2022
Researchers at Pohang University of Science and Technology (POSTECH) have developed an anticounterfeiting and tampering prevention system using ultraviolet (UV) and visible light. The technology uses metasurfaces — it in fact resolves a long-standing issue of the UV light operation of metasurfaces — and is expected to have applications in various industrial sectors, according to the researchers.
For the metasurface in the design to work, it must be composed of subwavelength structures — smaller than the wavelength of light. However, the wavelength of UV light is very short, making it difficult to fabricate a suitable structure. Additionally, silicon — which is frequently used to create metausrfaces — has a propensity to absorb UV light.
To overcome these issues, the team adjusted the physical properties of silicon nitride to reduce its tendency to absorb UV light. Using this material, the team fabricated a metahologram in which an image clearly appears when it is irradiated with UV light. Using the electron beam lithography overlay method, the team combined the two metaholograms that work in the UV and visible regions to create an anticounterfeiting device that displays a unique product number.
When a UV or visible laser is irradiated on the device, images with disparate polarization states are displayed, respectively. The hologram that appears when a visible light laser is irradiated acts as a key, and when this key information is input into the ultraviolet polarizer and irradiated with UV light, certain numbers disappear. These numbers are unique.
The system is difficult to decrypt because it uses the invisible ultraviolet light and reduces the chances of exposing the password or code that can confirm forgery or falsification. In addition, by stacking two metasurfaces, the number of images and information that can be stored is markedly increased.
“We were able to create a higher performing optical encryption system utilizing the invisible ultraviolet characteristics,” Rho said. “This study will serve as the basis for opening up the metasurface research to the ultraviolet regime, from being confined to the long wavelength region.”
According to Rho, he and the team are reviewing the technology with relevant organizations for use in future security applications such as paper bills, passports, and more.
Researchers at NYU Abu Dhabi Develop Breakthrough Computer Chip Security Technology
Researchers at New York University Abu Dhabi’s (NYUAD) Design for Excellence (Dfx) lab have developed new innovations in computer chip technology that present landmark achievements in IT security. Secured by a secret key so that only authorized users may utilize them and immune to reverse-engineering, ‘logic-locked’ computer chips will provide future users with new guarantees of security for their devices.
NYUAD’s Dfx research team designed two different chips over the past year, utilizing commercial and in-house developed software tools to help them build a baseline chip as well as their logic-locked chip. These are microcontroller chips with mainly an ARM microprocessor unit; they allow you to load a software program onto their memory, which they may then execute, allowing users to design a computational system or computer around them.
“This chip can be unlocked only by loading the secret binary key on its memory. Without it, the chip will not work. Only when the secret key has been loaded will the microprocessor unit inside execute the program loaded on its memory, ” he added.
“Traditionally, security features are implemented at the software or system levels; for the first time, we have security implemented at the lowest possible level, the hardware level. This is quite important because if the hardware is compromised, there is no software or system security fix,” explained NYUAD Associate Dean of Engineering for Academic Affairs, Associate Professor of Electrical and Computer Engineering, and Head of Dfx Ozgur Sinanoglu.
Through their research at NYUAD, the Dfx team have surged ahead in the field of solution development for IT security, Sinanoglu explained: “The industry is slowly developing solutions, but they are early solutions that are not as of yet so secure. Academia is quite ahead in the game, with various research groups working on this area. Our solution is the first one that is provably secure, based on mathematical security definitions and security proofs as well as implemented on a real chip.”
“Our goal is to make all electronics truly trustworthy. We are now in a position where we can take any chip design and transform it into one that is secure at the hardware level, which means we can work with design companies to help them produce protected computer chips,” Sinanoglu added.
Air Force surveys industry for trusted computing, anti-tamper enabling technologies
U.S. Air Force researchers are asking industry to mature anti-tamper enabling technologies that protect weapon systems from exploitation, reverse engineering (RE), technology transfer, and countermeasures development. Of specific interest are anti-tamper technologies for secure commercial off-the-shelf (COTS) field-programmable gate arrays (FPGAs); secure COTS critical program information (CPI) processing; anti-tamper secure microcontroller; and volume protection within secure COTS architectures.
Novel technologies are sought to enable secure FPGA software that resides on programmable hardware to protect CPI at rest and during run time from known exploitation techniques. Secure COTS computing architectures are sought to prevent the exploitation of CPI from systems assembled from high performance COTS parts. The secure COTS architectures will be compatible with defense industry open-architecture design methods to enable upgrades of unsecure systems to more secure versions.
Novel technologies are sought which enable volume protection of CPI storage and processing components and software in COTS hardware architectures. Volume protection must be robust and innovative enough to withstand repeated attempts to access CPI and protect CPI during all stages of operation.
For now, researchers are asking industry for six-page white papers that describe architectures that integrates or develops components, with separate two-page papers that describe extensions of security (EoS) that functions as a foundation to the overall white paper. A basic EoS concept involves security architecture that provides a secure boot with a secure device, often referred to as a root of security (RoS) that verifies and extends security to a second device responsible for CPI processing.
References and Resources also include:
file:///C:/Users/Dell/Downloads/BAA-AFLCMCXZZ-2016-001%20Call%204.pdf
https://www.eetimes.com/military-enlists-digital-twin-technology-to-secure-chips/#
https://www.photonics.com/Articles/Metasurface_and_UV_and_Visible_Light_System/a67890
An On-Chip Technique to Detect Hardware Trojans and Assist Counterfeit Identification, IEEE TRANSACTIONS ON VERY LARGE SCALE INTEGRATION (VLSI) SYSTEMS, Maxime Lecomte, Jacques Fournier, and Philippe Maurine
