Ensuring Hardware Root of Trust for Emerging Technologies
For months, Dr. Kiruba Subramani MS’13 PhD’18, a Jonsson School postdoctoral fellow, had been researching a specific hardware security vulnerability. But on the first day of competition in the IEEE (Institute of Electrical and Electronics Engineers) International Symposium on Hardware-Oriented Security and Trust (HOST) demonstration challenge, his solution wasn’t working.
“It was all hardware — something messed up,” he said.
Subramani persevered and demonstrated how the hardware trojan — a malicious chip modification the legitimate designer or user is unaware of — can attack analog and radio frequency circuits. Then, to top it off, he also demonstrated how to detect the trojan attack. His project worked so well that he won first place for the 2018 HOST symposium’s best hardware demonstration.
“Very few people can demonstrate these types of attacks in hardware and then propose defenses to solve the problem, but my advisor gave me the freedom and time to push my research forward,” Subramani said. “With technology such as self-driving cars and internet of things becoming reality, these types of solutions are a big deal.”
Subramani is a member of the Trusted and RELiable Architectures Research Laboratory (TRELA) led by his advisor, Dr. Yiorgos Makris, professor of electrical and computer engineering in the Jonsson School.
Makris is a pioneer in hardware security, a nascent field that is becoming more significant for the security of electronics and circuits and systems that are used in military, infrastructure, health, automotive and telecommunication applications. He is also a leader in how these devices communicate with one another.
“The core root of trust has always been the hardware,” Makris said. “Implicitly when we build security protocols we assume the chips and other hardware are safe, secure and trusted, and we build the software on top.
“However, about a dozen years ago, evidence began to show that that assumption is not necessarily valid: the hardware itself can be the entry point through which an attack can be staged to an electronics system.”
To defend effectively against hardware insecurity, members of TRELA must have expertise in both digital and analog technology. Makris leads the Safety, Security and Healthcare thrust of UT Dallas’ Texas Analog Center of Excellence, or TxACE, the largest university- based analog center in the world. He is also a member of UT Dallas’ Cyber Security Research and Education Institute (CSI).
Makris’ teams have developed several formal methods for ensuring the trustworthiness of chips. One of their key contributions is the statistical side channel fingerprint method. Statistical channel fingerprinting involves learning the distribution of secure chip parameters and then determining whether the pertinent measurements of a chip under evaluation fall outside this distribution.
Instead of relying on a small set of trusted chips to set the original parameters, in a paper published in the 2015 ACM (Association for Computing Machinery)/IEEE Design Automation Conference, among others, Makris’ team demonstrates that side channels can be determined through advanced simulations and statistical analysis without the need for the original set of trusted chips. In a paper published in ACM/IEEE International Conference on Computer-Aided Design, his group has also used statistical side channel fingerprints to correctly identify provenance of chips from different fabrication facilities, possibly located in different countries.
In addition, an entire ecosystem of methods and tools has been developed around his Proof-Carrying Hardware Intellectual Property (PCHIP) solution for ensuring chip integrity. Published in two parts in the 2018 IEEE Transactions on Information Forensics and Security, the PCHIP method provides the mathematical foundation to prove automatically that a piece of code included in hardware design is safe and secure.
The work that won the HOST award is among the most recent innovations from TRELA.
The rest of the team involved in that demonstration included Dr. Angelos Antonopoulos, postdoctoral researcher in TRELA, and Dr. Aria Nosratinia, Erik Jonsson Distinguished Professor of electrical and computer engineering at UT Dallas. In 2016, Dr. Yu Liu PhD ‘16, a different member of TRELA who is now with Samsung Research America, won the same international HOST competition.
“What gets people excited about TRELA research is that we take ideas all the way from theory to demonstration,” Makris said. “Now the attack is real — you can see it, you can feel it, and TRELA can help mitigate the damage.”