Hardware plays an essential and integral role in the security and safety of a system. However, hardware vulnerabilities and design flaws are detrimental and can be exploited to compromise the safety and security of a system. Failure to maintain security and safety of critical systems may endanger human life and environment, cause severe damage to critical infrastructure, hinder personal and national privacy, and undermine the viability of whole business sectors. In addition to hardware vulnerabilities and design flaws, the horizontal business model has deteriorated these security and safety issues because of the involvement of untrusted parties. Therefore, there is an increasing concern that hardware itself is designed to be resilient to potential attacks and has been designed and distributed in a trusted manner. To ensure the security and safety of a system, redesigning a secure and flawless hardware, discovering novel hardware vulnerabilities in current and emerging devices along with countermeasures, developing a robust and secure system, and the establishment of trust and integrity in modern semiconductor supply chain are major research activities at my SeRLoP research lab.
Detection and Avoidance of Counterfeit Integrated Circuits (ICs) and Systems: With the globalization of the semiconductor supply chain, many commercially available chips are fabricated worldwide in untrusted facilities such that a counterfeit chip or module can easily enter into the supply chain in different formats: recycled, re-marked, tampered, out-of-spec, forged documented, defective, cloned, overproduced, tampered, hardware Trojan, etc. Counterfeit electronic parts, and the established risks associated with them, have been increasing rapidly. Studies show that counterfeit ICs contribute \$169B in estimated risks per year for the global supply chain. Deploying counterfeit chips into an electronic system can have severe consequences on security and reliability domains because of their sub-standard quality, poor performance, and result in a shorter life span. These chips can fail any time after being deployed in the system, can be exploited to leak sensitive information, or can allow remote access and endanger the integrity, confidentiality, and safety of a system by performing invasive or non-invasive fault-injection attacks. Our recent research suggests that recycled chips are more vulnerable to emerging hardware-vulnerability-related attacks (e.g., rowhammer, a method of changing the restricted memory contents by repeated access to their adjacent rows) because of their poor resiliency against noise, interference, etc. Generally, anti-counterfeit technologies are based on physical information of the chip that identifies usage (to detect recycled ICs), grade (to detect remarked ICs), process variations (for detecting cloned and overproduced ICs), and side-channel information (for detecting out-of-spec ICs). Therefore, a proper solution is required to identify counterfeit chips before deploying them in mission-, safety-, and security-critical systems. At the SeRLoP research lab, we develop techniques to ensure that the chip has been designed and distributed in a trusted manner. The major techniques that we apply include (i) attesting the origin of manufacturer and foundry, (ii) detection of recycled chips, (iii) detection and prevention of hardware Trojan, (iv) Identification and verification of chips’ specifications, and (v) prevention of IP and IC Piracy.
Development of Robust and Secure Electronic System: Recent attacks suggest that hardware and architectural vulnerabilities (and flaws) play critical roles in jeopardizing the safety and security of a system. For example, the vulnerability in modern DRAM chips can be used to alter the contents of restricted memory cells by creating faults through repeated access in the adjacent memory rows (i.e., rowhammer). Researchers have been developing several mitigation and prevention techniques to defend a system from hardware-vulnerability related attacks. However, most existing hardware/software-based mitigation techniques either need significant hardware changes, follow heuristic approaches, consume more power, or slow down the performance. It is important to note that new attack methodologies might make the old solutions ineffective. We understand that the gap between mitigation techniques and a proper hardware characterization is one of the key reasons in these failures. A counterfeit chip can be more vulnerable to attack and exacerbate the existing defense mechanisms that are considered safe for authentic chips. At the SeRLoP research lab, we develop hardware-software co-design techniques for developing a robust and secure system with proper hardware characterization.
Side-channel Analysis and Physical Attacks: Side-channel analysis and physical attacks research focuses on uncovering vulnerabilities in cryptographic systems and secure hardware by exploiting unintended information leaks during their operation. These attacks exploit various physical characteristics such as power consumption, electromagnetic radiation, and timing measurements to infer secret keys or sensitive data. By meticulously analyzing these side-channel signals, researchers can devise advanced attack techniques that pose a significant threat to the security of embedded systems, smart cards, and other hardware implementations of cryptographic algorithms. This field plays a crucial role in evaluating and enhancing the resilience of such systems against real-world threats, ultimately contributing to the development of more robust and secure computing technologies. At the SeRLoP research lab, we discover various new side channels and develop their countermeasures.
Design for security: Design for Security (DfS) research in hardware involves integrating strong security measures during the initial stages of hardware system design. This approach anticipates vulnerabilities and incorporates features like isolation mechanisms, encryption, and tamper resistance. By building security directly into hardware architecture, DfS enhances resistance against various attacks and reduces reliance on software-based solutions, thereby contributing to more reliable and secure computing environments. At the SeRLoP research lab, we develop various CAD to circuit level design-based approaches to protect systems and intellectual properties.
Emerging Memory Chips:- Applications, Vulnerabilities, and Defenses: Emerging memory chips (e.g., magnetoresistive RAM or MRAM and ferroelectric RAM or FRAM) are expected to lead the future memory market because of their attractive features (e.g., speed, density, data retention, high endurance, scalability, and enablement of non-Von Neumann architecture, etc.) over traditional memory chips. At the SeRLoP research lab, we explore the security issues of these emerging memory chips.
Development of Smart EAD Tools for Research and Training: There is a need to train skilled computer architects to design innovative computer hardware. Software-based simulation is the backbone of computer system design and development. Such tools are also widely used for teaching computer architecture concepts. Currently, the simulators used for educational purposes have a steep learning curve, are not interesting for beginners, and are error-prone. Therefore, these simulators are mostly used by experienced researchers. At the SeRLoP research lab, we develop AI-Assisted just-in-time scaffolding framework for exploring computer and chip design.
- National Science Foundation
- National Security Agency