Hardware Security - A Hands-On Learning Approach

This book provides a broad, comprehensive and practical overview of hardware security that encompasses all levels of the electronic hardware infrastructure. It covers basic concepts like advanced attack techniques and countermeasures that are illustrated through theory, case studies and well-designe...

Full description

Saved in:
Bibliographic Details
Main Authors: Bhunia, Swarup, Tehranipoor, Mohammad H.
Format: eBook Book
Language:English
Published: Cambridge, MA Elsevier 2019
Morgan Kaufmann Publishers
Elsevier Science & Technology
Morgan Kaufmann
Elsevier Science and Technology Books, Inc
Edition:1
Subjects:
Computer Hardware Engineering
Computer input-output equipment
Computer security
Data protection
Networks & Sensors
Software Engineering
Software Testing & Verification
ISBN:0128124776, 9780128124772
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Table of Contents:
  • Title Page Preface Table of Contents 1. Introduction to Hardware Security 2. A Quick Overview of Electronic Hardware 3. System on Chip (SoC) Design and Test 4. Printed Circuit Board (PCB): Design and Test 5. Hardware Trojans 6. Electronics Supply Chain 7. Hardware IP Piracy and Reverse Engineering 8. Side-Channel Attacks 9. Test-Oriented Attacks 10. Physical Attacks and Countermeasures 11. Attacks on PCB: Security Challenges and Vulnerabilities 12. Hardware Security Primitives 13. Security and Trust Assessment, and Design for Security 14. Hardware Obfuscation 15. PCB Authentication and Integrity Validation 16. System Level Attacks & Countermeasures Appendix A: The Hardware Hacking (HaHa) Platform for Hands-on Training Index
  • SSB PCB -- DSB PCB -- ML PCB -- 2.6.2 PCB Design Flow -- Part Selection -- Schematic Capture and Simulation -- Board Layout -- Prototype Test and Manufacturing Test -- 2.6.3 Creating a PCB Design -- Board Outline -- Creating Copper Routes -- Drilling Holes -- Components on a PCB -- Gerber Files -- 2.7 Embedded Systems -- 2.7.1 Embedded System Hardware -- 2.7.2 Embedded System Software -- 2.7.3 Characteristics of an Embedded System -- 2.8 Hardware-Firmware-Software Interaction -- 2.9 Exercises -- 2.9.1 True/False Questions -- 2.9.2 Short-Answer Type Questions -- 2.9.3 Long-Answer Type Questions -- References -- 3 System on Chip (SoC) Design and Test -- 3.1 Introduction -- 3.1.1 Test Cost and Product Quality -- 3.1.1.1 Test Cost -- 3.1.1.2 Defect, Yield and Defect Level -- 3.1.2 Test Generation -- 3.1.2.1 Structural Test vs. Functional Test -- 3.1.2.2 Fault Models -- 3.1.2.3 Testability: Controllability and Observability -- 3.1.2.4 Automatic Test Pattern Generation (ATPG) -- 3.2 The IP-Based SoC Life-Cycle -- 3.3 SoC Design Flow -- 3.4 SoC Veri cation Flow -- 3.5 SoC Test Flow -- 3.6 Design-for-Debug -- 3.6.1 Debug Requirements -- 3.6.2 On-Chip Debug Architecture -- 3.6.3 Examples of On-Chip Debug Architectures -- 3.7 Structured DFT Techniques Overview -- 3.7.1 Design-for-Testability -- 3.7.2 Scan Design: Scan Flip-Flop, Scan Chain and Scan Test Compression -- 3.7.2.1 Scan Flip-Flop -- 3.7.2.2 Scan Chain -- 3.7.2.3 Scan Test Compression -- 3.7.3 Partial Scan Design -- 3.7.4 Boundary Scan -- 3.7.5 BIST Methods -- 3.8 At-Speed Delay Test -- 3.8.1 Why At-Speed Delay Test? -- 3.8.2 Basics on At-Speed Test: Launch-off-Capture (LOC) and Launch-off-Shift (LOS) -- 3.8.3 At-Speed Delay Test Challenges -- 3.9 Exercises -- 3.9.1 True/False Questions -- 3.9.2 Short-Answer Type Questions -- 3.9.3 Long-Answer Type Questions -- References
  • 4 Printed Circuit Board (PCB): Design and Test -- 4.1 Introduction -- 4.2 Evolution of PCB and Components -- 4.2.1 Timeline of PCBs -- 4.2.2 Modern PCB Components -- 4.3 PCB Life Cycle -- 4.3.1 PCB Designer -- 4.3.2 Design House -- 4.3.3 Fabrication House -- 4.3.4 Current Business Model -- 4.3.5 Component Research and Selection -- 4.3.6 Schematic Capture -- 4.3.7 Simulation -- 4.3.8 Board Layout -- 4.3.9 Prototype Test -- 4.3.10 Best Practices in Overall Design Flow -- 4.4 PCB Assembly Process -- 4.4.1 Through-Hole Technology -- 4.4.2 Surface Mount Technology -- 4.4.3 PCB Complexity Trend and Security Implications -- 4.5 PCB Design Veri cation -- 4.5.1 Overview of PCB Inspection and Testing -- 4.5.2 PCB Defects -- 4.5.3 PCB Inspection -- 4.5.3.1 Automated Optical Inspection (AOI) -- 4.5.3.2 X-Ray Inspection -- 4.5.4 PCB Testing -- 4.5.4.1 In-Circuit Test (ICT) -- 4.5.4.2 Functional Test (FCT) -- 4.5.4.3 JTAG Boundary Scan Tests -- 4.6 Hands-on Experiment: Reverse Engineering Attacks -- 4.6.1 Objective -- 4.6.2 Method -- 4.6.3 Learning Outcome -- 4.6.4 Advanced Options -- 4.7 Exercises -- 4.7.1 True/False Questions -- 4.7.2 Short-Answer Type Questions -- 4.7.3 Long-Answer Type Questions -- References -- Part 2 Hardware Attacks: Analysis, Examples, and Threat Models -- 5 Hardware Trojans -- 5.1 Introduction -- 5.2 SoC Design Flow -- 5.2.1 Hardware Trojan Insertion: Potential Adversaries -- 5.3 Hardware Trojans -- 5.3.1 Hardware Trojan Structure -- 5.3.2 Trojan Modeling -- 5.3.3 Hardware Trojan Examples -- 5.3.3.1 Trojans in Cryptographic Engines -- 5.3.3.2 Trojans in General-Purpose Processors -- 5.4 Hardware Trojans in FPGA Designs -- 5.4.1 Activation Characteristic -- 5.4.1.1 IP-Dependent Trojans -- 5.4.1.2 IP-Independent Trojans -- 5.4.2 Payload Characteristics -- 5.4.2.1 Malfunction -- 5.4.2.2 IP Leakage -- 5.5 Hardware Trojans Taxonomy
  • Front Cover -- Hardware Security -- Copyright -- Contents -- Preface -- Acknowledgments -- 1 Introduction to Hardware Security -- 1.1 Overview of a Computing System -- 1.2 Layers of a Computing System -- 1.2.1 Electronic Hardware -- 1.2.2 Types of Electronic Hardware -- 1.3 What Is Hardware Security? -- 1.4 Hardware Security vs. Hardware Trust -- 1.4.1 What Causes Hardware Trust Issues? -- 1.4.2 What Security Issues Result From Untrusted Entities? -- 1.5 Attacks, Vulnerabilities, and Countermeasures -- 1.5.1 Attack Vectors -- 1.5.2 Attack Surface -- 1.5.3 Security Model -- 1.5.4 Vulnerabilities -- 1.5.5 Countermeasures -- 1.6 Con ict Between Security and Test/Debug -- 1.7 Evolution of Hardware Security: A Brief Historical Perspective -- 1.8 Bird's Eye View -- 1.9 Hands-on Approach -- 1.10 Exercises -- 1.10.1 True/False Questions -- 1.10.2 Short-Answer Type Questions -- 1.10.3 Long-Answer Type Questions -- References -- Part 1 Background on Electronic Hardware -- 2 A Quick Overview of Electronic Hardware -- 2.1 Introduction -- 2.2 Nanoscale Technologies -- 2.2.1 Silicon-on-Insulator -- 2.2.2 FinFET Technology -- 2.2.3 3D Integrated Circuits -- 2.2.4 Bulk-Silicon Technology -- 2.3 Digital Logic -- 2.3.1 Binary Logic -- 2.3.2 Digital Logic Gates -- 2.3.3 Boolean Algebra -- 2.3.4 Sequential Circuit -- 2.3.4.1 Sequential Circuit Elements -- D-Type Flip-Flop -- T-Type Flip-Flop -- JK-Type Flip-Flop -- 2.3.4.2 Timing Parameters -- Setup Time -- Hold Time -- Propagation Delay -- 2.4 Circuit Theory -- 2.4.1 Resistors and Resistance -- 2.4.2 Capacitors and Capacitance -- 2.4.3 Inductors and Inductance -- 2.4.4 Kirchhoff's Circuit Laws -- 2.4.4.1 Kirchhoff's Current Law -- 2.4.4.2 Kirchhoff's Voltage Law -- 2.5 ASICs and FPGAs -- 2.5.1 ASICs -- 2.5.2 FPGAs -- 2.5.3 Difference Between ASICs and FPGAs -- 2.6 Printed Circuit Board -- 2.6.1 Classi cation of PCB
  • 6.4 Security Concerns -- 6.4.1 Hardware Trojans -- 6.4.2 CAD Tools -- 6.4.3 Design Mistakes -- 6.4.4 Test/Debug Structure -- 6.5 Trust Issues -- 6.5.1 IP Overuse -- 6.5.2 IP Piracy -- 6.5.3 Overproduction of Integrated Circuits -- 6.5.4 Shipping Out-of-Spec/Defective Parts -- 6.5.5 Reverse Engineering of Integrated Circuits -- 6.5.6 Forged Documentation -- 6.5.7 Remarking of Integrated Circuits -- 6.5.8 Recycling of Integrated Circuits -- 6.6 Potential Countermeasures -- 6.6.1 Hardware Trojan Detection and Prevention -- 6.6.2 Security Rule Check -- 6.6.3 IP Encryption -- 6.6.4 Logic Obfuscation -- 6.6.5 Hardware Watermarking -- 6.6.6 IC Metering -- 6.6.7 ECID and PUF-Based Authentication -- 6.6.8 Path-Delay Fingerprinting -- 6.6.9 Clock Sweeping -- 6.6.10 Combating Die and IC-Recycling (CDIR) Structures -- 6.6.11 Electrical Tests -- 6.6.12 Physical Inspection -- 6.7 Exercises -- 6.7.1 True/False Questions -- 6.7.2 Long-Answer Type Questions -- 6.7.3 Mathematical Problems -- References -- 7 Hardware IP Piracy and Reverse Engineering -- 7.1 Introduction -- 7.2 Hardware Intellectual Property (IP) -- 7.3 Security Issues in IP-Based SoC Design -- 7.3.1 Hardware Trojan Attacks -- 7.3.1.1 Attack Model -- 7.3.2 IP Piracy and Overproduction -- 7.3.2.1 Attack Model -- 7.3.3 Reverse Engineering -- 7.3.3.1 An Illustrative Example of IC Reverse Engineering -- 7.4 Security Issues in FPGA -- 7.4.1 FPGA Preliminaries -- 7.4.2 Lifecycle of FPGA-Based System -- 7.4.2.1 Entities -- 7.4.2.2 Lifecycle -- 7.4.2.3 Attacks on FPGA Bitstream -- 7.5 Hands-on Experiment: Reverse Engineering and Tampering -- 7.5.1 Objective -- 7.5.2 Method -- 7.5.3 Learning Outcome -- 7.5.4 Advanced Options -- 7.6 Exercises -- 7.6.1 True/False Questions -- 7.6.2 Short-Answer Type Questions -- 7.6.3 Long-Answer Type Questions -- References -- 8 Side-Channel Attacks -- 8.1 Introduction
  • 5.5.1 Insertion Phase -- 5.5.1.1 Speci cation Phase -- 5.5.1.2 Design Phase -- 5.5.1.3 Fabrication Phase -- 5.5.1.4 Testing Phase -- 5.5.1.5 Assembly Phase -- 5.5.2 Abstraction Level -- 5.5.2.1 System Level -- 5.5.2.2 Register-Transfer Level -- 5.5.2.3 Gate Level -- 5.5.2.4 Transistor Level -- 5.5.2.5 Physical Level -- 5.5.3 Activation Mechanism -- 5.5.3.1 Internally Triggered -- 5.5.3.2 Externally Triggered -- 5.5.4 Payload -- 5.5.4.1 Change Functionality -- 5.5.4.2 Downgrade Performance -- 5.5.4.3 Leak Information -- 5.5.4.4 Denial-of-Service -- 5.5.5 Location -- 5.5.5.1 Random Logic -- 5.5.5.2 Processing Unit -- 5.5.5.3 Cryptographic Accelerator -- 5.5.5.4 Memory Units -- 5.5.5.5 Input/Output Port -- 5.5.5.6 Power Supply -- 5.5.5.7 Clock Grid -- 5.6 Trust Benchmarks -- 5.6.1 Benchmark Naming Convention -- 5.6.2 Sample Trust Benchmarks -- 5.7 Countermeasures Against Hardware Trojans -- 5.7.1 Trojan Detection -- 5.7.1.1 Post-silicon Trojan Detection -- 5.7.1.2 Pre-silicon Trojan Detection -- 5.7.2 Design-for-Trust -- 5.7.2.1 Facilitate Detection -- 5.7.2.2 Prevent Trojan Insertion -- 5.7.2.3 Trustworthy Computing -- 5.7.2.4 Split-Manufacturing for Hardware Trust -- 5.8 Hands-on Experiment: Hardware Trojan Attacks -- 5.8.1 Objective -- 5.8.2 Method -- 5.8.3 Learning Outcome -- 5.8.4 Advanced Options -- 5.9 Exercises -- 5.9.1 True/False Questions -- 5.9.2 Long-Answer Type Questions -- 5.9.3 Mathematical Problems -- References -- 6 Electronics Supply Chain -- 6.1 Introduction -- 6.2 Modern Electronic Supply Chain -- 6.2.1 Design -- 6.2.1.1 Design Speci cation -- 6.2.1.2 3PIP Acquisition -- 6.2.1.3 SoC Integration -- 6.2.1.4 Synthesis -- 6.2.1.5 DFT Insertion -- 6.2.1.6 Physical Layout -- 6.2.2 Fabrication -- 6.2.3 Assembly -- 6.2.4 Distribution -- 6.2.5 Lifetime -- 6.2.6 End-of-Life -- 6.3 Electronic Components Supply Chain Issues
  • 8.2 Background on Side-Channel Attacks