Hardware Security_ A Hands-On Learning Approach

所需积分/C币:22 2018-11-18 22:27:15 42.78MB PDF

Hardware Security: A Hands-On Learning Approach provides a broad, comprehensive and practical overview of hardware security that encompasses all levels of the electronic hardware infrastructure. It covers basic concepts like advanced attack techniques and countermeasures that are illustrated through
Hardware Security A Hands-on Learning Approach Swarup bhunia Mark Tehranipoor E M MORGAN KAUFMANN PUBLISHERS ElSEVIER AN IMPRINT◇ F ELSEYIER Morgan Kaufmann is an imprint of Elsevier 50 Haipshire Street, 5th Floor, CaInbridge, MA 02139, Uniled Stales Copyright 2019 Elsevier Inc. All rights reserved No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publisher's permissions policies and our arrangements with organizations such as theCopyrightClearanceCenterandtheCopyrightLicensingAgency,canbefoundatourwebsitewww.elsevier.com/permissions This book and the individual contributions contained in it are protected under copyright by the Publisher(other than as may be noted ere Knowledge and best practice in this field are constantly changing. As new research and experience broaden our understanding, changes in research methods, professional practices, or medical treatment may become necessary Practitioners and researchers Illust al ways rely on their own experience and knwledge in evaluating and using anly informatiOn, methods, compounds, or experiments described herein. In using such information or methods they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility Tu the fullest extent of the law. neither the Publisher nor the authors. contributors, oreuliturs assume any liabilily for any injury aud/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods products, instructions, or ideas contained in the material herein Library of Congress Cataloging-in-Publication Data A catalog record for this book is availahle from the L, ibrary of Congress British Library Cataloguing-in-Publication Dat A catalogue record for this book is available from the British Librar ISBN:978-0-12-812477-2 For information on all Morgan Kaufmann publications visitourwebsiteathttps://www.elsevier.com/books-and-journals Working togethe to grow libraries in FISEVIERBook developing countries www.elsevier.com.www.bookaid.org Acquisition Editor. Steve merken Editorial Project Manager: Nathanie McFadden Production Project Manager: Kiruthika Govindaraju Designer:: Miles Hitchen reset by VTeX To our beloved family members Preface Cybersecurity has emerged as a dark side of the digital age and the scale of the worlds cy bersecurity problems has become daily news. With the convergence of computing and communications, coupled with exponential increase in data volume in Internet, it remains a rising and critical concern. Hardware plays an increasingly important and integral role in cybersecurity, with many emerging system and application vulnerabilities rooted in hardware, including the recently reported Meltdown and Spectre vulnerabilities in various microprocessors in the market. The emergence of new application space in the internet-of-things (loT)regime is creating new attack surfaces, and new requirements on hardware to support secure and trusted system operations. Additionally, the design, manufacturing, and distri bution of integrated circuits (ICs), printed circuit boards(PCBs), as well as other electronic hardware components(passive or active) are becoming more sophisticated and globally distributed, involving a number of untrusted entities. This horizontal-but very complex-supply chain introduces myriad security issues in hardware, including malicious changes, information leakage, side-channel attacks counterfeiting, reverse engineering, and piracy activities. The shortened time-to-market for system on chips(socs), which serve as the backbone for many modern computing systems, further exacerbates the problem by leaving unintentional vulnerabilities in the design that could be exploited by attackers once the chips are in the field The topic of hardware security encompasses wide-ranging security and trust issues, which span the entire lifecycle of electronic hardware and all its abstraction levels (chips, PCBs, systems and system of systems). With increasing security vulnerabilities and trust issues, the role of hardware as a trust anchor of a computing system is being challenged. Hence, effective and comprehensive hardware security education is crucial at all levels, including undergraduate and graduate students, and profes sionals involved in design and deployment of computing systems, to safeguard these systems against diverse hardware security/trust issues. We note that there is an increasing demand of well-trained hard ware security professionals in the job market. Existing curriculum at colleges and universities, to our knowledge, do not provide adequate insight into the full spectrum of hardware threats and respective protection approaches. They typically fail to provide:(a)a holistic hardware security education that covers security of all abstraction layers; and(b)a hands-on training approach that we believe is cru cial in understanding the security vulnerabilities in a complex system, and the corresponding defense mechanisms. To address this important growing need, we embarked on the project of developing the first-ever textbook dedicated to hardware security and trust This book aims to provide holistic hardware security training and education to upper-level un dergraduate engineering students. Although targeted primarily towards undergraduate students, it can serve as a useful reference for graduate students, security researchers, and practitioners, and also indus try professionals, including design engineers, security engineers, system architects, and chief security officers This book contains material on the background of modern computing systems, followed by description of security issues and protection mechanism. It also contains a set of well-designed exper- iments that can be performed in any adequately equipped circuit laboratory to learn different aspects of hardware security, which encompasses security vulnerabilities, attacks, and protection mechanisms To help students understand the components of modern systems before taking a deeper dive into the XIX XX Preface specific subject area of security, background chapters cover the basics of computing hardware, circuit theory, active and passive electronic components, chip/PcB design, and test fow This book includes description of a unique companion material: a hardware platform, referred to as Hardware Hacking(HaHa) platform, that is easy to model a hardware-Software system and ethically hack.' it to learn diverse hardware security issues and counterneasures. All of the hands-on exper iments presented in this book can be implemented on this platform, although alternative hardware modules, for example, the Field Programmable Giate Array(FPGa)development boards, can also he used to perform some of the experiments. The comprehensive coverage of hardware security concepts with relevant background material, and a practical learning approach, are the key distinctive features of this text book, which we believe are essential to prepare students for todays challenging hardware security problems Unique features of this text book It provides a thorough overview of computer hardware, including the fundamentals of comput- ing systems and implications of security risks therein, studies of known attack methodologies, countermeasures, and case studies. Given this foundation, readers are expected to obtain a thor ough understanding of key concepts, which facilitate recognizing and countering hardware security threats in actual products and system designs Each major topic in hardware security(security vulnerabilities, attacks, and appropriate protection mechanisms)is explained in detail, combined with a well-designed hands-on experiment on the The book includes the description of a custom electronic hardware platform, called HaHa, which is developed by the books authors to perform the aforementioned laboratory exercises. This hardware module is specifically designed to illustrate various key concepts using a single platform. The ex periment descriptions are provided as companion material, which includes step-by-step descriptions of the experimentation process, observations, reporting format, and advanced options Each chapter is also accompanied by a set of exercises divided into three groups with varying diffi culty levels. They are meant to provide readers with questions that help them effectively understand the concepts presented in the chapter. Organization of the book The authors have organized the topics based on a decade of experience in teaching hardware se curity to effectively convey the related concepts. Chapter 1 provides an introduction to the topic of hardware security. It presents preliminary and basic concepts on major topics, for example, hardware attack vectors, attack surfaces, adversary model, causes of hardware attacks and effect on business/eco nomic models, hardware supply chain, and relation between security and trust. This chapter also provides a brief history of hardware security, an overview of the scope of the book, and the lab-based appi The remainder of the book is organized in four parts: 1. Part 1: Background on Electronic Hardware 2. Part 2: Hardware Attacks: Analysis, Examples, and Threat Models 3. Part 3: Counterneasures Against Hardware Attacks 4. Part 4: Emerging Trends in Hardware Attacks and Protections Preface Part 1: Background on Electronic Hardware: Part I includes three chapters. Chapter 2 provides a background on digital logic, circuit theory, embedded systems, ICs, application specific integrated circuits(ASICs), FPGAs, PCBs, firmware, hardware-firmware-Software interaction, and the role of hardware in system security. Chapter 3 gives an overview of SoC design and test. It describes in- tellectual property(IP)-based Soc lifecycle, the Soc design process, the verification/test steps, and design-for-test, and design-for-debug infrastructures. The final chapter in this part, Chapter 4, provides an introduction to design and test for PCBs. In particular, this chapter describes pcb lifecycle, PcB design process, and PCB testing methods Part 2: Hardware Attacks: Analysis, xamples, and Threat Models: This part of the book covers attacks and vulnerabilities in hardware throughout its lifecycle, and in todays supply chain. Chapter 5 focuses on hardware Trojan attacks in ICs and hardware IPs. It presents different types of Trojans triggers and payloads, and different threat vectors in the design and fabrication process. Chapter 6 pro vides a detailed insight into today's electronics supply chain security and integrity issues. Chapter 7 presents security issues in the hardware IP lifecycle, with emphasis on challenges related to hardware IP piracy and Ip reverse engineering. This chapter also presents issues related to FPGA IP security issues, as FPGA market and IP supply chain continues to grow. Chapter 8 presents the topic of side channel attacks(SCA). It covers all forms of side-channel attacks, namely, power side-channel attacks timing attacks, electromagnetic(EM) side-channel attacks, and fault-injection attacks. Chapter 9 intro duces test infrastructure-oriented attacks with focus on scan and jTag, Different forms of information leakage attacks using on-chip test/debug infrastructure are covered in this chapter. Chapter 10 focuses on physical attacks and microprobing Chip-level reverse engineering and microprobing attacks at chip level for information leakage, and tampering are also discussed in detail in this chapter. Finally, Chap ter 1l presents various attacks on PCB, with emphasis on physical attacks. The physical attacks include snooping of PCB traces for information leakage, PCB reverse-engineering and cloning, and malicious field modification or modchip-type attacks Part 3: Countermeasures Against Hardware Attacks: This part of the book focuses on counter measures against hardware attacks. In particular, countermeasures fundamental to hardware security assurance and building the hardware root of trust are presented. Chapter 12 focuses on design and evaluation of hardware security primitives and their roles in functional security and protection against supply chain issues. It covers common primitives, such as, physical unclonable functions(PUFS)and true random number generators (TRNGs). Chapter 13 presents design-for-security (DFS)and secu rity/trust validation for integrated circuits, security built into a design at different levels, and targeted to prevent different hardware attacks. Chapter 14 discusses hardware obfuscation. It presents a num ber of obfuscation techniques, including state-space obfuscation, logic locking and camouflaging, and discusses their role in protecting against Ip piracy, reverse engineering, and malicious modification Chapter 15 describes PCb integrity validation and authentication. It presents PCB-level authentication solutions using intrinsic signature of PCBs, and protection of PCB against field attacks Part 4: Emerging Trends in Hardware Attacks and Protections: The final chapter in this book Chapter 16) describes system-level attacks and countermeasures, possibilities of exploiting hardware security vulnerabilities by system/application software, and Soc security architecture for secure sys tens. Assets in a SoC are major targets of software attacks. Hence, developing secure SoC architecture for protecting these assets is essential. This chapter describes architecture-level solutions for protecting on-chip assets from diverse attacks that rely on access-control or information llow violations, or other vulnerabilities Preface We hope that the target readership enjoys the content of this book and greatly benefits from it. We believe that the content of this book will remain highly relevant for many years to come, as the topic of hardware security, as it relates to the broader field of cybersecurity, is consistently growing in scope and relevance. Companion material Thisbookhasacompanionmaterial(availableathttps://hwsecuritybook.org/)thatprovidesde tailed description of the hands-on experiments that use the custom HaHa platform. This modular, Fexible, and simple hardware platform is expected to be very effective for hardware security edu cation and training. It is designed to enable students to build a computing system of selected capabilit by adding various components(for example, sensors or communication units)in a LEGO-like fashion and connect multiple units wirelessly to create a networked systen. It then allows students to imple ment diverse security attacks ranging from hardware Trojans, side-channel attacks, tampering, reverse engineering, and snooping. We hope the hands-on experiments will serve as an invaluable resource for the students, helping them to thoroughly understand key concepts and stimulating their interest to explore new vulnerabilities, or protection mechanisms Book website Supporting materials and the lab modules for this book are available at the book's own website www.hwsecuritybook.orgThewebsitewillincludethefollowingslidesforeachchaptersample homework assignments, sample exams and tests, lab modules for HaHa board, sample projects, videos of a selected number of lab modules, simulation tools, Verilog/VhDL designs, and more. This website will be a hub for any educational materials available to help further students and instructors' under standing of the concepts in hardware and systems security. We will also work with instructors, who teach this course to facilitate widespread sharing of the materials among members of the hardware security community For instructors Thewww.hwsecuritybook.orgwebpageincludesadditionalmaterialsforinstructorsonlyThis part of the site is password protected. If you plan to use it, please contact the webmaster, allow a week to obtain a login username and password via the procedure published on the web. The instructor area will contain original slides, notes supporting each slide, complete set of exams, homework assignments quizzes, and more. The website also includes answer to selected exercises and exams Swarup bhunia and mark tehranipoor


关注 私信 TA的资源