Over the past three decades, the field of hardware security has been evolving rapidly with the discovery of many vulnerabilities and attacks on hardware. Before 1996, there were only sporadic instances of hardware IP piracy, primarily cloning of ICs, leading to the development of some IP watermarking and other anti-piracy techniques.
In 1996, a groundbreaking hardware attack was introduced in the form of timing analysis attack, an attack which aims to extract information from a cryptographic hardware on the basis of a systematic analysis of computation time for different operations. In 1997, fault injection analysis was reported as an attack vector that can lead to compromising the security of a system. The attack focuses on applying environmental stress to the system in order to force it to leak sensitive data. The first power analysis based side-channel attack was introduced in 1999; it focused on analyzing the power dissipations at runtime to retrieve secrets from a cryptochip.
In 2005, there were reports on production and supply of counterfeit ICs, including cloned and recycled chips, which created major security and trust concerns. The concept of hardware Trojans was introduced in 2007, which unveiled the possibility of inserting malicious circuits in a hardware design with the aim to disrupt normal functional behavior, leak sensitive information, grant unauthorized control, or degrade the performance of the system. Some recent hardware vulnerabilities that have received significant attention from industry and academic community includes “Meltdown” and “Spectre”; they exploit implementation-dependent side-channel vulnerabilities in modern processors to access private data from a computer, such as user passwords. These vulnerabilities have been discovered and reported by different processor manufacturers, who have introduced software fixes for them.
Similar to the realm of software security, countermeasures for hardware attacks have been developed in a reactive manner. Over the years, many design and test solutions have evolved to mitigate known attacks. The idea of hardware tagging was introduced in 1998, where every IC instance was assigned with a unique ID. Hardware security primitives, such as physical unclonable functions (PUFs) and true random number generators (TRNGs) were introduced in early 2000 to improve the level of protection against hardware attacks.
The United States Department of Defense introduced several sponsored research programs to facilitate growth in hardware security solutions. In 2008, DARPA introduced the Integrity and Reliability of Integrated Circuits (IRIS) program to develop techniques for hardware integrity and reliability assurance through destructive and nondestructive analysis. In 2012, a report published by the senate armed services showed that a set of counterfeit devices was discovered in different branches of the US Air Force, accentuating the gravity of the problem. The total number of these counterfeits exceeded 1 million, and the investigation concluded with an amendment that enforces counterfeit-avoidance practices.
The Supply Chain Hardware Integrity for Electronics Defense (SHIELD) program was introduced by DARPA in 2014 to develop technology to trace and track electronic components—PCB to chip to small passive components—as they move through the supply chain. Over the past decade, many such efforts by both government and industry to enable secure and trusted hardware platform have been observed with more to come in near future.
Published on Thu 27 March 2014 by Ben Sanford in Security with tag(s): hardware security