PUFSec: Protecting physical unclonable functions using hardware isolation-based system security techniques
| Title | PUFSec: Protecting physical unclonable functions using hardware isolation-based system security techniques |
| Publication Type | Conference Paper |
| Year of Publication | 2017 |
| Authors | Ye, M., Shahrak, M. Z., Wei, S. |
| Conference Name | 2017 Asian Hardware Oriented Security and Trust Symposium (AsianHOST) |
| Date Published | oct |
| ISBN Number | 978-1-5386-1421-1 |
| Keywords | Access Control, ARM Processor, composability, Computer architecture, computer network security, control systems, data protection, Denial of Service attacks, DoS attacks, Hardware, hardware isolation, internal PUF design, Metrics, Modeling Attacks, Monitoring, Networked Control Systems Security, physical unclonable function protection, pubcrawl, PUF hardware, PUF workflow, PUFSec framework, resilience, Resiliency, secure architecture extension, security challenges, security compromises, security policies, security protection, Software, system security techniques, system-on-chip, Xilinx SoC |
| Abstract | This paper aims to address the security challenges on physical unclonable functions (PUFs) raised by modeling attacks and denial of service (DoS) attacks. We develop a hardware isolation-based secure architecture extension, namely PUFSec, to protect the target PUF from security compromises without modifying the internal PUF design. PUFSec achieves the security protection by physically isolating the PUF hardware and data from the attack surfaces accessible by the adversaries. Furthermore, we deploy strictly enforced security policies within PUFSec, which authenticate the incoming PUF challenges and prevent attackers from collecting sufficient PUF responses to issue modeling attacks or interfering with the PUF workflow to launch DoS attacks. We implement our PUFSec framework on a Xilinx SoC equipped with ARM processor. Our experimental results on the real hardware prove the enhanced security and the low performance and power overhead brought by PUFSec. |
| URL | https://ieeexplore.ieee.org/document/8353987 |
| DOI | 10.1109/AsianHOST.2017.8353987 |
| Citation Key | ye_pufsec:_2017 |
- physical unclonable function protection
- Xilinx SoC
- system-on-chip
- system security techniques
- Software
- security protection
- security policies
- security compromises
- security challenges
- secure architecture extension
- Resiliency
- resilience
- PUFSec framework
- PUF workflow
- PUF hardware
- pubcrawl
- Access Control
- Networked Control Systems Security
- Monitoring
- Modeling Attacks
- Metrics
- internal PUF design
- hardware isolation
- Hardware
- DoS attacks
- Denial of Service attacks
- Data protection
- control systems
- computer network security
- computer architecture
- composability
- ARM Processor