Computing devices control much of the world around us. They power smart phones, kitchen appliances, cars, power grids, medical devices, and many of the other objects that we rely upon in our everyday lives. The foundation of these systems is the hardware, which are complex multi-billion transistor chips. Gaining control of the hardware provides unfettered access to every part of the system. This makes it a highly attractive target for attackers. Compromised hardware allows unauthorized users to obtain personal information, and can be used to force the device into unsafe and potentially life threatening scenarios. Thus, it is paramount to develop techniques to enable secure hardware design. Creating secure hardware requires the designer to assess potential vulnerabilities. Currently it is hard to concretely say anything about the security (or lack thereof) of the hardware. This project is developing quantitative hardware security metrics that enable designers to precisely evaluate the security of the system. The team is attempting this by employing statistical measures on the amount of uncertainty and information flow that is present across different portions of the hardware. These metrics are oblivious to the types of variables under consideration. Thus, the team can assess both functional security properties related to confidentiality and integrity as well as covert channels. These metrics enable the characterization of portions of the system that are potentially vulnerable to attacks. And they determine the effectiveness of mitigation techniques on the overall security of the system. The end result is more secure hardware, which leads to safer and more secure computing devices.
TWC: Small: Employing Information Theoretic Metrics to Quantify and Enhance the Security of Hardware Designs