Biblio

With Covid19 being endemic, it is very essential to continue proper physical hygiene protocols even today to avoid escalation. To ensure hygiene inside educational institutions, many governing bodies-imposed protocols to insist students wear hand gloves and facemasks. Such an implementation, however, has increased surgical waste in and around educational institutions, and also there is a rise in allergies due to the constant use of hand gloves by the students. Hence, a prototype of a hand sanitization-based attendance monitoring system has been proposed in the current research paper. This proposed sanitizer with attendance through remote monitoring (SWARM) uses Raspberry Pi devices to capture the image of a student’s identity card holding the registration number and through a bar code analysis module of computer vision, the ID number is extracted. This ID number is compared with a master attendance file to mark the students’ presence and then the updated file is shared with the concerned teacher via email. Such a setup is installed in the laboratory premise, thereby reducing the unnecessary use and disposal of surgical waste within the educational premise.

Distributed Denial of Service (DDoS) attacks aim to make a server unresponsive by flooding the target server with a large volume of packets (Volume based DDoS attacks), by keeping connections open for a long time and exhausting the resources (Low and Slow DDoS attacks) or by targeting protocols (Protocol based attacks). Volume based DDoS attacks that flood the target server with a large number of packets are easier to detect because of the abnormality in packet flow. Low and Slow DDoS attacks, however, make the server unavailable by keeping connections open for a long time, but send traffic similar to genuine traffic, making detection of such attacks difficult. This paper proposes a solution to detect and mitigate one such Low and slow DDoS attack, Slowloris in an SDN (Software Defined Networking) environment. The proposed solution involves communication between the detection and mitigation module and the controller of the Software Defined Network to get data to detect and mitigate low and slow DDoS attack.

Scan-based test methodology is one of the most popular test techniques in VLSI circuits. This methodology increases the testability which in turn improves the fault coverage. For this purpose, the technique uses a chain of scan cells. This becomes a source of attack for an attacker who can observe / control the internal states and use the information for malicious purposes. Hence, security becomes the main concern in the Integrated Circuit (IC) domain since scan chains are the main reason for leakage of confidential information during testing phase. These leakages will help attackers in reverse engineering. Measures against such attacks have to be taken by encrypting the data which flows through the scan chains. Lightweight ciphers can be used for scan chain encryption. In this work, encryption of scan data is done for ISCAS-89 benchmarks and the performance and security properties are evaluated. Lightweight stream and block ciphers are used to perform scan encryption. A comparative analysis between the two techniques is performed in par with the functions related to design cost and security properties.

The rapid complexity growth of electronic systems nowadays increases their vulnerability to hacking, such as fault injection, including insertion of glitches into the system clock to corrupt internal state through timing errors. As a countermeasure, a frequency locked loop (FLL) based clock glitch detector is proposed in this paper. Regulated from an external supply voltage, this FLL locks at 16-36X of the system clock, creating four phases to measure the system clock by oversampling at 64-144X. The samples are then used to sense the frequency and close the frequency locked loop, as well as to detect glitches through pattern matching. Implemented in a 5nm FINFET process, it can detect the glitches or pulse width variations down to 3.125% of the input 40MHz clock cycle with the supply varying from 0.5 to 1.0V.

In most PUF-based authentication schemes, a central server is usually engaged to verify the response of the device’s PUF to challenge bit-streams. However, the server availability may be intermittent in practice. To tackle such an issue, this paper proposes a new protocol for supporting distributed authentication while avoiding vulnerability to information leakage where CRPs could be retrieved from hacked devices and collectively used to model the PUF. The main idea is to provision for scrambling the challenge bit-stream in a way that is dependent on the verifier. The scrambling pattern varies per authentication round for each device and independently across devices. In essence, the scrambling function becomes node- and packetspecific and the response received by two verifiers of one device for the same challenge bit-stream could vary. Thus, neither the scrambling function can be reverted, nor the PUF can be modeled even by a collusive set of malicious nodes. The validation results using data of an FPGA-based implementation demonstrate the effectiveness of our approach in thwarting PUF modeling attacks by collusive actors. We also discuss the approach resiliency against impersonation, Sybil, and reverse engineering attacks.

Approximate computing emerged as a key alternative for trading off accuracy against energy efficiency and area reduction. Error-tolerant applications, such as multimedia processing, machine learning, and signal processing, can process the information with lower-than-standard accuracy at the circuit level while still fulfilling a good and acceptable service quality at the application level. Adaptive filtering-based systems have been demonstrating high resiliency against hardware errors due to their intrinsic self-healing characteristic. This paper investigates the design space exploration of arithmetic approximations in a Very Large-Scale Integration (VLSI) harmonic elimination (HE) hardware architecture based on Least Mean Square (LMS) adaptive filters. We evaluate the Pareto front of the area- and power versus quality curves by relaxing the arithmetic precision and by adopting both approximate multipliers (AxMs) in combination with approximate adders (AxAs). This paper explores the benefits and impacts of the Dynamic Range Unbiased (DRUM), Rounding-based Approximate (RoBA), and Leading one Bit-based Approximate (LoBA) multipliers in the power dissipation, circuit area, and quality of the VLSI HE architectures. Our results highlight the LoBA 0 as the most efficient AxM applied in the HE architecture. We combine the LoBA 0 with Copy and LOA AxAs with variations in the approximation level (L). Notably, LoBA 0 and LOA with \$L=6\$ resulted in savings of 43.7% in circuit area and 45.2% in power dissipation, compared to the exact HE, which uses multiplier and adder automatically selected by the logic synthesis tool. Finally, we demonstrate that the best hardware architecture found in our investigation successfully eliminates the contaminating spurious noise (i.e., 60 Hz and its harmonics) from the signal.

This paper presents a randomized Montgomery Powering Ladder Modular Exponentiation (RMPLME) scheme for side channel attacks (SCA) resistant Rivest-Shamir-Adleman (RSA) and its leakage resilience analysis. This method randomizes the computation time of square-and-multiply operations for each exponent bit of the Montgomery Powering Ladder (MPL) based RSA exponentiation using various radices (Radix – 2, 22, and 24) based Montgomery Modular multipliers (MMM) randomly. The randomized computations of RMPLME generates non-uniform timing channels information and power traces thus protecting against SCA. In this work, we have developed and implemented a) an unmasked right-to-left Montgomery Modular Exponentiation (R-L MME), b) MPL exponentiation and c) the proposed RMPLME schemes for RSA decryption. All the three realizations have been assessed for side channel leakage using Welch’s t-test and analyzed for secured realizations based on degree of side channel information leakage. RMPLME scheme shows the least side-channel leakage and resilient against SPA, DPA, C-Safe Error, CPA and Timing Attacks.

The impending threat of large-scale quantum computers to classical RSA and ECC-based public-key cryptographic schemes prompted NIST to initiate a global level standardization process for post-quantum cryptography. This process which started in 2017 with 69 submissions is currently in its third and final round with seven main candidates and eight alternate candidates, out of which seven (7) out of the fifteen (15) candidates are schemes based on hard problems over structured lattices, known as lattice-based cryptographic schemes. Among the various parameters such as theoretical post-quantum (PQ) security guarantees, implementation cost and performance, resistance against physical attacks such as Side-Channel Analysis (SCA) and Fault Injection Analysis (FIA) has also emerged as an important criterion for standardization in the final round [1]. This is especially relevant for adoption of PQC in embedded devices, which are most likely used in environments where an attacker can have unimpeded physical access to the device.

The test of security primitives is particularly strategic as any bias coming from the implementation or environment can wreck havoc on the security it is intended to provide. This paper presents how some security properties are tested on leading primitives: True Random Number Generation (TRNG), Physically Unclonable Function (PUF), cryptographic primitives and Digital Sensor (DS). The test of TRNG and PUF to ensure a high level of security is mainly about the entropy assessment, which requires specific statistical tests. The security against side-channel analysis (SCA) of cryptographic primitives, like the substitution box in symmetric cryptography, is generally ensured by masking. But the hardware implementation of masking can be damaged by glitches, which create leakages on sensitive variables. A test method is to search for nets of the cryptographic netlist, which are vulnerable to glitches. The DS is an efficient primitive to detect disturbances and rise alarms in case of fault injection attack (FIA). The dimensioning of this primitive requires a precise test to take into account the environment variations including the aging.

Microprocessor software test libraries (STLs) must provide maximum fault coverage with minimum overhead. Pruning safe faults, which cannot cause errors in the output of the processor, from the fault list can increase fault coverage without adding test overhead. Applying more application-specific constraints can lead to the identification of more safe faults, and some such constraints are yet to be explored. This work explores the use of signal combination-based constraints alongside well-known constant signal-based constraints for identifying safe faults. Also, for the first time, information on safe faults is utilised during test compaction in order to further minimise test overhead. Results for an OpenRISC processor design show up to 2.33% improvement in fault coverage with the use of the proposed constraints. In one test program, a code segment contributing only to the coverage of safe faults is identified, with its removal providing a 1.09 % code size reduction on top of existing compaction techniques. The results may vary for a larger and more complex commercial design with greater scope for redundant logic. This work explores the use of signal combination-based constraints alongside well-known constant signal-based constraints for identifying safe faults. Also, for the first time, information on safe faults is utilised during test compaction in order to further minimise test overhead. Results for an OpenRISC processor design show up to 2.33% improvement in fault coverage with the use of the proposed constraints. In one test program, a code segment contributing only to the coverage of safe faults is identified, with its removal providing a 1.09 % code size reduction on top of existing compaction techniques. The results may vary for a larger and more complex commercial design with greater scope for redundant logic.

With the advancement of VLSI technology, Tiled Chip Multicore Processors (TCMP) with packet switched Network-on-Chip (NoC) have been emerged as the backbone of the modern data intensive parallel systems. Due to tight time-to-market constraints, manufacturers are exploring the possibility of integrating several third-party Intellectual Property (IP) cores in their TCMP designs. Presence of malicious Hardware Trojan (HT) in the NoC routers can adversely affect communication between tiles leading to degradation of overall system performance. In this paper, we model an HT mounted on the input buffers of NoC routers that can alter the destination address field of selected NoC packets. We study the impact of such HTs and analyse its first and second order impacts at the core level, cache level, and NoC level both quantitatively and qualitatively. Our experimental study shows that the proposed HT can bring application to a complete halt by stalling instruction issue and can significantly impact the miss penalty of L1 caches. The impact of re-transmission techniques in the context of HT impacted packets getting discarded is also studied. We also expose the unrealistic assumptions and unacceptable latency overheads of existing mitigation techniques for packet header attacks and emphasise the need for alternative cost effective HT management techniques for the same.

In this paper, we propose a methodology for post-silicon validation through the evaluation of security assertions for systems-on-chip (SoC). The methodology is centered around a security architecture in which a "security capsule" is attached to each IP core in the SoC. The security capsule consists of a set of on-line and off-line assertion monitors, a dynamic trace-buffer to trace selected groups of signals, and a dynamic trace controller. The architecture is supported by a trace signal selection and grouping algorithm and a dynamic signal tracing method to evaluate the off-chip monitors. This paper presents the security capsule architecture, the signal selection and grouping algorithm, and the run-time signal tracing method. Results of using the methodology on two SoC architectures based on the OpenRISC-1200 and RISC-V processors are presented.

The globalized supply chain in the semiconductor industry raises several security concerns such as IC overproduction, intellectual property piracy and design tampering. Logic locking has emerged as a Design-for-Trust countermeasure to address these issues. Original logic locking proposals provide a high degree of output corruption – i.e., errors on circuit outputs – unless it is unlocked with the correct key. This is a prerequisite for making a manufactured circuit unusable without the designer’s intervention. Since the introduction of SAT-based attacks – highly efficient attacks for retrieving the correct key from an oracle and the corresponding locked design – resulting design-based countermeasures have compromised output corruption for the benefit of better resilience against such attacks. Our proposed logic locking scheme, referred to as SKG-Lock, aims to thwart SAT-based attacks while maintaining significant output corruption. The proposed provable SAT-resilience scheme is based on the novel concept of decoy key-inputs. Compared with recent related works, SKG-Lock provides higher output corruption, while having high resistance to evaluated attacks.

With the increasing complexity, modern system-onchip (SoC) designs are becoming more susceptible to security attacks and require comprehensive security assurance. However, establishing a comprehensive assurance for security often involves knowledge of relevant security assets. Since modern SoCs contain myriad confidential assets, the identification of security assets is not straightforward. The number and types of assets change due to numerous embedded hardware blocks within the SoC and their complex interactions. Some security assets are easily identifiable because of their distinct characteristics and unique definitions, while others remain in the blind-spot during design and verification and can be utilized as potential attack surfaces to violate confidentiality, integrity, and availability of the SoC. Therefore, it is essential to automatically identify security assets in an SoC at pre-silicon design stages to protect them and prevent potential attacks. In this paper, we propose an automated CAD framework called SAF to identify an SoC's security assets at the register transfer level (RTL) through comprehensive vulnerability analysis under different threat models. Moreover, we develop and incorporate metrics with SAF to quantitatively assess multiple vulnerabilities for the identified security assets. We demonstrate the effectiveness of SAF on MSP430 micro-controller and CEP SoC benchmarks. Our experimental results show that SAF can successfully and automatically identify an SoC's most vulnerable underlying security assets for protection.

Multi-processors System-on-Chip (MPSoC) are a key enabling technology for different applications characterized by hyper-connectivity and multi-tenant requirements, where resources are shared and communication is ubiquitous. In such an environment, security plays a major role. To cope with these security needs, MPSoCs usually integrate cryptographic functionalities deployed as software and/or hardware solutions. Quantum computing represents a threat for the current cryptography. To overcome such a threat, Post-quantum cryptography (PQC) can be used, thus ensuring the long term security of different applications. Since 2017, NIST is running a PQC standardization process. While the focus has been the security analysis of the different PQC candidates and the software implementation, the MPSoC PQC implementation has been neglected. To this end, this work presents two contributions. First, the exploration of the multicore capabilities for developing optimized PQC implementations. As a use case, NTRU lattice-based PQC, finalist for the NIST standardization process, is discussed. Second, NTRU was deployed on an AURIX microcontroller of Infineon Technologies AG with the Real-Time Operating System PXROS-HR from HighTec EDV-Systeme GmbH. Results show that NTRU can be efficiently implemented and optimized on a multicore architecture, improving the performance up to 43% when compared to single core solutions.

Physically Unclonable Functions (PUFs) have been considered as promising lightweight primitives for random number generation and device authentication. Thanks to the imperfections occurring during the fabrication process of integrated circuits, each PUF generates a unique signature which can be used for chip identification. Although supposed to be unclonable, PUFs have been shown to be vulnerable to modeling attacks where a set of collected challenge response pairs are used for training a machine learning model to predict the PUF response to unseen challenges. Challenge obfuscation has been proposed to tackle the modeling attacks in recent years. However, knowing the obfuscation algorithm can help the adversary to model the PUF. This paper proposes a modeling-resilient arbiter-PUF architecture that benefits from the randomness provided by PUFs in concealing the obfuscation scheme. The experimental results confirm the effectiveness of the proposed structure in countering PUF modeling attacks.

As an emerging role in on-chip communication, the optical networks-on-chip (ONoCs) can provide ultra-high bandwidth, low latency and low power dissipation for the data transfer. However, the thermo-optic effects of the photonic devices have a great impact on the operating performance and reliability of ONoCs, where the thermal-aware control is used to alleviate it. Furthermore, the temperature-sensitive ONoCs are prone to be attacked by the hardware Trojans (HTs) covertly embedded in the integrated circuits (ICs) from the malicious third-party components, leading to performance degradation, denial of service (DoS), or even permanent damages. In this paper, we focus on the tampering attacks on optical sampling during the thermal sensing process in ONoCs. Corresponding approaches are proposed to mitigate the negative impacts from HT attacks. Evaluation results indicate that our approach can significantly enhance the hardware security of thermal sensing for ONoC with trivial overheads of up to 3.06% and 2.6% in average latency and energy consumption, respectively.

To achieve a substantial reliability and safety level, it is imperative to provide electronic computing systems with appropriate mechanisms to tackle soft errors. This paper proposes a low-cost system-level soft error mitigation technique, which allocates the critical application function to a pool of specific general-purpose processor registers. Both the critical function and the register pool are automatically selected by a developed profiling tool. The proposed technique was validated through more than 320K fault injections considering a Linux kernel, different benchmarks and two multicore ARM processors. Results show that our technique significantly reduces the code size and performance overheads while providing reliability improvement, w.r.t. the Triple Modular Redundancy (TMR) technique.

Modern control flow attacks circumvent existing defense mechanisms to transfer the program control to attacker chosen malicious code in the program, leaving application vulnerable to attack. Advanced attacks such as Return-Oriented Programming (ROP) attack and its variants, transfer program execution to gadgets (code-snippet that ends with return instruction). The code space to generate gadgets is large and attacks using these gadgets are Turing-complete. One big challenge to harden the program against ROP attack is to confine gadget selection to a limited locations, thus leaving the attacker to search entire code space according to payload criteria. In this paper, we present a novel approach to label the nodes of the Control-Flow Graph (CFG) of a program such that labels of the nodes on a valid control flow edge satisfy a Hamming distance property. The newly encoded CFG enables detection of illegal control flow transitions during the runtime in the processor pipeline. Experimentally, we have demonstrated that the proposed Control Flow Integrity (CFI) implementation is effective against control-flow hijacking and the technique can reduce the search space of the ROP gadgets upto 99.28%. We have also validated our technique on seven applications from MiBench and the proposed labeling mechanism incurs no instruction count overhead while, on average, it increases instruction width to a maximum of 12.13%.

Emerging nonvolatile memory (NVM) devices are not limited to build nonvolatile memory macros. They can also be used in developing nonvolatile logics (nvLogics) for nonvolatile processors, security circuits for the internet of things (IoT), and computing-in-memory (CIM) for artificial intelligence (AI) chips. This paper explores the challenges in circuit designs of emerging memory devices for application in nonvolatile logics, security circuits, and CIM for deep neural networks (DNN). Several silicon-verified examples of these circuits are reviewed in this paper.

Controller Area Network (CAN) is the main bus network that connects electronic control units in automobiles. Although CAN protocols have been revised to improve the vehicle safety, the security weaknesses of CAN have not been fully addressed. Security threats on automobiles might be from external wireless communication or from internal malicious CAN nodes mounted on the CAN bus. Despite of various threat sources, the security weakness of CAN is the root of security problems. Due to the limited computation power and storage capacity on each CAN node, there is a lack of hardware-efficient protection methods for the CAN system without losing the compatibility to CAN protocols. To save the cost and maintain the compatibility, we propose to exploit the built-in CAN fault confinement mechanism to detect the masquerade attacks originated from the malicious CAN devices on the CAN bus. Simulation results show that our method achieves the attack misdetection rate at the order of 10-5 and reduces the encryption latency by up to 68% over the complete frame encryption method.

This paper presents the Bit Error Rate (BER) performance of the wireless communication system. The complexity of modern wireless communication system are increasing at fast pace. It becomes challenging to design the hardware of wireless system. The proposed system consists of MIMO transmitter and MIMO receiver along with the along with a realistic fading channel. To make the data transmission more secure when the data are passed into channel Crypto-System with Embedded Error Control (CSEEC) is used. The system supports data security and reliability using forward error correction codes (FEC). Security is provided through the use of a new symmetric encryption algorithm, and reliability is provided by the use of FEC codes. The system aims at speeding up the encryption and encoding operations and reduces the hardware dedicated to each of these operations. The proposed system allows users to achieve more security and reliable communication. The proposed BER measurement communication system consumes low power compared to existing systems. Advantage of VLSI based BER measurement it that they can be used in the Real time applications and it provides single chip solution.

The migration from a vertical to horizontal business model has made it easier to introduce hardware Trojans and counterfeit electronic parts into the electronic component supply chain. Hardware Trojans are malicious modifications made to original IC designs that reduce system integrity (change functionality, leak private data, etc.). Counterfeit parts are often below specification and/or of substandard quality. The existence of Trojans and counterfeit parts creates risks for the life-critical systems and infrastructures that incorporate them including automotive, aerospace, military, and medical systems. In this tutorial, we will cover: (i) Background and motivation for hardware Trojan and counterfeit prevention/detection; (ii) Taxonomies related to both topics; (iii) Existing solutions; (iv) Open challenges; (v) New and unified solutions to address these challenges.