HOST 2018 Tutorial Program, April 30, 2018

8:30 - 9:30 Registration and Breakfast
9:30 - 12:00 TUTORIAL 1 and TUTORIAL 2
T1. Engineering Trade-off Considerations Regarding Design-for-Security, Design-for-Verification and Design-for-Testability
Melanie Berg (bio) -AS&D, NASA GSFC.
Abstract: The goal of this tutorial is to: explain the evolution of design practices; identify adversary accessibility points due to design-for-verification and design-for-testability circuitry insertion; describe engineering trade-off considerations for verification and validation (V&V) versus adversary threats; and provide a summary of implementation choices that combine assurance methodologies.

T2. Principles of Secure Processor Architecture Design
Prof. Jakub Szefer (bio) - Yale University.
Abstract: The objective of this tutorial is to present the principles of secure processor architecture design to the audience. At the heart of each computing system there are one or more processors that execute programs and manipulate the data, some of which may be sensitive, such as medical records or trade secrets. As silicon real estate has become more and more abundant, over the years, processor architects have added new dedicated hardware security features to accelerate cryptographic protections, but more importantly, to provide protections for the code and data. The tutorial will overview the so-called “secure processor architectures”, present design patterns that can be gleaned from the existing research works, and will derive the principles that inform design of the secure processor architectures. Adding security features in hardware has certain challenges, and the tutorial will aim to highlight these – and the common solutions. Defining of what has to be secured and how is often a subjective choice based on qualitative arguments, unlike quantitative choices that computer architects are often used to making, so the tutorial will cover common threat models and how they have been addressed. Moreover, once made, the hardware cannot be easily changed necessitating careful design of the security features in the first place – the tutorial will aim to educate the audience about the features that the secure processor architectures should contain.

Information will also be included about features found in Intel SGX, ARM TrustZone and new AMD memory encryption technologies. The tutorial, however, is not meant as a tutorial about specific industry processors, rather, it is a research-focused summary of the basic principles of secure processor architecture design developed by computer architects, including the tutorial presenter, over many years and which now are finally finding their way into commercial products.
12:00 - 13:00 Lunch
13:00 - 15:30 TUTORIAL 3 and TUTORIAL 4
T3. System-on-Chip Platform Security: Architecture, Implementation, Validation, and Deployment
Sandip Ray (bio) - NXP Semiconductors.
Prof. Swarup Bhunia (bio) - University of Florida.
Abstract: Modern system-on-chips (SoCs) serves as a foundation for secure and trusted operation of diverse systems – from servers to internet of things (IoT) edge devices – by providing effective safeguards against various on-chip assets. The tutorial provides a comprehensive overview of SoC security assurance, including fundamental concepts, challenges, and state of the industry practices in design-for-security, security architecture, test/debug, and security validation. Application of these concepts into the IoT and embedded system application space will be covered and various trade-offs between security, power-performance, and test/debug/validation will be explained. Next, it will provide a case study on application of SoC security design and validation solutions to automotive systems. The tutorial will be based on over a decade of research and development experience for both presenters in working on diverse aspects of SoC security and test/debug/validation in close collaboration with major industry.

T4. Protecting Electronics Supply Chain Throughout Lifecycle
Prof. Mark Tehranipoor (bio) - University of Florida.
Abstract: Growing complexity of system-on-chip (SoC) and ever-increasing cost of IC fabrication have forced the semiconductor industry to shift from a vertical business model to a horizontal model. In this model, time-to-market and manufacturing costs are lowered through outsourcing and design reuse. To be more specific, SoC designers obtain licenses for third party intellectual property (3PIPs), design an SoC by integrating the 3PIPs with their own IPs, and then outsource the SoC design to contract foundries and assemblies for fabrication, test and packaging. With most of these entities involved in design, manufacturing, integration, and distribution located across the globe, original IP owners no longer have the ability to monitor the entire process. In other words, forward trust is lost in the modern SoC flow. The lack of trust and transparency/control has led to vulnerabilities such as IP piracy, IC overproduction, cloning, tampering, and more.

To protect the SoC supply chain from such vulnerabilities, academic and industry researchers have proposed many techniques e.g., IP encryption, logic obfuscation, secure split test, etc. Some of these techniques are currently being used in industry and others are expected to be adopted in near future. However, recent literatures have pointed out to some of the limitations of these approaches. Therefore, it is crucial to have in depth understanding of the security provided by different IP encryption, logic obfuscation techniques and also be aware of their limitations.

The goal of this tutorial is to present (i) the threat posed by each entity in the SoC supply chain, (ii) different IP encryption and logic obfuscation techniques and their limitations, (iii) facilitating manufacturing and tests without unlocking the chip, (iv) unique unlocking key for each chip, (v) secure key transfer from IP provider to fabricated chips, and (vi) preventing the ICs from recycling and cloning.
15:30 - 16:00 Break
16:00 - 18:30 TUTORIAL 5 and TUTORIAL 6
T5. A Whitebox Introduction to Fault Attacks
Prof. Patrick Schaumont (bio) - Virginia Tech.
Prof. Karine Heydemann (bio) - University of Pierre et Marie Curie (UPMC).
Prof. Qiaoyan Yu (bio) - University of New Hampshire.
Abstract: Fault attacks have been around for as long as side-channel attacks, but they are comparatively much less well understood. Effective fault attacks on trustworthy embedded systems result in unauthorized privilege escalation or in the extraction of secrets. Due to our limited ability to characterize fault injection and to prevent fault propagation, fault attacks are a fast-growing but poorly-understood threat. For example, just in the past three years, new fault attack vectors were demonstrated on embedded computing systems through their memory-refresh and voltage/frequency scaling subsystems, two very common and supposedly trustworthy components of modern embedded computers.

This tutorial aims to demystify the fault attack by systematically discussing the design of fault attacks as well as the design of countermeasures against these attacks. An international team of three researchers with complementary expertise offers a comprehensive discussion of fault attacks across multiple abstraction levels. The ultimate goal of this tutorial is to rally the hardware security community around the challenge of fault attacks, to highlight recent results and to explain open research problems.

T6. Hardware Security and Trust Challenges in Emerging IoT Systems and Applications
Prof. Fareena Saqib (bio) - University North Carolina - Charlotte.
Prof. Jim Plusquellic (bio) - University of New Mexico - Albuquerque.
Abstract: Crucial and critical needs of security and trust requirements are growing in all classes of applications, manufacturing, automobiles, electronic voting machines, wearable devices etc. The increased integration and reliance on remote and embedded electronics as the basis for personal, commercial, and growing industrial systems in internet of things (IoT) is driving the need for upgraded security and trust in these cyber-physical systems (CPS). Remote access or control of a single sensor or micro-controller by a hacker can lead to full control on entire electronic network. This situation is expanding rapidly posing serious security and privacy challenge to manufacturers as well as customers/operators, and requires immediate and tactfully strategic solution to avoid conceivable property and human losses and to counter the advantage made available to adversaries by the increasing complexity of software and hardware and the additional flexibility provided by mobile devices to interact with these systems.

The objective of this tutorial is to perform in-depth overview of IoTs, the architectures and design flow and evaluate the security requirements in design framework using threat models. Furthermore the tutorial will investigate emerging hardware based security solutions to provide enhanced level of security and trust.