It is our great pleasure to announce the following four tutorials, which will take place on Monday, May 1, 2017, and their presenters. Student travel grant (http://www.hostsymposium.org/travel-grant.php) is available to cover the registration fee of up to two tutorials.
Growing complexity of system-on-chip (SoC) and ever increasing cost of IC fabrication have forced the semiconductor industry to shift to a horizontal model. In this model, SoC designers integrate third party intellectual property (3PIPs) with their SoC design, and then outsource the design to contract foundries and assemblies located across the globe for fabrication, test and packaging. To protect the SoC supply chain from vulnerabilities such as IP piracy, IC overproduction, cloning, tampering, researchers have proposed several techniques e.g., IP encryption, logic obfuscation, secure split test. However, recent literatures have pointed out some of the limitations of these approaches. Therefore, it is crucial to have in depth understanding of the security provided by different IP encryption, logic obfuscation techniques and their limitations.
The goal of this tutorial is to present (i) the threat posed by each entity in the SoC supply chain, (ii) different IP encryption and logic obfuscation techniques and their limitations, (iii) facilitating manufacturing and tests without unlocking the chip, (iv) unique unlocking key for each chip, (v) secure key transfer from IP provider to fabricated chips, and (vi) preventing the ICs from recycling and cloning.
This tutorial seeks to showcase the use of Trusted Platform Modules (TPM) and Trusted Execution Environments (TEE) as they pertain to providing isolated security environments and metrics usable by every major component of a platform. Hardware security implementations, modern operating systems including some of their software and firmware utilize measurements from TPMs to ensure the reliability of platforms. We will discuss Intel technologies such as Intel Trusted Execution Technology (TXT) and how it uses TPMs to measure platform components. We will also showcase how BIOS platforms utilize TPMs to ensure the SPI flash has not been tampered with and explain Intel boot guard technology. Furthermore, modern operating systems have dependencies on TPMs and we will discuss how Windows 10 uses them to ensure Virtualization Based Security (VBS) has not been tampered with. Lastly we will also discuss modern TEEs such as ARM TrustZone, and Intel SGX and how those can be used to provide secure code isolation. We will engage with the audience to showcase the usage of TPMs and TEEs by going over their history, their applicability and showing how both are used in hardware, platform firmware and on operating system security features.
The objective of this tutorial is to summarize and present the available body of knowledge in trusted and secure design of analog/mixed-signal/RF ICs/IPs, covering both known vulnerabilities and available remedies. Furthermore, this tutorial seeks to discuss the limitations of the current state-of-the-art in this topic, highlight the concomitant risks, and suggest research directions and steps to be taken toward designing, fabricating and deploying trusted and secure analog/mixed-signal/RF circuits. More specifically, a comprehensive survey of the relevant literature will be provided, organized around four themes: (i) hardware Trojans and Trojan states in analog/mixed-signal/RF ICs along with existing detection/prevention methods, (ii) analog/mixed-signal/RF IP piracy scenarios and techniques for proving authenticity and ownership, (iii) analog/mixed-signal/RF IC counterfeiting and detection mechanisms, and (iv) limitations of existing methods in the analog/mixed-signal and RF domain, focusing on the gaps that exist in our current understanding of this problem and potential directions towards filing them and mitigating the threats in analog/mixed-signal/RF ICs/IPs.
Crucial and critical needs of security and trust requirements are growing in all classes of applications, manufacturing, automobiles, electronic voting machines, wearable devices etc. The increased integration and reliance on remote and embedded electronics as the basis for personal, commercial, and growing industrial systems in internet of things (IoT) is driving the need for upgraded security and trust in these cyber-physical systems (CPS). Remote access or control of a single sensor or micro-controller by a hacker can lead to full control on entire electronic network. This situation is expanding rapidly posing serious security and privacy challenge to manufacturers as well as customers/operators, and requires immediate and tactfully strategic solution to avoid conceivable property and human losses and to counter the advantage made available to adversaries by the increasing complexity of software and hardware and the additional flexibility provided by mobile devices to interact with these systems.
The objective of this tutorial is to perform in-depth overview of IoTs, the architectures and design flow and evaluate the security requirements in design framework using threat models. Furthermore, the tutorial will investigate emerging hardware based security solutions to provide enhanced level of security and trust.