HOST 2023 | IEEE International Symposium on Hardware Oriented Security and Trust

HOST 2023 Tutorial Program, May 1, 2023

9:30 - 12:00 Session 1: TUTORIALS 1 - 2
T1. Secure Heterogeneous Integration
Farimah Farahmandi (bio) - University of Florida
Mark Tehranipoor (bio) - University of Florida

Abstract: Heterogeneous integration (HI) has emerged as a promising technology to sustain the momentum of the integrated circuit (IC) transistor density growth in a post-Moore’s law world such that the semiconductor industry can benefit from the trend by improved yield, significant cost savings, and short time-to-market. The ground-breaking integration solution would present a paradigm shift to the global semiconductor supply chain since the core idea of HI is to disaggregate a large circuit design into smaller parts which are fulfilled as individual third-party silicon dies (at different technology nodes), so-called chiplets, and then assemble them in a stereoscopic 2.5D/3D system-in-package (SiP). More specifically, the SiP designer or HI integrator would purchase the modular third-party dies from the open market to build up their desired functionality, waving the enormous design and verification efforts. Next, the individual dies are installed and interconnected on an interposer to constitute a functional system during the integration phase; the consequent system will be packaged and tested before entering the user domain and being deployed in-field. Given the offshore entities such as chiplet designers, wafer foundries, and packaging facilities in the horizontal business model, SiP designers/integrators, the owners of the HI-based product, have very limited capabilities to guarantee or verify the security of chiplets and systems.

Although the hardware security topic has been extensively investigated over the past decades, feasible solutions and security awareness from the community remain deficient to address the new threat model raised by the upcoming HI ecosystem. In detail, existing methodologies on the conventional monolithic system-on-chip (SoC) rely on either a golden reference as the foothold for security inspection or the observability of the source design files for static and dynamic analysis. Nevertheless, in the HI supply chain, only black-box chiplet dies are available for integration such that it is extremely hard to check their conformance to the specification or any potential malicious logic. Moreover, a complicated SiP comprises many security assets to be targeted by adversaries whereas run-time monitoring/protection is very challenging because of the high speed and throughput of the on-chip traffic as well as the lack of the root of trust in chiplets. Therefore, it is imperative to scrutinize the security vulnerabilities throughout the lifecycle of HI-based systems, investigate the drawbacks of existing SoC-centric security solutions, and develop novel schemes against potential attack vectors.

The goal of this tutorial is to present (i) the threat model: the role of each entity in the HI supply chain and their associated security risks, (ii) vulnerabilities introduced during various stages of the design lifecycle, (iii) security assessment and countermeasures against potential threats, and (vi) challenges and research roadmap ahead.

T2. A Tutorial on Laser Fault Injection: Theory, Practice, Simulation, and Countermeasures
Jean-Max Dutertre (bio) - Ecole des Mines de Saint-Etienne, France
Bodo Selmke (bio) - Fraunhofer Institute for Applied and Integrated Security, Germany

Abstract: Laser Fault Injection (LFI) stands out among other FI techniques in terms of accuracy, both spatially and in time. Its effect is almost restricted to the gates inside the laser spot: it is capable of injecting faults at bit level. It also injects transient faults that can last from a single clock period to several hundreds. Similarly, to other FI techniques, it can be used to fault data in motion (while targeting the target’s logic), but it is also able to fault data at rest (when stored in registers or the RAM memory). As a result, LFI is a potent threat against secure devices that cannot be ignored.

The goal of the proposed tutorial is to give a broad overview over fault attacks and laser fault injection in particular. Hence, the audience would get an understanding of what can be achieved by LFI and what are countermeasures against it. Therefore, we will discuss not only the physical theory behind LFI but also the practical aspects and challenges relevant for actually carrying out an attack. We will give a complete overview about the topic and put a strong focus on understanding LFI threats (and weaknesses) and on reporting actual experimental results on various targets. In the end the audience would be able to understand LFI mechanisms (from its physical origin to LFI fault models), what are the different components of an LFI setup, how to use an LFI setup, how to assess and simulate a design’s vulnerabilities, and what can be done on a defender’s side to protect from LFI attacks.
12:00 - 13:00 Break
13:00 - 14:30 Session 2: TUTORIALS 3 - 5
T3. Designing and Building More Secure Hardware with CWE™ - A Year in Review
Jason Oberg (bio) - Cycuity
Bob Heinemann (bio) - MITRE

Abstract: Common Weakness Enumeration (CWE™) was first introduced in 2006 as a community-developed method for cataloging security weaknesses in software to provide a consistent language for the industry to talk about the root-cause mistakes that lead to vulnerabilities. By providing a public list of common software weaknesses, the software industry widely adopted CWE to prioritize the weaknesses that were most relevant for their products, effectively ranking the highest impact weaknesses, and ultimately providing the basis of building a security development lifecycle for software. The use of CWE continues to become more pervasive in the software security community.

In February 2020, CWE expanded its scope into hardware weaknesses for the first time. It currently enumerates over 100 hardware weaknesses across 13 different categories and is a promising start to provide an industry-aligned initiative to build more secure hardware. However, there is much for the industry to learn to use CWE effectively.

In 2022, we introduced hardware CWE to the HOST community through a tutorial and the presentations were well received. Since this last tutorial, there have been significant improvements and changes in the hardware CWE program. This 2023 version of the tutorial will expand on the presentations in 2022 to showcase new developments in Hardware CWE that have happened over the last year.

T4. Hardware Security and Trust Verification
Prabhat Mishra (bio) - University of Florida

Abstract: This tutorial will provide a comprehensive overview of both fundamental concepts and recent advances in hardware security and trust validation using simulation-based approaches, formal methods as well as side-channel analysis. Specifically, the tutorial will consist of four parts. The first part will introduce security vulnerabilities (threats) and various challenges associated with trust validation of hardware IPs. It will highlight recent advances in developing trust metrics and benchmarks. The second part will cover assertion-based security validation utilizing automated generation of security assertions. It will also cover automated test generation techniques for activation of security assertions. The third part will describe how formal verification techniques (including model checking, SAT solving, theorem proving and equivalence checking) can be effectively utilized for validation of hardware security vulnerabilities. The fourth part will discuss how side-channel analysis can be effectively utilized to detect malicious implants. It will conclude with a discussion on integration of security verification in existing functional validation methodology.

T5. Modern PUF Analysis and Design
Roel Maes (bio) - Intrinsic-ID, Netherlands

Abstract: Physical unclonable functions (PUFs) as dedicated security primitives were introduced over 20 years ago. In that time, the PUF concept has steadily been proliferated by academic researchers into numerous different implementations, with wildly varying architectures and technologies, and targeting different use cases. In addition, PUF technology has also found its way into commercial products, in particular serving as a root of trust for a rapidly increasing number of digital silicon systems like MCUs and FPGAs.

Determining the quality of a PUF implementation is important to design a PUF-based solution that meets the requirements of a given system or application. The academic field has established a set of basic PUF quality metrics which can be used to objectively compare different PUF implementations. However, these metrics do not necessarily indicate how well a PUF fits the requirements of a use case, nor do they consider more advanced properties and effects which will impact the PUF’s deployment. For use as an industrial solution, a more all-encompassing analysis of a PUF is essential, and dedicated design solutions for dealing with all its aspects are needed.

The goal of this tutorial is to introduce the audience to a more complete way of analyzing PUF quality, and to new design techniques for guaranteeing an unfaltering operation under all conditions and for meeting challenging requirements. This modern approach for looking at PUFs has proven to be essential in bringing PUF technology from a scientific proof-of-concept to the level of a hardened and complete security product which is widely known and used throughout the semiconductor industry. This tutorial will take the SRAM PUF as a leading example, but the presented concepts can be applied to other PUF architectures in a similar manner.
14:30 - 15:00 Break
15:00 - 17:30 Session 2: TUTORIALS 6 - 7
T6. Physical Inspection for Hardware Assurance
Navid Asadizanjani (bio) - University of Florida

Abstract: In this tutorial we will focus on the physical inspections, physical attacks, reverse engineering, counterfeit detection, advanced and heterogenous package security, etc. of electronics from the device to system level using advanced microscopy, failure analysis (FA) techniques combined with image analysis and machine learning.

We first introduce the advanced techniques for physical inspection and failure analysis on electronic systems and components. More than five different modules will be discussed here to cover different aspects of the topic. The most recent techniques for physical inspection and attacks are based on the tools and methodologies developed for FA in electronics. FA tools are primarily developed to detect a defect during or after fabrication process, but they have good enough resolution to detect Trojans, extract secret keys, or reverse engineer IC if used maliciously. Such tools include different imaging modalities such as optical microscope, scanning electron microscope (SEM), focused ion beam (FIB), photon emission microscope (PEM), X-ray microscopy (XRM), etc. and probe stations. It is worth mentioning that these attacks require a very sophisticated sample preparation process to expose a targeted area for reverse engineering or other measurements.

The attendees will learn the basics of how such advanced microscopes are working and how they are used for physical inspection approaches including: reverse engineering, counterfeit detection, invasive and semi-invasive attacks, on electronics from device to system level.

T7. Side-Channel Analysis: from Concepts to Simulation and Silicon Validation
Gang Qu (bio) - University of Maryland, College Park
Makoto Nagata (bio) - Kobe University, Japan
Lang Lin (bio) - Ansys Inc.

Abstract: Since the report of simple and differential power analysis in the late 1990’s, side-channel analysis (SCA) has been one of the most important and well-studied topics in hardware security. In this tutorial, we will share our insights and experience on SCA by a combination of presentations, embedded demos, and an interactive panel discussion. The three speakers are from academia and industry with rich experience and solid tracking record on hardware security research and practice.

We will start the tutorial with a comprehensive introduction of SCA, including the popular side channels that have been exploited by attackers, common countermeasures, and the simulation based SCA with commercial EDA tools at gate level. Then we will present industry proven flows for fast and effective pre- silicon side channel leakage analysis (SCLA) with focus on physical level power and electromagnetic (EM) side channels. Next, we elaborate how to perform on-chip and in-system side-channel leakage measurements and assessments with system-level assembly options on crypto silicon chips with the help of embedded on-chip noise monitor circuits. Intentional EM injection will be also touched. We will conclude the presentations with some forward-looking discussion on emerging topics such as SCA for security, SCA in AI and machine learning (ML), and pre-silicon SCLA assisted by AI/ML. Short video clips will be embedded in the presentation to showcase SCA by simulation and silicon measurement.

This tutorial is designed for graduate students and professionals from industry and government working in the general fields of EDA, embedded systems, and Internet of Things. Previous knowledge on hardware security, cryptography, side-channel analysis, and EDA design and simulation tools would be helpful, but not required. The audience is expected to learn the foundations and state-of-the-arts in SCA with some hands-on skills. The total length of the tutorial is 150 minutes, including a 10-minute break. The tentative agenda of the tutorial is as follows:
  1. Welcome and introduction
  2. Foundations of side-channel analysis
  3. Simulation-based pre-silicon fast side-channel leakage analysis
  4. Break
  5. On-chip and in-system side-channel leakage measurements and assessments
  6. Demo, Question and Answer, Conclusion