Tutorial T2B: Hardware Intellectual Property (IP) Security and Trust: Challenges and Solutions

摘要

Reusable hardware intellectual property (IP) based System-on-Chip (SoC) design has emerged as a pervasive design practice in the industry to dramatically reduce design/verification cost while meeting aggressive time-to-market constraints. Growing reliance on reusable, functionally pre-verified hardware IPs and wide array of CAD tools during SoC design - often gathered from untrusted 3rd party vendors - severely affects the security and trustworthiness of SoC computing platforms. Major security issues in the hardware IPs at different stages of SoC life cycle include piracy during IP evaluation, reverse engineering, and cloning, counterfeiting, as well as malicious, hard-to-detect hardware modifications in the hardware IPs. The global electronic piracy market is growing rapidly and is now estimated to be over $1B/day [1], of which a significant part is related to hardware IPs. Due to evergrowing computing demands, modern SoCs tend to include many heterogeneous processing IP cores, together with reconfigurable cores e.g. embedded FPGA in order to incorporate logic that is likely to change as standards and requirements evolve. Such design practices greatly increase the number of untrusted components in the SoC design flow and make the overall system security a pressing concern. There is a critical need to analyze the SoC security issues and attack models due to involvement of multiple untrusted entities through the 3rd party IP (3-PIP) route - and develop low-cost effective countermeasures. These countermeasures would encompass hardware encryption and obfuscation, intelligent automatic test pattern generation (ATPG), hardware watermarking and fingerprinting, and certain analytic methods derived from the behavioral aspects of the hardware IPs to enable trusted operation with untrusted components. In this tutorial, we plan to provide a comprehensive coverage of both fundamental concepts and recent advances in validation of security and trust of hardware IPs. It examines the state-of-the-art in research in this challenging area as well as industrial practice, and points to important gaps that need to be filled in order to develop a validation and debug flow to establish the necessary trust level of hardware IPs, eventually leading to secure SoC systems. The tutorial presenters with complementary areas of expertise and extensive experience of consulting for leading companies and R&D labs will provide a unique snapshot of the challenges, cutting-edge solutions and open problems in this area. The selection of topics covers a broad spectrum and will be of interest to a wide audience including design, validation, security, and debug engineers. The proposed tutorial consists of four parts. The first part introduces security vulnerabilities and various challenges associated with trust validation for hardware IPs. Part II covers various demonstrated attacks and design modification based countermeasures such as hardware watermarking and obfuscation. Part III covers formal methods, simulation-based approaches as well as side channel analysis for security and trust validation in hardware IPs. Finally, Part V concludes this tutorial with discussion on emerging issues and future directions.