International Research Journal of Innovations in Engineering and Technology - IRJIET International Open Access, Monthly, Peer Reviewed, Reputed Journal ISSN (online): 2581-3048

Impact Factor (2025): 6.9

DOI Prefix: 10.47001/IRJIET

Hardware Security and Trust: Trends, Challenges, and Design Tools

Abstract

Hardware security in the cyber security domain had become a more of a controversial topic over the past decade due to the introduction of new design technologies in semiconductors and expansion of global supplier chains. In proportion to the technological advancement of hardware production, the success rate of the existing hardware attacks had also evolved over the time with a significantly high rate of emergence of new attacking techniques and methods. Computing hardware is becoming a more and more attractive attack surface due to several reasons. The technology of analyzing the hardware components is becoming more and more affordable and accessible to the general public than before. Also due to the influx of IoT devices in the market, trend of simplifying the design structure to decrease the power consumption and maximizing the processing speed has become the theme of modern hardware implementations rather than the security of the devices. When considering the market demand and user requirements, it is more obvious for the computer manufacturers to give priority to user requirements rather than stressing more on the security aspects of their designs and devices. But there could be some catastrophic outcomes if the security aspects of these hardware tends to fail in a critical infrastructure, because these semiconductors are used in devices ranging from simple IoT devices to more complex systems like SCADA systems. Therefore, it is always a better approach to find a balance ground between the user requirement as well as the security of the hardware, without compromising either of both in the design and development. In this article, it presents an overall insight to trends in Hardware Security domain, specifically related to modern computer hardware design and manufacturing processes, distribution, usage, their disposal and recycling. These various stages are analyzed under Three main objectives of exposing the threats to computer hardware, suggesting countermeasures to minimize or eliminate those threats and discussing about the utilization of various design tools that can assist in the way to securing these computer hardware systems in their day-to-day applications.

Country : Sri Lanka

1 S.M.D.N.Siriwardana

  1. Fellow, IEEE, Undergraduate in Cyber Security, Sri Lanka Institute of Information Technology (SLIIT), Malabe, Sri Lanka

IRJIET, Volume 8, Issue 1, January 2024 pp. 119-127

doi.org/10.47001/IRJIET/2024.801016

Full Paper
Download

References

  1. A.N. a. S. Madnick, "A Systems Theoretic Approach to the Security Threats in Cyber Physical Systems Applied to Stuxnet," IEEE Transactions on Dependable and Secure Computing, vol. 15, no. 1, pp. 2-13, 2018.
  2. R. T. X. G. Z. X. a. T. L. J. Tian, "Moving Target Defense Approach to Detecting Stuxnet-Like Attacks," IEEE Transactions on Smart Grid, vol. 11, no. 1, pp. 291-300, 2020.
  3. A.K. H. N. T. J. C. B. M. L. A. a. K. T. A. Borys, "An Evaluation of IoT DDoS Cryptojacking Malware and Mirai Botnet," in 2022 IEEE World AI IoT Congress (AIIoT), Seattle, WA, USA, 2022.
  4. H. k. Idriss, "Mirai Botnet In Lebanon," in 2020 8th International Symposium on Digital Forensics and Security (ISDFS), Beirut, Lebanon, 2020.
  5. B. R. M. F. a. B. S. G. Gallopeni, "A Practical Analysis on Mirai Botnet Traffic," in 2020 IFIP Networking Conference (Networking), Paris, France.
  6. Y. -P. S. Y. -R. C. Y. -T. C. a. S. -J. C. C. -H. Lin, "Empirical Study of Proposed Meltdown Attack Implementation on BOOM v3," in 2022 IEEE 65th International Midwest Symposium on Circuits and Systems (MWSCAS), Fukuoka, Japan, 2022.
  7. Y. -D. S. S. -R. O. a. Y. -G. K. E. Lee, "A Survey on Standards for Interoperability and Security in the Internet of Things," IEEE Communications Surveys & Tutorials, vol. 23, no. 2, pp. 1020-1047, 2021.
  8. D. L. J. L. V. C. M. L. S. L. a. J. F. F. Chen, "Arm PSA-Certified IoT Chip Security: A Case Study," Tsinghua Science and Technology, vol. 28, no. 2, pp. 244-257, 2022.
  9. T. K. a. Y. Shin, "Thermal Bleed: A Practical Thermal Side-Channel Attack," IEEE Access, vol. 10, no. 1, pp. 25718-25731, 2022.
  10. M. P. a. A. Z. B. B. Yilmaz, "Electromagnetic Side Channel Information Leakage Created by Execution of Series of Instructions in a Computer Processor," IEEE Transactions on Information Forensics and Security, vol. 15, no. 1, pp. 776-789, 2020.
  11. V. F. P. A. K. C. a. E. S. K. Dhananjay, "High Bandwidth Thermal Covert Channel in 3-D-Integrated Multicore Processors," IEEE Transactions on Very Large Scale Integration (VLSI) Systems, vol. 30, no. 11, pp. 1654-1667, 2022.
  12. N. M. W. X. S. K. a. J. S. S. Deng, "Evaluation of Cache Attacks on Arm Processors and Secure Caches," IEEE Transactions on Computers, vol. 71, no. 9, pp. 2248-2262, 2022.
  13. B. C. Y. L. a. H. W. C. Wang, "Layered Object-Oriented Programming: Advanced VTable Reuse Attacks on Binary-Level Defense," IEEE Transactions on Information Forensics and Security, vol. 14, no. 3, pp. 693-708, 2019.
  14. X. L. Z. L. a. Y. W. L. Che, "False Data Injection Attacks Induced Sequential Outages in Power Systems," IEEE Transactions on Power Systems, vol. 34, no. 2, pp. 1513-1523, 2019.
  15. H. U. A. K. a. N. C. S. N. B. Gaikwad, "The Internet-of-Battlefield Things (IoBT)-Based Enemy Localization Using Soldiers Location and Gunshot Direction," IEEE Internet of Things Journal, vol. 7, no. 12, pp. 11725-11734, 2020.
  16. F. S. B. P. D. G.-C. A. V. D. B. T. V. R. D. J. S. Q. Vey, "POUCET: A Multi-Technology Indoor Positioning Solution for Firefighters and Soldiers," in 2021 International Conference on Indoor Positioning and Indoor Navigation (IPIN), Lloret de Mar, Spain, 2021.
  17. L. X. F. Z. J. Z. M. L. Y. L. K. H. Y. L. N. Xiao, "An Architecture of Cross-Domain Support System for Multiple Space Command and Control Platforms," in 2021 IEEE Aerospace Conference (50100), Big Sky, MT, USA, 2021.
  18. M. Y. a. S. W. N. Hu, "Surviving Information Leakage Hardware Trojan Attacks Using Hardware Isolation," IEEE Transactions on Emerging Topics in Computing, vol. 7, no. 2, pp. 253-261, 2019.
  19. S. H. E. A. A. B. T. M. A. a. W. J. D. M. Mohammadi, "Energy Efficient On-Demand Dynamic Branch Prediction Models," IEEE Transactions on Computers, vol. 69, no. 3, pp. 453-465, 2020.
  20. P. S. a. L. K. Singh, "Reliability and Safety Engineering for Safety Critical Systems: An Interview Study With Industry Practitioners," IEEE Transactions on Reliability, vol. 70, no. 2, pp. 643-653, 2021.
  21. F. A. Y. I. O. A. Y. S. O. A. a. O. O. H. Ahangari, "Analysis of Design Parameters in Safety-Critical Computers," IEEE Transactions on Emerging Topics in Computing, vol. 8, no. 3, pp. 712-723, 2020.
  22. C. -Y. C. M. H. S. L. S. M. a. M. C. F. Abdi, "Preserving Physical Safety Under Cyber Attacks," IEEE Internet of Things Journal, vol. 6, no. 4, pp. 6285-6300, 2019.
  23. H. T. Q. M. A. M. a. S. E. A. Vasselle, "Laser-Induced Fault Injection on Smartphone Bypassing the Secure Boot-Extended Version," IEEE Transactions on Computers, vol. 69, no. 10, pp. 1449-1459, 2020.
  24. J. -Y. P. D. -G. H. a. S. B. Y. -S. Won, "Practical Cold boot attack on IoT device - Case study on Raspberry Pi -," in 2020 IEEE International Symposium on the Physical and Failure Analysis of Integrated Circuits (IPFA), Singapore, 2020.
  25. K. N. R. C. G. P. D. a. G. P. K. A. Adithyan, "Reverse Engineering and Backdooring Router Firmwares," in 2020 6th International Conference on Advanced Computing and Communication Systems (ICACCS), Coimbatore, India, 2020.
  26. L. L. Y. Z. B. P. a. X. F. C. Gao, "Microcontroller Based IoT System Firmware Security: Case Studies," in 2019 IEEE International Conference on Industrial Internet (ICII), Orlando, FL, USA, 2019.
  27. O. M. a. J. S. Kim, "RowHammer: A Retrospective," IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 39, no. 8, pp. 1555-1571, 2020.
  28. Y. C. D. L. S. N. Z. W. a. Y. Y. Z. Zhang, "PThammer: Cross-UserKernel-Boundary Rowhammer through Implicit Accesses," in 2020 53rd Annual IEEE/ACM International Symposium on Microarchitecture (MICRO), Athens, Greece, 2020.
  29. A.P. F. a. O. K. L. P. Fraile, "Revisiting Rowhammer Attacks in Embedded Systems," in 2019 14th International Conference on Design & Technology of Integrated Systems In Nanoscale Era (DTIS), Mykonos, Greece, 2019.
  30. M. B. a. H. Yun, "Memory-Aware Denial-of-Service Attacks on Shared Cache in Multicore Real-Time Systems," IEEE Transactions on Computers, vol. 71, no. 9, pp. 2351-2357, 2022.
  31. C. S. Y. a. B. P. P. Kumar, "DAMARU: A Denial-of-Service Attack on Randomized Last-Level Caches," IEEE Computer Architecture Letters, vol. 20, no. 2, pp. 138-141, 2021.
  32. A.J. a. R. Davies, "Speculative Execution Attack Methodologies (SEAM): An overview and component modelling of Spectre, Meltdown and Foreshadow attack methods," in 2019 7th International Symposium on Digital Forensics and Security (ISDFS), Barcelos, Portugal, 2019.
  33. H. L. a. F. Y. M. H. Islam Chowdhuryy, "BranchSpec: Information Leakage Attacks Exploiting Speculative Branch Instruction Executions," in 2020 IEEE 38th International Conference on Computer Design (ICCD), Hartford, CT, USA, 2020.
  34. C. S. M. S. a. S. K. P. Aimoniotis, "Reorder Buffer Contention: A Forward Speculative Interference Attack for Speculation Invariant Instructions," IEEE Computer Architecture Letters, vol. 20, no. 2, pp. 162-165, 2021.
  35. S. C. Y. X. Y. Z. Z. L. a. T. H. L. G. Chen, "SgxPectre: Stealing Intel Secrets from SGX Enclaves Via Speculative Execution," in 2019 IEEE European Symposium on Security and Privacy (EuroS&P), Stockholm, Sweden, 2019.
  36. S. R. H. H. a. S. M. P. D. A. Dhavlle, "CR-Spectre: Defense-Aware ROP Injected Code-Reuse Based Dynamic Spectre," in 2022 Design, Automation & Test in Europe Conference & Exhibition (DATE), Antwerp, Belgium, 2022.
  37. J. K. a. Y. S. T. Kim, "Constructing Covert Channel on Intel CPUiGPU platform," in 2021 International Conference on Information Networking (ICOIN), Jeju Island, Korea (South), 2021.
  38. H. N. N. A.-G. A. M. a. K. B. S. B. Dutta, "Leaky Buddies: Cross Component Covert Channels on Integrated CPU-GPU Systems," in 2021 ACM/IEEE 48th Annual International Symposium on Computer Architecture (ISCA),, Valencia, Spain, 2021.
  39. X. X. Y. Z. a. J. Y. Y. Guo, "Leaky Way: A Conflict-Based Cache Covert Channel Bypassing Set Associativity," in 2022 55th IEEE/ACM International Symposium on Microarchitecture (MICRO), Chicago, IL, USA, 2022.
  40. L. O. J. S. K. J. G. L. A. G. Y. M. A. I. P. O. M. J. Haj-Yahya, "IChannels: Exploiting Current Management Mechanisms to Create Covert Channels in Modern Processors," in 2021 ACM/IEEE 48th Annual International Symposium on Computer Architecture (ISCA), Valencia, Spain, 2021.
  41. Y. T. B. A. a. R. L. V. Martinoli, "Recovering Information on the CVA6 RISC-V CPU with a Baremetal Micro-Architectural Covert Channel," in 2022 IEEE 28th International Symposium on On-Line Testing and Robust System Design (IOLTS), Torino, Italy, 2022.
  42. B. B. Y. A. Z. a. M. P. N. Sehatbakhsh, "A New Side-Channel Vulnerability on Modern Computers by Exploiting Electromagnetic Emanations from the Power Management Unit," in 2020 IEEE International Symposium on High Performance Computer Architecture (HPCA), San Diego, CA, USA, 2020.
  43. S. S. M. a. M. Stojilović, "Physical Side-Channel Attacks and Covert Communication on FPGAs: A Survey," in 2019 29th International Conference on Field Programmable Logic and Applications (FPL), Barcelona, Spain, 2019.
  44. A.Z. Y. Z. a. J. Y. Y. Guo, "Adversarial Prefetch: New Cross-Core Cache Side Channel Attacks," in 2022 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 2022.
  45. B. R. a. A. M. P. Poudel, "Microcontroller TRNGs Using Perturbed States of NOR Flash Memory Cells," IEEE Transactions on Computers, vol. 68, no. 2, pp. 307-313, 2019.
  46. J. Z. H. L. L. S. a. Y. W. L. Gong, "True Random Number Generators Using Electrical Noise," IEEE Access, vol. 7, no. 1, pp. 125796-125805, 2019.
  47. J. M. a. M. O’Neill, "Fast DRAM PUFs on Commodity Devices," IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 39, no. 11, pp. 3566-3576, 2020.
  48. Z. L. a. Y. Guan, "RUDBA: Reusable User-Device Biometric Authentication Scheme for Multi-service Systems," in 2021 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), Tysons Corner, VA, USA, 2021.
  49. Y. C. a. C. -H. C. Y. Zheng, "UDhashing: Physical Unclonable Function-Based User-Device Hash for Endpoint Authentication," IEEE Transactions on Industrial Electronics, vol. 66, no. 12, pp. 9559-9570, 2019.
  50. Y. C. a. C. -H. C. Y. Zheng, "A PUF-Based Data-Device Hash for Tampered Image Detection and Source Camera Identification," IEEE Transactions on Information Forensics and Security, vol. 15, no. 1, pp. 620-634, 2019.
  51. Y. Z. a. C. -H. C. J. X. Soo, "Live Demonstration: Event-Driven Physical Unclonable Function for Proactive Monitoring System by Dynamic Vision Sensor," in 2021 IEEE International Symposium on Circuits and Systems (ISCAS), Daegu, Korea, 2021.
  52. X. Z. T. S. Y. C. a. C. -H. C. Y. Zheng, "Ed-PUF: Event-Driven Physical Unclonable Function for Camera Authentication in Reactive Monitoring System," IEEE Transactions on Information Forensics and Security, vol. 15, no. 1, pp. 2824-2839, 2020.
  53. C. D. R. S. M. S. K. D. N. A. T. K. S. C. -K. P. T. -T. Hoang, "Trusted Execution Environment Hardware by Isolated Heterogeneous Architecture for Key Scheduling," IEEE Access, vol. 10, no. 1, pp. 46014-46027, 2022.
  54. K. N. S. J. Y. C. a. Y. P. H. Oh, "MeetGo: A Trusted Execution Environment for Remote Applications on FPGA," IEEE Access, vol. 9, no. 1, pp. 51313-51324, 2021.
  55. C. C. P. L. X. X. X. G. S. Z. M. Y. T. J. L. Guan, "Building a Trustworthy Execution Environment to Defeat Exploits from both Cyber Space and Physical Space for ARM," IEEE Transactions on Dependable and Secure Computing, vol. 16, no. 3, pp. 438-453, 2019.
  56. H. S. A. S. S. R. a. H. H. H. Wang, "Hybrid-Shield: Accurate and Efficient Cross-Layer Countermeasure for Run-Time Detection and Mitigation of Cache-Based Side-Channel Attacks," in 2020 IEEE/ACM International Conference On Computer Aided Design (ICCAD), San Diego, CA, USA, 2020.
  57. H. S. T. M. L. Z. A. S. S. R. H. H. H. Wang, "Mitigating CacheBased Side-Channel Attacks through Randomization: A Comprehensive System and Architecture Level Analysis," in 2020 Design, Automation & Test in Europe Conference & Exhibition (DATE), Grenoble, France, 2020.
  58. P. R. a. F. L. S. Liu, "Protection of Associative Memories Using Combined Tag and Data Parity (CTDP)," IEEE Transactions on Nanotechnology, vol. 20, no. 1, pp. 1-9, 2021.
  59. M. C. P. a. D. H. Lee, "Random CFI (RCFI): Efficient Fine-Grained Control-Flow Integrity Through Random Verification," IEEE Transactions on Computers, vol. 70, no. 5, pp. 733-745, 2021.
  60. C. B. a. A. Srivastava, "Reducing Timing Side-Channel Information Leakage Using 3D Integration," IEEE Transactions on Dependable and Secure Computing, vol. 16, no. 4, pp. 665-678, 2019.
  61. L. C. a. W. F. D. Zoni, "Design of Side-Channel-Resistant Power Monitors," IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 41, no. 5, pp. 1249-1263, 2022.
  62. J. H. M. P. Y. J. a. Y. Z. H. Ma, "Automatic On-Chip Clock Network Optimization for Electromagnetic Side-Channel Protection," IEEE Journal on Emerging and Selected Topics in Circuits and Systems, vol. 11, no. 2, pp. 371-382, 2021.
  63. D. D. a. S. S. M. Nath, "A Multipole Approach Toward On-Chip Metal Routing for Reduced EM Side-Channel Leakage," IEEE Microwave and Wireless Components Letters, vol. 31, no. 6, pp. 685-688, 2021.
  64. E. V. L. a. A. P. C. M. Ashok, "Randomized Switching SAR (RSSAR) ADC for Power and EM Side-Channel Security," IEEE SolidState Circuits Letters, vol. 5, no. 1, pp. 247-250, 2022.
  65. M. Y. C. C. M. O. T. S. a. L. K. R. Jevtic, "EM Side-Channel Countermeasure for Switched-Capacitor DC–DC Converters Based on Amplitude Modulation," IEEE Transactions on Very Large Scale Integration (VLSI) Systems, vol. 29, no. 6, pp. 1061-1072, 2021.
  66. E. T.-S. J. M. M.-G. M. V.-B. a. C. J. J.-F. F. E. Potestad-Ordóñez, "Trivium Stream Cipher Countermeasures Against Fault Injection Attacks and DFA," IEEE Access, vol. 9, no. 1, pp. 168444-168454, 2021.
  67. C. S. a. Z. W. H. Li, "Detecting Fault Injection Attacks Based on Compressed Sensing and Integer Linear Programming," IEEE Transactions on Dependable and Secure Computing, vol. 16, no. 3, pp. 476-483, 2019.
  68. S. C. P. C. T. H. a. S. B. A. Alaql, "LeGO: A Learning-Guided Obfuscation Framework for Hardware IP Protection," IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 41, no. 4, pp. 854-867, 2022.
  69. U. R. M. L. a. T. N. M. Grailoo, "Hardware-assisted Neural Network IP Protection using Non-malicious Backdoor and Selective Weight Obfuscation," in 2022 IEEE 15th Dallas Circuit And System Conference (DCAS), Dallas, TX, USA, 2022.
  70. A.S. a. M. Rathor, "HLS Based IP Protection of Reusable Cores Using Biometric Fingerprint," IEEE Letters of the Computer Society, vol. 3, no. 2, pp. 42-45, 2020.
  71. W. H. H. D. a. W. X. L. Xiao, "A hardware intellectual property protection scheme based digital compression coding technology," in 2019 IEEE International Conference on Smart Cloud (SmartCloud), Tokyo, Japan, 2019.
  72. M. A. O. S. a. J. K. S. Patnaik, "A Modern Approach to IP Protection and Trojan Prevention: Split Manufacturing for 3D ICs and Obfuscation of Vertical Interconnects," IEEE Transactions on Emerging Topics in Computing, vol. 9, no. 4, pp. 1815-1834, 2021.
  73. B. Olney and R. Karam, "WATERMARCH: IP Protection through Authenticated Obfuscation in FPGA Bitstreams," IEEE Embedded Systems Letters, vol. 13, no. 3, pp. 81-84, 2021.
  74. Y. W. a. W. Yu, "Combining Thermal Maps With Inception Neural Networks for Hardware Trojan Detection," IEEE Embedded Systems Letters, vol. 13, no. 2, pp. 45-48, 2021.
  75. H. S. Z. F. H. L. W. Z. a. X. L. R. Lu, "HTDet: A clustering method using information entropy for hardware Trojan detection," Tsinghua Science and Technology, vol. 26, no. 1, pp. 48-61, 2021.
  76. L. K. K. A. K. C. A. K. a. L. N. H. Zhao, "Applying Chaos Theory for Runtime Hardware Trojan Monitoring and Detection," IEEE Transactions on Dependable and Secure Computing, vol. 17, no. 4, pp. 716-729, 2020.
  77. U. A. a. F. Gebali, "Hardware Trojan Detection Using Reconfigurable Assertion Checkers," IEEE Transactions on Very Large Scale Integration (VLSI) Systems, vol. 27, no. 7, pp. 15751586, 2019.
  78. S. P. a. O. S. N. Limaye, "Valkyrie: Vulnerability Assessment Tool and Attack for Provably-Secure Logic Locking Techniques," IEEE Transactions on Information Forensics and Security, vol. 17, no. 1, pp. 744-759, 20022.
  79. W. H. Y. C. W. W. Y. G. M. W. K. L. S. N. Y. X. Z. Zhang, "BitMine: An End-to-End Tool for Detecting Row hammer Vulnerability," IEEE Transactions on Information Forensics and Security, vol. 16, no. 1, pp. 5167-5181, 2021.
  80. J. H. Y. L. L. L. Y. Z. a. Y. J. H. Ma, "Security-Driven Placement and Routing Tools for Electromagnetic Side-Channel Protection," IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 40, no. 6, pp. 1077-1089, 2021.
  81. J. Moos, "Cyber Forensics in a Post Stuxnet World," ITNOW, vol. 57, no. 4, pp. 32-33, 2015.

Copyright @ 2026-2017 IRJIET. All Right Reserved.

Developed by Byzero Technologies