The proliferation of computers in any domain is followed by the proliferation of malware in that domain. Systems, including the latest mobile platforms, are laden with viruses, rootkits, spyware, adware and other classes of malware. Despite the existence of anti-virus software, malware threats persist and are growing as there exist a myriad of ways to… (More)
—Hardware components can contain hidden back-doors, which can be enabled with catastrophic effects or for ill-gotten profit. These backdoors can be inserted by a malicious insider on the design team or a third-party IP provider. In this paper, we propose techniques that allow us to build trustworthy hardware systems from components designed by untrusted… (More)
Hardware design today bears similarities to software design. Often vendors buy and integrate code acquired from third-party organizations into their designs, especially in embedded/system-on-chip designs. Currently, there is no way to determine if third-party designs have built-in backdoors that can compromise security after deployment. The key observation… (More)
There have been many attacks that exploit side-effects of program execution to expose secret information and many proposed countermeasures to protect against these attacks. However there is currently no systematic, holistic methodology for understanding information leakage. As a result, it is not well known how design decisions affect information leakage or… (More)
—Most security mechanisms proposed to date unques-tioningly place trust in microprocessor hardware. This trust, however, is misplaced and dangerous because microprocessors are vulnerable to insider attacks that can catastrophically compromise security, integrity and privacy of computer systems. In this paper, we describe several methods to strengthen the… (More)
This defense-in-depth approach uses static analysis and runtime mechanisms to detect and silence hardware backdoors.
Recent advances in hardware security have led to the development of FANCI (Functional Analysis for Nearly-Unused Circuit Identification), an analysis algorithm that identifies stealthy, malicious circuits within hardware designs that can perform backdoor operations to compromise security. Evaluations of such methods using benchmarks and academically known… (More)