TC: Small: Collaborative Research: Exploration and Validation of Hardware Primitives for Security and Trust

TC：小型：协作研究：安全性和信任的硬件原语的探索和验证

• 批准号: 1018748
• 负责人: James Plusquellic
• 金额: $ 36.13万
• 依托单位: University of New Mexico
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2010
• 资助国家: 美国
• 起止时间: 2010-08-01 至 2015-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1018748&HistoricalAwards=false
• 关键词: TC; Small; Collaborative; Research; Exploration

Hardware-level security and trust in many of society's microelectronic-based infrastructures, e.g., transportation, energy, etc., is inadequate. This project investigates chip-level hardware primitives that are designed to improve the security and trust in such systems. In particular, many security mechanisms depend on a secret, unique identifier that is associated with the chip or board in the system. An embedded digital signature inserted by the manufacturer is not secure because it can be extracted by adversaries. A physical unclonable function (PUF) is a recent approach for providing an entire set of secure, unique identifiers for each chip. PUFs are chip-level primitives that leverage the intrinsic and random manufacturing variations of the process technology. A PUF that measures the resistance variations in the chip's power grid is investigated as a hardware primitive for providing secure, unique identifiers. Similarly, integrated circuit trust relates to the degree of confidence one has that a fabricated instance of a chip implements only those functions described in the original specification -- nothing more and nothing less. There are increasing opportunities for adversaries to secretly change a chip's function given the trend of the industry to disseminate the chip fabrication process over many organizations. "Trust but verify" is likely the only approach to dealing with this threat. To support this verification process, a set of hardware primitives are investigated that are designed to measure the parametric, analog characteristics of chip as a means of detecting any malicious logic that might have been inserted by an adversary. A chip built in an advanced technology is used to experimentally validate the PUF and hardware Trojan detection methods.

许多基于微电子的社会基础设施中的硬件级安全和信任，例如，交通，能源等等，是不够的。该项目研究芯片级硬件原语，旨在提高此类系统的安全性和信任度。特别地，许多安全机制依赖于与系统中的芯片或板相关联的秘密的唯一标识符。由制造商插入的嵌入式数字签名是不安全的，因为它可以被对手提取。物理不可克隆功能（PUF）是一种为每个芯片提供完整的安全唯一标识符集的最新方法。PUF是利用工艺技术的固有和随机制造变化的芯片级基元。测量芯片电网中电阻变化的PUF被研究为用于提供安全的唯一标识符的硬件原语。 类似地，集成电路信任关系到一个人对一个芯片的制造实例只实现了原始规范中描述的功能的置信度--不多也不少。鉴于业界将芯片制造过程传播到许多组织的趋势，对手秘密改变芯片功能的机会越来越多。“信任但核实”可能是应对这一威胁的唯一方法。为了支持这个验证过程中，一组硬件原语进行了调查，旨在测量芯片的参数，模拟特性作为一种手段，检测任何恶意的逻辑，可能已经插入了一个对手。采用先进的芯片技术对PUF和硬件木马检测方法进行了实验验证。