Collaborative Research: CISE-MSI: DP: SaTC: Ensemble of Countermeasures for Malicious Thermal Sensors Attacks

合作研究：CISE-MSI：DP：SaTC：恶意热传感器攻击对策组合

• 批准号: 2219679
• 负责人: Ahmad Patooghy
• 金额: $ 22.12万
• 依托单位: North Carolina Agricultural & Technical State University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2022
• 资助国家: 美国
• 起止时间: 2022-08-01 至 2025-07-31
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2219679&HistoricalAwards=false
• 关键词: Collaborative; Research; CISE; MSI; DP

This award is funded in whole or in part under the American Rescue Plan Act of 2021 (Public Law 117-2).Designers of modern Integrated Circuit (IC) take advantage of pre-designed Intellectual Property (IP) components produced by third parties to reduce costs and time to market. Although this approach decreases the IC production costs, a malicious adversary could tamper with the manufacturing process by inserting Hardware Trojans (HT) into the final product. For example, according to a well-known report by an anonymous US defense contractor, hidden kill switches were found in some commercial processors. This proposal targets a new security threat originating from hardware-infected thermal sensors. Thermal sensors used for dynamic power and thermal management can be compromised by HTs, which in turn, seriously impacts the target IC's security, reliability, and performance. Addressing such a security vulnerability has positive impacts on a wide range of computing systems. The large spectrum of potential victim systems, e.g., edge computing devices, mobile smartphones, wearable systems, data centers, and supercomputers, indicates the utmost need to address this new threat. HT detection methods working at only one stage of the IC development life-cycle (e.g., design-, test-, or runtime) have major limitations. Having billions of gates in an IC makes design-time HT detection methods impractical due to scalability issues. Test-time methods rely heavily on a statistical analysis of the IC power and thermal profiles. But, they cannot detect small-size HTs due to the small footprints. Run-time methods require an always-running monitor to discriminate sensor readings, which could have large overheads. This project develops an ensemble of novel countermeasures that address the problem cooperatively at test-time and run-time to attain the required security and reliability of ICs. If test-time methods fail in detecting the HT infected sensor(s) due to a negligible footprint of an HT, then run-time methods can detect and isolate the compromised sensor(s). Furthermore, the introduced methods can accurately estimate the temperature of the spot assigned to the isolated thermal sensor so that the thermal and power management routine scan continues to function properly.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

该奖项的全部或部分资金根据《2021 年美国救援计划法案》（公法 117-2）提供。现代集成电路 (IC) 设计者利用第三方生产的预先设计的知识产权 (IP) 组件来降低成本和缩短上市时间。尽管这种方法降低了 IC 生产成本，但恶意对手可能会通过在最终产品中插入硬件木马 (HT) 来篡改制造过程。例如，根据一位匿名美国国防承包商的一份著名报告，在一些商用处理器中发现了隐藏的终止开关。该提案针对的是源自受硬件感染的热传感器的新安全威胁。用于动态电源和热管理的热传感器可能会受到 HT 的影响，进而严重影响目标 IC 的安全性、可靠性和性能。解决此类安全漏洞对广泛的计算系统具有积极影响。大量的潜在受害者系统，例如边缘计算设备、移动智能手机、可穿戴系统、数据中心和超级计算机，表明迫切需要解决这一新威胁。 HT 检测方法仅适用于 IC 开发生命周期的一个阶段（例如设计、测试或运行时），具有很大的局限性。由于可扩展性问题，IC 中拥有数十亿个门，使得设计时 HT 检测方法变得不切实际。测试时间方法在很大程度上依赖于 IC 功率和热曲线的统计分析。但是，由于占地面积小，他们无法检测小尺寸的 HT。运行时方法需要始终运行的监视器来区分传感器读数，这可能会产生大量开销。该项目开发了一系列新颖的对策，在测试时和运行时协同解决问题，以获得 IC 所需的安全性和可靠性。如果测试时方法由于 HT 的足迹可以忽略不计而无法检测到受 HT 感染的传感器，则运行时方法可以检测并隔离受损的传感器。此外，所引入的方法可以准确估计分配给隔离热传感器的点的温度，以便热和电源管理例行扫描继续正常运行。该奖项反映了 NSF 的法定使命，并通过使用基金会的智力优点和更广泛的影响审查标准进行评估，被认为值得支持。