Collaborative Research: CISE-MSI: DP: SaTC: Ensemble of Countermeasures for Malicious Thermal Sensors Attacks

合作研究：CISE-MSI：DP：SaTC：恶意热传感器攻击对策组合

• 批准号: 2219680
• 负责人: Abdel-Hameed Badawy
• 金额: $ 23.71万
• 依托单位: New Mexico State University
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2022
• 资助国家: 美国
• 起止时间: 2022-08-01 至 2025-07-31
• 项目状态: 未结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=2219680&HistoricalAwards=false
• 关键词: Collaborative; Research; CISE; MSI; DP

This award is funded in whole or in part under the American Rescue Plan Act of 2021 (Public Law 117-2).Designers of modern Integrated Circuit (IC) take advantage of pre-designed Intellectual Property (IP) components produced by third parties to reduce costs and time to market. Although this approach decreases the IC production costs, a malicious adversary could tamper with the manufacturing process by inserting Hardware Trojans (HT) into the final product. For example, according to a well-known report by an anonymous US defense contractor, hidden kill switches were found in some commercial processors. This proposal targets a new security threat originating from hardware-infected thermal sensors. Thermal sensors used for dynamic power and thermal management can be compromised by HTs, which in turn, seriously impacts the target IC's security, reliability, and performance. Addressing such a security vulnerability has positive impacts on a wide range of computing systems. The large spectrum of potential victim systems, e.g., edge computing devices, mobile smartphones, wearable systems, data centers, and supercomputers, indicates the utmost need to address this new threat. HT detection methods working at only one stage of the IC development life-cycle (e.g., design-, test-, or runtime) have major limitations. Having billions of gates in an IC makes design-time HT detection methods impractical due to scalability issues. Test-time methods rely heavily on a statistical analysis of the IC power and thermal profiles. But, they cannot detect small-size HTs due to the small footprints. Run-time methods require an always-running monitor to discriminate sensor readings, which could have large overheads. This project develops an ensemble of novel countermeasures that address the problem cooperatively at test-time and run-time to attain the required security and reliability of ICs. If test-time methods fail in detecting the HT infected sensor(s) due to a negligible footprint of an HT, then run-time methods can detect and isolate the compromised sensor(s). Furthermore, the introduced methods can accurately estimate the temperature of the spot assigned to the isolated thermal sensor so that the thermal and power management routine scan continues to function properly.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

该奖项全部或部分由2021年美国救援计划法案（公法117-2）资助。现代集成电路（IC）的设计人员利用第三方生产的预先设计的知识产权（IP）组件来降低成本和上市时间。虽然这种方法降低了IC生产成本，但恶意攻击者可以通过将硬件木马（HT）插入最终产品来篡改制造过程。例如，根据一个匿名的美国国防承包商的著名报告，在一些商业处理器中发现了隐藏的死亡开关。该提案针对的是来自硬件感染的热传感器的新安全威胁。用于动态电源和热管理的热传感器可能会受到高温的危害，这反过来又会严重影响目标IC的安全性、可靠性和性能。解决这种安全漏洞对广泛的计算系统具有积极影响。潜在受害者系统的大范围，例如，边缘计算设备、移动的智能电话、可穿戴系统、数据中心和超级计算机表明了解决这一新威胁的最大需求。HT检测方法仅在IC开发生命周期的一个阶段工作（例如，设计、测试或运行时）有很大的局限性。在IC中具有数十亿个门使得设计时HT检测方法由于可扩展性问题而变得不切实际。测试时间方法在很大程度上依赖于对IC功率和热曲线的统计分析。但是，由于足迹小，它们无法检测到小尺寸的HT。运行时方法需要一个始终运行的监视器来区分传感器读数，这可能会产生很大的开销。该项目开发了一套新颖的对策，在测试时和运行时合作解决问题，以达到所需的安全性和可靠性的IC。如果测试时方法由于HT的覆盖区可忽略而未能检测到HT感染的传感器，则运行时方法可以检测并隔离受损的传感器。此外，所介绍的方法可以准确地估计分配给隔离热传感器的点的温度，以便热和电源管理例行扫描继续正常工作。该奖项反映了NSF的法定使命，并已被认为是值得通过使用基金会的智力价值和更广泛的影响审查标准进行评估的支持。