Defensive Routing: a Preventive Layout-Level Defense Against Untrusted Foundries
Since the inception of the integrated circuit (IC), the size of the transistors used to construct them continually shrink. While this advancement significantly improves computing capability, the associated massive complexity forces IC designers to outsource fabrication. Outsourcing presents a security threat: comprehensive post-fabrication inspection is infeasible given the size of modern ICs, thus it is nearly impossible to know if the foundry has altered your design during fabrication (i.e., inserted a hardware Trojan). Defending against a foundry-side adversary is challenging because---with as little as two gates---hardware Trojans can completely undermine software security. Prior work attempts to both detect and prevent such foundry-side attacks, but all existing defenses are ineffective against the most advanced hardware Trojans.We present Defensive Routing (DR), a preventive layout-level defense against untrusted foundries, capable of thwarting the insertion of even the stealthiest hardware Trojans. DR is directed and routing-centric: it prevents foundry-side attackers from connecting rogue wires to security-critical wires by shielding them with guard wires. Unlike shield wires commonly deployed for cross-talk reduction, DR guard wires present an additional technical challenge: they must be tamper-evident in both the digital and analog domains. To address this challenge, we present two different categories of guard wires: natural and synthetic. Natural guard wires are comprised of pre-existing wires that we route adjacent to security-critical wires, while synthetic guard wires are added to the design specifically to protect security-critical wires. Natural guard wires require no additional hardware and are digitally tamper-evident. Synthetic guard wires require additional hardware, but are tamper-evident in both the digital and analog domains.
Faculty
- Kang G. Shin
- Matthew Hicks (Virginia Tech)
Graduate Students
- Tim Trippel
Publications
-
Timothy Trippel, Kang G. Shin, Kevin Bush, and Matthew Hicks, T-TER: Defeating A2 Trojans with Targeted Tamper-Evident Routing, in 18th ACM ASIA Conference on Computer and Communications Security (ASIACCS '23), Melbourne, Australia, July 2023.
<pdf> -
Timothy Trippel, Kang G. Shin, Alex Chernyakhovsky, Garret Kelly, Dominic Rizzo, and Matthew Hicks, Fuzzing Hardware Like Software, in the 31st USENIX Security Symposium (USENIX Security '22), Boston, Massachusetts, August 2022.
<pdf> -
Timothy Trippel, Kang G. Shin, Kevin B. Bush, and Matthew Hicks, Bomberman: Defining and Defeating Hardware Ticking Timebombs at Design-time, in the 42nd IEEE Symposium on Security & Privacy (Oakland '21), Virtual conference, May 2021.
<pdf>