ASSESSING THE POTENTIAL OF THz BACKSCATTERING FOR HARDWARE TROJAN DETECTION

Abstract

Malicious hardware changes, a.k.a. hardware Trojans, are an increasingly important concern because the hardwareusually provides the"" base layer of security and trust that all software layers depend and build on. In other words, ahardware Trojan allows the attacke""r to redefine the functionality of the processor such that even completely secure andtrusted software, when it executes on a Trojan"#NAME?" systems may contain a hardware Trojan that allows a00 03/14/17specific sequence of ordinary instructions, to provide the program"" with administrator-level access to the system. At alater point the attacker can purchase processing timein a datacenter, then use" trigger the Trojan to obtain hypervisor-level permissions and subsequently completelycompromise programs executed by other custome"rs of the datacenter. In a vehicle or a weapon system, a Trojan maylook for a specific set of values (such as an image, GPS coordin""ates,movement pattern, etc.) and, upon observing it, disable the system, cause it to catastrophically misbehave, or allow itto be"" taken over by the attacker. Unfortunately, hardware Trojans have already been discovered in actual militarygradechips, and the pro""blem is getting worse as the supply chain for chips becomes increasingly sophisticated andglobally distributed, providing potential" attackers an ever-increasing set of opportunities to compromise a point in achip~s supply chain and insert hardware Trojans into t"hat chip.Detection of Trojans in actual chips would ideally be done by non-destructive testing, i.e. without destroying the chipth""at is subjected to testing, require no costly changes to the design of the chip itself, and would find even stealthyTrojans that oc"cupy little chip area and exhibit little electronic activity. Existing non-destructive and chip-modificationfreemethods typically r"ely on observing the chip~s power consumption, electromagnetic field fluctuation around thechip, etc. Unfortunately, such signals h""ave limited bandwidth (i.e. they carry only limited information about on-chipactivity), and they are a combination of all activity"" on the chip, so the part of the signal caused by a stealthy Trojan isvery small compared to the overall signal caused by all of th""e ~good~ activity on the entire chip.This project investigates the potential of Terahertz (THz) frequency signal backscattering, a"" novel non-destructive, chipmodification-free approach, for detection of hardware Trojans. Unlike prior approaches, THz backscatter""ing providesenormous bandwidth and can be focused to a specific part of the chip. The approach relies on a key observation that,wh""en a very high frequency (e.g. 300GHz) signal is reflected from the chip~s circuitry, it is affected by both the physicalgeometry o""f the circuit and its electronic activity. Furthermore, the signal~s extremely high frequency allows it to befocused on a desired p"art of the chip.

Document Details

Document Type

DoD Grant Award

Publication Date

May 05, 2017

Source ID

N000141712540

Entities

Tags