Verification and Hardware Trojan Detection on Motherboards Using Different Modalities of Side Channels

Abstract

Computer systems and other electronic devices are typically assembled by a system integrator. These systems contain one or more printed circuit boards (PCBs) that have been procured (sourced) from various suppliers. These PCBs are themselves produced by board-level integrators, and typically contain a number of integrated circuits (ICs) and radio frequency (RF) components that are also sourced from various suppliers. The procurement ecosystem for ICs, RFs, and PCBs is sophisticated, meaning the actual manufacturer of an IC very rarely acts as a direct supplier to a PCB integrator, and the PCB integrator is very rarely a direct supplier to the system integrator. However, for both the system integrator and the end user of the system, it is important to know which actual devices (IC,RF, and PCB-level) are present in the system. Different devices, even when they are functionally compatible, differ in other properties, such as the level of trust its manufacturer provides, the level of reliability and environmental tolerance the device can be expected to provide, the interoperability issues with specific software and with other devices, and the bugs and vulnerabilities thatmust be taken into account to ensure that the system functions correctly and securely. Unfortunately, the complex supply chain for ICs, RFs, and PCBs also makes it difficult to avoid counterfeits, or to detect that components have been added to or removed from the PCB. Furthermore, even in the absence of malicious intent, one legitimate device can be (and often is) substituted with another legitimate device that the PCB manufacturer may consider to be equivalent. However, some of the properties of these devices may differ, especially when it comes to interoperability, bugs, and vulnerabilities. To overcome all these problems, it is very important to develop comprehensive techniques that can 1) inspect a motherboard for missing or added components (especially ICs), 2) correctly recognize/authenticate IC and RF components on a PCB or in a system to identify counterfeits but also to allow appropriate software patches and workarounds can be applied for trusted ICs, and 3) test cables and interconnects for aging, damage, and hidden small ICs. The main challenge in the comprehensive motherboard inspection is that it either requires destructive testing or is very time consuming and ambiguous if analog side channels are applied to the entire motherboard due to crosstalk among components. To overcome this, we propose the problem to break down into several stages and use different side-channel modalities: 1) We will develop techniques tolocalize/identify large components, i.e processor, memory, Ethernet, WiFi, etc. using imaging, EM and/or backscattering side-channel; 2) once components are identified, we propose to develop techniques that use EM and/or backscattering side channels to verify that identified components are authentic (expected manufacturer, specs, etc.). Furthermore, we propose to develop techniques that will scan for new/unknown components on the motherboard. This will be accomplished by scanning the remainder of the board that has not been inspected in previous tasks and searching for EM emanations created by program activities using EM/backscattering side-channels, and 3) we will develop techniques that leverage EM and backscattering side-channels to characterize cables and PCB traces that can be damaged from aging or tampered with.Approved for Public Release

Document Details

Document Type

DoD Grant Award

Publication Date

Mar 08, 2024

Source ID

N000142412157

Entities

Tags