Providing secure execution environments with a last line of defense against Trojan circuit attacks

详细信息    查看全文

• 作者：Gedare Bloom ; Bhagirath Narahari ; Rahul Simha ; Joseph Zambreno
• 关键词：Trojan circuit ; Dual-encryption ; HW/SW co-design ; IC trust ; Information assurance
• 刊名：Computers and Security
• 出版年：2009
• 出版时间：October 2009
• 年：2009
• 卷：28
• 期：7
• 页码：660-669
• 全文大小：699 K

文摘

Integrated circuits (ICs) are often produced in foundries that lack effective security controls. In these foundries, sophisticated attackers are able to insert malicious Trojan circuits that are easily hidden in the large, complex circuitry that comprises modern ICs. These so-called Trojan circuits are capable of launching attacks directly in hardware, or, more deviously, can facilitate software attacks. Current defense against Trojan circuits consists of statistical detection techniques to find such circuits before product deployment. The fact that statistical detection can result in false negatives raises the obvious questions: can attacks be detected post-deployment, and is secure execution nonetheless possible using chips with undetected Trojan circuits? In this paper we present the Secure Heartbeat And Dual-Encryption (SHADE) architecture, a compiler–hardware solution for detecting and preventing a subset of Trojan circuit attacks in deployed systems. Two layers of hardware encryption are combined with a heartbeat of off-chip accesses to provide a secure execution environment using untrusted hardware. The SHADE system is designed to complement pre-deployment detection techniques and to add a final, last-chance layer of security.