Industry trends are moving toward increasing use of chiplets as a replacement for monolithic fabrication in many modern chips. Each chiplet is a separately-produced silicon die, and a system-on-chip (SoC) is created by packaging the chiplets together on a silicon interposer or bridge. Chiplets enable IP reuse, heterogeneousintegration, and better ability to leverage cost-appropriate process nodes. Yet, creating systems from separately produced components also brings security risks to consider, such as the possibility of die swapping, or susceptibility to interposer probing or tampering. In a zero-trust security posture, a chiplet should not blindly assume it is operating in a friendly environment.In this paper we propose a delay-based PUF for chiplets to verify system integrity. Our technique allows a single chiplet to initiate a protocol with its neighbors to measure unique variations in the propagation delays of incoming signals as part of an integrity check. We prototype our design on Xilinx Ultrascale+ FPGAs, which are constructed as multi-die systems on a silicon interposer, and which also emulate the general features of other industrial chiplet interfaces. We perform experiments on, and compare data from, dozens of Ultrascale+ FPGAs by making use of Amazon’s Elastic Compute Cloud (EC2) F1 instances as a testing platform. The PUF cells are shown to reject clock and temperature variation as common mode, and each cell produces approximately 5 ps of unique delay variation. For a design with 144 PUF cells, we measure the mean within-class and between-class distances to be 68.3 ps and 847.7 ps, respectively. The smallest between-class distance of 686.0 ps exceeds the largest within-class distance of 124.0 ps by more than 5x under nominal conditions, and the PUF is shown to be resilient to environmental changes. Our findings indicate the PUF can be used for authentication, and is potentially sensitive enough to detect picosecond-scale timing changes due to tampering.
more »
« less
RF-PUF: IoT security enhancement through authentication of wireless nodes using in-situ machine learning
Physical unclonable functions (PUF) in silicon exploit die-to-die manufacturing variations during fabrication for uniquely identifying each die. Since it is practically a hard problem to recreate exact silicon features across dies, a PUF-based authentication system is robust, secure and cost-effective, as long as bias removal and error correction are taken into account. In this work, we utilize the effects of inherent process variation on analog and radio-frequency (RF) properties of multiple wireless transmitters (Tx) in a sensor network, and detect the features at the receiver (Rx) using a deep neural network based framework. The proposed mechanism/ framework, called RF-PUF, harnesses already-existing RF communication hardware and does not require any additional PUF-generation circuitry in the Tx for practical implementation. Simulation results indicate that the RF-PUF framework can distinguish up to 10000 transmitters (with standard foundry defined variations for a 65 nm process, leading to non-idealities such as LO offset and I-Q imbalance) under varying channel conditions, with a probability of false detection <10^-3
more »
« less
- Award ID(s):
- 1719235
- NSF-PAR ID:
- 10076477
- Date Published:
- Journal Name:
- 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)
- Page Range / eLocation ID:
- 205 to 208
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
Wireless RF energy transfer for indoor sensors is an emerging paradigm that ensures continuous operation without battery limitations. However, high power radiation within the ISM band interferes with the packet reception for existing WiFi devices. The paper proposes the first effort in merging the RF energy transfer functions within a standards compliant 802.11 protocol to realize practical and WiFi-friendly Energy Delivery (WiFED). The WiFED architecture is composed of a centralized controller that coordinates the actions of multiple distributed energy transmitters (ETs), and a number of deployed sensors that periodically request energy from the ETs. The paper first describes the specific 802.11 supported protocol features that can be exploited by sensors to request energy and for the ETs to participate in the energy delivery process. Second, it devises a controller-driven bipartite matching-based algorithmic solution that assigns the appropriate number of ETs to energy requesting sensors for an efficient energy transfer process. The proposed in-band and protocol supported coexistence in WiFED is validated via simulations and partly in a software defined radio testbed, showing 15% improvement in network lifetime and 31% reduction in the charging delay compared to the classical nearest distance-based charging schemes that do not anticipate future energy needs of the sensors and are not designed to co-exist with WiFi systems.more » « less
-
Machine Learning-based Vulnerability Study of Interpose PUFs as Security Primitives for IoT NetworksSecurity is of importance for communication networks, and many network nodes, like sensors and IoT devices, are resource-constrained. Physical Unclonable Functions (PUFs) leverage physical variations of the integrated circuits to produce responses unique to individual circuits and have the potential for delivering security for low-cost networks. But before a PUF can be adopted for security applications, all security vulnerabilities must be discovered. Recently, a new PUF known as Interpose PUF (IPUF) was proposed, which was tested to be secure against reliability-based modeling attacks and machine learning attacks when the attacked IPUF is of small size. A recent study showed IPUFs succumbed to a divide-and-conquer attack, and the attack method requires the position of the interpose bit known to the attacker, a condition that can be easily obfuscated by using a random interpose position. Thus, large IPUFs may still remain secure against all known modeling attacks if the interpose position is unknown to attackers. In this paper, we present a new modeling attack method of IPUFs using multilayer neural networks, and the attack method requires no knowledge of the interpose position. Our attack was tested on simulated IPUFs and silicon IPUFs implemented on FPGAs, and the results showed that many IPUFs which were resilient against existing attacks cannot withstand our new attack method, revealing a new vulnerability of IPUFs by re-defining the boundary between secure and insecure regions in the IPUF parameter space.more » « less
-
This paper describes a wireless experimentation framework for studying dynamic spectrum access mechanisms and an experiment that showcases its capabilities. The framework was built on COSMOS, an advanced wireless testbed designed to support real-world experimentation of next generation wireless technologies and applications. Our deployed framework supports experimentation over a large number of wireless networks, with a PUB-SUB based network interaction structure, based on the Collaborative Intelligent Radio Networks (CIRN) Interaction Language (CIL) developed by DARPA for the Spectrum Collaboration Challenge (SC2). As such, it enables interaction and message exchanges between the networks for the purposes of coordinating spectrum use. For our experiment, the message exchanges are aimed primarily for, but not limited to, Spectrum Consumption Model (SCM) messages. RF devices/systems use SCM messages which contain detailed information about their wireless transmission characteristics (i.e., spectrum mask, frequency, bandwidth, power and location) to determine their operational compatibility (non-interference) with prior transmitters and receivers, and to dynamically determine spectrum use characteristics for their own transmissions.more » « less
-
A subthreshold hybrid PUF-embedded authentication circuit is proposed to mitigate the financial incentives that drive the counterfeit community and to encourage the COTS manufacturers to use authentication for system identification in their parts. The proposed hybrid PUF with cross-coupled inverters and a delay-based PUF strategy has sufficient entropy for authentication and a reduced number of transistors per bit. The area efficient fingerprint circuit does not require additional die area, pins, or power overhead. The performance of the primary circuit is unaffected by the fingerprint circuit. The hybrid circuit designed in a 65 nm CMOS process is discussed.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- https://doi.org/10.1109/hst.2018.8383916
