Industry trends are moving toward increasing use of chiplets as a replacement for monolithic fabrication in many modern chips. Each chiplet is a separately-produced silicon die, and a system-on-chip (SoC) is created by packaging the chiplets together on a silicon interposer or bridge. Chiplets enable IP reuse, heterogeneousintegration, and better ability to leverage cost-appropriate process nodes. Yet, creating systems from separately produced components also brings security risks to consider, such as the possibility of die swapping, or susceptibility to interposer probing or tampering. In a zero-trust security posture, a chiplet should not blindly assume it is operating in a friendly environment.In this paper we propose a delay-based PUF for chiplets to verify system integrity. Our technique allows a single chiplet to initiate a protocol with its neighbors to measure unique variations in the propagation delays of incoming signals as part of an integrity check. We prototype our design on Xilinx Ultrascale+ FPGAs, which are constructed as multi-die systems on a silicon interposer, and which also emulate the general features of other industrial chiplet interfaces. We perform experiments on, and compare data from, dozens of Ultrascale+ FPGAs by making use of Amazon’s Elastic Compute Cloud (EC2) F1 instances as a testing platform. The PUF cells are shown to reject clock and temperature variation as common mode, and each cell produces approximately 5 ps of unique delay variation. For a design with 144 PUF cells, we measure the mean within-class and between-class distances to be 68.3 ps and 847.7 ps, respectively. The smallest between-class distance of 686.0 ps exceeds the largest within-class distance of 124.0 ps by more than 5x under nominal conditions, and the PUF is shown to be resilient to environmental changes. Our findings indicate the PUF can be used for authentication, and is potentially sensitive enough to detect picosecond-scale timing changes due to tampering.
more »
« less
RF-PUF: IoT security enhancement through authentication of wireless nodes using in-situ machine learning
Physical unclonable functions (PUF) in silicon exploit die-to-die manufacturing variations during fabrication for uniquely identifying each die. Since it is practically a hard problem to recreate exact silicon features across dies, a PUF-based authentication system is robust, secure and cost-effective, as long as bias removal and error correction are taken into account. In this work, we utilize the effects of inherent process variation on analog and radio-frequency (RF) properties of multiple wireless transmitters (Tx) in a sensor network, and detect the features at the receiver (Rx) using a deep neural network based framework. The proposed mechanism/ framework, called RF-PUF, harnesses already-existing RF communication hardware and does not require any additional PUF-generation circuitry in the Tx for practical implementation. Simulation results indicate that the RF-PUF framework can distinguish up to 10000 transmitters (with standard foundry defined variations for a 65 nm process, leading to non-idealities such as LO offset and I-Q imbalance) under varying channel conditions, with a probability of false detection <10^-3
more »
« less
- Award ID(s):
- 1719235
- PAR ID:
- 10076477
- Date Published:
- Journal Name:
- 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)
- Page Range / eLocation ID:
- 205 to 208
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
A subthreshold hybrid PUF-embedded authentication circuit is proposed to mitigate the financial incentives that drive the counterfeit community and to encourage the COTS manufacturers to use authentication for system identification in their parts. The proposed hybrid PUF with cross-coupled inverters and a delay-based PUF strategy has sufficient entropy for authentication and a reduced number of transistors per bit. The area efficient fingerprint circuit does not require additional die area, pins, or power overhead. The performance of the primary circuit is unaffected by the fingerprint circuit. The hybrid circuit designed in a 65 nm CMOS process is discussed.more » « less
-
Realizing the vision of ubiquitous battery-free sensing has proven to be challenging, mainly due to the practical energy and range limitations of current wireless communication systems. To address this, we design the first wide-area and scalable backscatter network with multiple receivers (RX) and transmitters (TX) base units to communicate with battery-free sensor nodes. Our system circumvents the inherent limitations of backscatter systems--including the limited coverage area, frequency-dependent operability, and sensor node limitations in handling network tasks--by introducing several coordination techniques between the base units starting from a single RX-TX pair to networks with many RX and TX units. We build low-cost RX and TX base units and battery-free sensor nodes with multiple sensing modalities and evaluate the performance of the MultiScatter system in various deployments. Our evaluation shows that we can successfully communicate with battery-free sensor nodes across 23400 square feet of a two-floor educational complex using 5 RX and 20 TX units, costing $569. Also, we show that the aggregated throughput of the backscatter network increases linearly as the number of RX units and the network coverage grows.more » « less
-
Wireless RF energy transfer for indoor sensors is an emerging paradigm that ensures continuous operation without battery limitations. However, high power radiation within the ISM band interferes with the packet reception for existing WiFi devices. The paper proposes the first effort in merging the RF energy transfer functions within a standards compliant 802.11 protocol to realize practical and WiFi-friendly Energy Delivery (WiFED). The WiFED architecture is composed of a centralized controller that coordinates the actions of multiple distributed energy transmitters (ETs), and a number of deployed sensors that periodically request energy from the ETs. The paper first describes the specific 802.11 supported protocol features that can be exploited by sensors to request energy and for the ETs to participate in the energy delivery process. Second, it devises a controller-driven bipartite matching-based algorithmic solution that assigns the appropriate number of ETs to energy requesting sensors for an efficient energy transfer process. The proposed in-band and protocol supported coexistence in WiFED is validated via simulations and partly in a software defined radio testbed, showing 15% improvement in network lifetime and 31% reduction in the charging delay compared to the classical nearest distance-based charging schemes that do not anticipate future energy needs of the sensors and are not designed to co-exist with WiFi systems.more » « less
-
The rapid adoption of Internet-of-Medical-Things (IoMT) has revolutionized e-health systems, particularly in remote patient monitoring. With the growing adoption of Internet-of-Medical-Things (IoMT) in delivering technologically advanced health services, the security of Medtronic devices is pivotal as the security and privacy of data from these devices are directly related to patient safety. PUF has been the most widely adopted hardware security primitive which has been successfully integrated with various Internet-of-Things (IoT) based applications, particularly in smart healthcare for facilitating device security. To facilitate security and access control to IoMT devices, this work proposes a novel cybersecurity solution using PUF for facilitating global access to IoMT devices. The proposed framework presents an approach that enables the patient’s body area network devices supported by PUF to be securely accessible and controllable globally. The proposed cybersecurity solution has been experimentally validated using state-of-the-art SRAM PUF, a delay based PUF, and a trusted platform module (TPM) primitive.more » « less