Hardware security creates a hardware-based security foundation for secure and reliable operation of systems and applications used in our modern life. The presence of design for security, security assurance, and general security design life cycle practices in product life cycle of many large semiconductor design and manufacturing companies these days indicates that the importance of hardware security has been very well observed in industry. However, the high cost, time, and effort for building security into designs and assuring their security - due to using many manual processes - is still an important obstacle for economy of secure product development. This paper presents several promising directions for automation of design for security and security assurance practices to reduce the overall time and cost of secure product development. First, we present security verification challenges of SoCs, possible vulnerabilities that could be introduced inadvertently by tools mapping a design model in one level of abstraction to its lower level, and our solution to the problem by automatically mapping security properties from one level to its lower level incorporating techniques for extension and expansion of the properties. Then, we discuss the foundation necessary for further automation of formal security analysis of a design by incorporating threat model and common security vulnerabilities into an intermediate representation of a hardware model to be used to automatically determine if there is a chance for direct or indirect flow of information to compromise confidentiality or integrity of security assets. Finally, we discuss a pre-silicon-based framework for practical and time-and-cost effective power-side channel leakage analysis, root-causing the side-channel leakage by using the automatically generated leakage profile of circuit nodes, providing insight to mitigate the side-channel leakage by addressing the high leakage nodes, and assuring the effectiveness of the mitigation by reprofiling the leakage to prove its acceptable level of elimination. We hope that sharing these efforts and ideas with the security research community can accelerate the evolution of security-aware CAD tools targeted to design for security and security assurance to enrich the ecosystem to have tools from multiple vendors with more capabilities and higher performance.
more »
« less
AI-powered Network Security: Approaches and Research Directions
Networks are today a critical infrastructure. Their resilience against attacks is thus crucial. Protecting networks requires a comprehensive security life-cycle and the deployment of different protection techniques. To make defenses more effective, recent solutions leverage AI techniques. In this paper, we discuss AI-based protection techniques, according to a security life-cycle consisting of several phases: (i) Prepare; (ii) Monitor and Diagnose; and (iii) React, Recovery and Fix. For each phase, we discuss relevant AI techniques, initial approaches, and research directions.
more »
« less
- NSF-PAR ID:
- 10315112
- Date Published:
- Journal Name:
- 8th NSysS 2021: 8th International Conference on Networking, Systems and Security
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
In graph machine learning, data collection, sharing, and analysis often involve multiple parties, each of which may require varying levels of data security and privacy. To this end, preserving privacy is of great importance in protecting sensitive information. In the era of big data, the relationships among data entities have become unprecedentedly complex, and more applications utilize advanced data structures (i.e., graphs) that can support network structures and relevant attribute information. To date, many graph-based AI models have been proposed (e.g., graph neural networks) for various domain tasks, like computer vision and natural language processing. In this paper, we focus on reviewing privacypreserving techniques of graph machine learning. We systematically review related works from the data to the computational aspects. We rst review methods for generating privacy-preserving graph data. Then we describe methods for transmitting privacy-preserved information (e.g., graph model parameters) to realize the optimization-based computation when data sharing among multiple parties is risky or impossible. In addition to discussing relevant theoretical methodology and software tools, we also discuss current challenges and highlight several possible future research opportunities for privacy-preserving graph machine learning. Finally, we envision a uni ed and comprehensive secure graph machine learning system.more » « less
-
Alternative polymer feedstocks are highly desirable to address environmental, social, and security concerns associated with petrochemical-based materials. Lignocellulosic biomass (LCB) has emerged as one critical feedstock in this regard because it is an abundant and ubiquitous renewable resource. LCB can be deconstructed to generate valuable fuels, chemicals, and small molecules/oligomers that are amenable to modification and polymerization. However, the diversity of LCB complicates the evaluation of biorefinery concepts in areas including process scale-up, production outputs, plant economics, and life-cycle management. We discuss aspects of current LCB biorefinery research with a focus on the major process stages, including feedstock selection, fractionation/deconstruction, and characterization, along with product purification, functionalization, and polymerization to manufacture valuable macromolecular materials. We highlight opportunities to valorize underutilized and complex feedstocks, leverage advanced characterization techniques to predict and manage biorefinery outputs, and increase the fraction of biomass converted into valuable products.more » « less
-
more » « less
Abstract Bioenergy is widely considered a sustainable alternative to fossil fuels. However, large‐scale applications of biomass‐based energy products are limited due to challenges related to feedstock variability, conversion economics, and supply chain reliability. Artificial intelligence (AI), an emerging concept, has been applied to bioenergy systems in recent decades to address those challenges. This paper reviewed 164 articles published between 2005 and 2019 that applied different AI techniques to bioenergy systems. This review focuses on identifying the unique capabilities of various AI techniques in addressing bioenergy‐related research challenges and improving the performance of bioenergy systems. Specifically, we characterized AI studies by their input variables, output variables, AI techniques, dataset size, and performance. We examined AI applications throughout the life cycle of bioenergy systems. We identified four areas in which AI has been mostly applied, including (1) the prediction of biomass properties, (2) the prediction of process performance of biomass conversion, including different conversion pathways and technologies, (3) the prediction of biofuel properties and the performance of bioenergy end‐use systems, and (4) supply chain modeling and optimization. Based on the review, AI is particularly useful in generating data that are hard to be measured directly, improving traditional models of biomass conversion and biofuel end‐uses, and overcoming the challenges of traditional computing techniques for bioenergy supply chain design and optimization. For future research, efforts are needed to develop standardized and practical procedures for selecting AI techniques and determining training data samples, to enhance data collection, documentation, and sharing across bioenergy‐related areas, and to explore the potential of AI in supporting the sustainable development of bioenergy systems from holistic perspectives.
-
The Open Radio Access Network (RAN) and its embodiment through the O-RAN Alliance specifications are poised to revolutionize the telecom ecosystem. O-RAN promotes virtualized RANs where disaggregated components are connected via open interfaces and optimized by intelligent controllers. The result is a new paradigm for the RAN design, deployment, and operations: O-RAN networks can be built with multi-vendor, interoperable components, and can be programmatically optimized through a centralized abstraction layer and data-driven closed-loop control. Therefore, understanding O-RAN, its architecture, its interfaces, and workflows is key for researchers and practitioners in the wireless community. In this article, we present the first detailed tutorial on O-RAN. We also discuss the main research challenges and review early research results. We provide a deep dive of the O-RAN specifications, describing its architecture, design principles, and the O-RAN interfaces. We then describe how the O-RAN RAN Intelligent Controllers (RICs) can be used to effectively control and manage 3GPP-defined RANs. Based on this, we discuss innovations and challenges of O-RAN networks, including the Artificial Intelligence (AI) and Machine Learning (ML) workflows that the architecture and interfaces enable, security, and standardization issues. Finally, we review experimental research platforms that can be used to design and test O-RAN networks, along with recent research results, and we outline future directions for O-RAN development.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- https://doi.org/10.1145/3491371.3491384
