SlideShare a Scribd company logo
1 of 28
Download to read offline
A2: Analog Malicious Hardware
Authored by:
1. Kaiyuan Yang
2. Matthew Hicks
3. Qing Dong
4. Todd Austin
5. Dennis Sylvester
Department of Electrical Engineering and Computer Science
University of Michigan
Ann Arbor, MI, USA
Paper: http://static1.1.sqspcdn.com/static/f/543048/26931843/1464016046717/A2_SP_2016.pdf
1
Papers We Love #22 (29 Aug 2016) By: Yeo Kheng Meng (yeokm1@gmail.com)
Remember “Reflections on Trusting Trust”?
1984 Turing award lecture by Ken Thompson
• Hack compilers to inject malicious code into output binaries
• Conclusion
• “You can’t trust code that you did not totally create yourself”
• “We can go lower to avoid detection like assembler, loader
or hardware microcode”
2
Threat Model/Paper Abstract
• “we show how a fabrication-time attacker can leverage analog circuits to create a hardware attack
that is small and stealthy
1. “we construct a circuit that uses capacitors to siphon charge from nearby wires as they
transition between digital values. “
2. “When the capacitors fully charge, they deploy an attack that forces a victim flip-flop to a
desired value.”
3. “We weaponize this attack into a remotely-controllable privilege escalation by attaching the
capacitor to a wire controllable and by selecting a victim flip-flop that holds the privilege bit for
our processor.”
4. We implement this attack in an OR1200 processor and fabricate a chip
3
Privilege escalation with maliciously-modified hardware
First some concepts
4
Analog vs Digital Circuits
• Analog
• Continuous Signal
• Signal is a fraction of logic level voltage
• Digital
• Discrete
• Usually binary 0 or 1
• 1: High logic voltage
• 0: Low logic voltage
5
Image from:
https://www.renesas.com/en-us/support/technical-resources/engineer-school/digital-circuits-01-and-circuit-or-circuit-not-circuit.html
What is a Capacitor?
https://en.wikipedia.org/wiki/Capacitor
• A capacitor is a passive two-terminal electrical component used to store electrical energy
temporarily in an electrostatic field.
• AKA temporary small-capacity battery
• Capacitor “leaks”
6
Charge Pump Design
• A charge pump is a kind of DC to DC converter that uses capacitors as energy-storage
elements to create either a higher- or lower-voltage power source.
• Clock/Pulse at regular intervals build up a charge in capacitor
7
What is a flip-flop/latch?
• Circuit that has two stable states and can
be used to store state information.
• Example Set-Reset (SR) latch
• 2 Interconnected NOR Gates
An animated SR latch. Black = 1, White = 0
Value is stored in Q, Q’ is the compliment.
https://en.wikipedia.org/wiki/Flip-flop_(electronics)#SR_NOR_latch
https://en.wikipedia.org/wiki/NOR_gate 8
SR Latch Truth table
S R Q Action Qnext
0 0 Q Hold Q
0 1 0 Reset 0
0 1 1 Reset 0
1 0 0 Set 1
1 0 1 Set 1
1 1 X NA NA
NOR Gate Operation
Input Output
A B A NOR B
0 0 1
0 1 0
1 0 0
1 1 0
Integrated Circuit (IC)
Design Process
• Similar to Printed Circuit Board Design
1. Digital Design Phase
• Logic Simulation with HDL: VHDL/Verilog
• Circuit schematic design
2. Backend Design
• Routing, layout
• Design Rule Check (DRC)
• Graphic Database System II (GDSII) file is generated
• GDSII to ICs, Gerbels to PCBs
3. Fabrication
4. Verification
9
Chip Fabrication Processlayers
• Front End Of Line (FEOL) contains
• Transistors, Capacitors, Resistors, Flip-Flops
• PCB Analogy: Board Components
• Back End Of Line (BEOL) contains
• Layers of tiny Copper Wiring
• PCB Analogy: Trace layers
• Solder-Bump
• Attachment to host PCB or motherboard
10
https://upload.wikimedia.org/wikipedia/commons/e/ee/Cmos-chip_structure_in_2000s_%28en%29.svg
Attack Components
• Trigger
• Monitors wires and states till the moment to activate payload
• Payload
• Malicious action accomplished when triggered
11
Target Platform
• OpenRISC 1200 processor
• Open source CPU
• Uses 32-bit OR1K instruction set
• 128KB instruction cache
• Implemented as FPGA using VHDL
12
OR1200 Supervision Register
• SM bit
• Determines if current process is user or supervisor
• 0 for usermode, 1 for supervisor mode
• OV bit
• If overflow occurred during last arithmetic operation
• 0 for no overflow, 1 for overflow
13
Page 29-30 of OpenRISC 1000 Architecture Manual, Architecture Version 1.1, Document Revision 0
https://github.com/openrisc/doc/blob/master/openrisc-arch-1.1-rev0.pdf
Attack model
1. Show Analog Circuits with a capacitor can create attacks
2. Pick victim wires that will trigger attacks
3. When the capacitors fully charge, they deploy an attack that
changes the flip-flop that holds the privilege bit
4. Stealthily implement this attack in an OR1200 processor
5. Run malicious code to activate the attack
14
15
1. Single-stage Analog trigger circuit behaviour model
• Based on charge-pump design
• When Cap Voltage > Threshold, trigger output
• Trigger Input: Victim Wire
• Trigger Time: Time taken to
activate trigger at certain
trigger frequency
• Retention Time: Time taken
to reset trigger after input
stops
16
1. Multi-stage Analog trigger circuit behaviour model
• Lower probability of false trigger activation
• Normal operations/benchmarks can “accidentally” trigger a wire
• Software flexibility
• Multiple attack vectors
2. Single-stage trigger
victim wire selection
• We use the overflow flag wire as trigger
17
Page 29-30 of OpenRISC 1000 Architecture Manual, Architecture Version 1.1, Document Revision 0
https://github.com/openrisc/doc/blob/master/openrisc-arch-1.1-rev0.pdf
2. Two-stage trigger
victim wire selection
• Trigger 1: Signed Division wire
• Trigger 2: Unsigned Division wire
18
Page 29-30 of OpenRISC 1000 Architecture Manual, Architecture Version 1.1, Document Revision 0
https://github.com/openrisc/doc/blob/master/openrisc-arch-1.1-rev0.pdf
3. The Attack Payload
• Overwrite register value containing “privilege/supervisor bit”
• Usermode process now given superuser privileges
19
Reset Latch (Active-Low) Set Latch (Active-High)
4. Attack insertion vector?
• Can be done anywhere along the chain
• Adding in Digital Design Phase?
• Easiest to implement on schematic level
• Easily detected during verification checks
• Tight security of designer’s machines
• Backend?
• Moderate difficulty but still able to find insertion location
• Can be discovered by SPICE simulation
• Tight security of designer’s machines
• Final choice: Fabrication
• Relatively lower security at foundry level
• Requires insider access to GDSII between backend and fabrication
• Tough to detect
20
4. Stealth implementation on OR1200
21
• CPU die size is 2.1mm2
• A2 Analog attack
• 1 gate, 13.4um2
• Digital counter-based equivalent of A2
• 91 cells or gates, 382um2
5. Pseudocode for single-stage trigger attack
22Page 54 of OpenRISC 1000 Architecture Manual, Architecture Version 1.1, Document Revision 0
https://github.com/openrisc/doc/blob/master/openrisc-arch-1.1-rev0.pdf
Divide by 0
5. Pseudocode for two-stage trigger attack
23
Page 9 of the Paper
Test Results
• It works!
• Voltage range: 0.8V to 1.2V
• Temperature range: -25°C to 100°C
• Result Trends
• ↑ temperature -> ↑ capacitor leakage -> ↑ trigger cycles
• ↑ voltage -> ↑ rate of capacitor accumulation -> ↓ trigger cycles
24
Possible Defences?
• Side Channel?
• Power difference of extra gate in 100000 gates is negligible
• Visual inspection?
• Detecting anomalous 13.4um2 circuitry in 2.1mm2 die size is impractical
• Split Manufacturing?
• Trusted and expensive
• Untrusted and cheaper
25
Intuitive Split Manufacturing strategy
• Goal: Obfuscate design from untrusted fabricator by
withholding some wires on upper layers
• BUT possible to reverse engineer 96% of “some wires” using
knowledge of layout tools
• J. Rajendran, O. Sinanoglu, and R. Karri, “Is split manufacturing secure?” in
Design, Automation and Test in Europe, ser. DATE, 2013, pp. 1259–1264. 26
Trusted Fabricator
And
Assembler
Untrusted/Cheaper
Fabricator
Design
House
GDSII of gates and other wires
GDSII of some wires
Assembled chip
Unfinished bottom portion
Proposed Split Manufacturing strategy
• Split at Level 1
• Untrusted Manufacturer does not make any gates
• However…
• Expensive $$$ to join two copper layers at low layers
• No such process exists 27
Trusted Fabricator
And
Assembler
Untrusted/Cheaper
Fabricator
Design
House
Assembled chip
FEOL + Metal Level 1
BEOL – Metal Level 1
Unfinished top portion
Potential for x86 attacks?
• Much harder to detect and easier to implement than on OR1200
• x86 has more registers, A2 only needs one
• x86 has more victim wires
• “The only aspect of scaling to an x86-class processor that we anticipate as a
challenge is maintaining controllability as there are many redundant functional
units inside an x86, so a trigger would either need to tap equivalent wires in all
functional units or be open to some probabilistic effects.”
28

More Related Content

What's hot

OpenStack Neutron new developers on boarding
OpenStack Neutron new developers on boardingOpenStack Neutron new developers on boarding
OpenStack Neutron new developers on boardingMiguel Lavalle
 
Networking 101 AWS - VPCs, Subnets, NAT Gateways, etc
Networking 101 AWS - VPCs, Subnets, NAT Gateways, etcNetworking 101 AWS - VPCs, Subnets, NAT Gateways, etc
Networking 101 AWS - VPCs, Subnets, NAT Gateways, etcStenio Ferreira
 
Log and control all service-to-service traffic in one place (Kelvin Wong)
Log and control all service-to-service traffic in one place (Kelvin Wong)Log and control all service-to-service traffic in one place (Kelvin Wong)
Log and control all service-to-service traffic in one place (Kelvin Wong)London Microservices
 
Intro to Hardware Firmware Hacking
Intro to Hardware Firmware HackingIntro to Hardware Firmware Hacking
Intro to Hardware Firmware HackingAndrew Freeborn
 
Whats new in neutron for open stack havana
Whats new in neutron for open stack havanaWhats new in neutron for open stack havana
Whats new in neutron for open stack havanaKamesh Pemmaraju
 
Alexander Timorin, Dmitry Efanov. Industrial protocols for pentesters
Alexander Timorin, Dmitry Efanov. Industrial protocols for pentestersAlexander Timorin, Dmitry Efanov. Industrial protocols for pentesters
Alexander Timorin, Dmitry Efanov. Industrial protocols for pentestersPositive Hack Days
 
BlueHat v18 || Memory resident implants - code injection is alive and well
BlueHat v18 || Memory resident implants - code injection is alive and wellBlueHat v18 || Memory resident implants - code injection is alive and well
BlueHat v18 || Memory resident implants - code injection is alive and wellBlueHat Security Conference
 
ARM uVisor Debug Refinement Project(debugging facility improvements)
ARM uVisor Debug Refinement Project(debugging facility improvements)ARM uVisor Debug Refinement Project(debugging facility improvements)
ARM uVisor Debug Refinement Project(debugging facility improvements)家榮 張
 
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge MigrationJames Denton
 
OpenStack Networking
OpenStack NetworkingOpenStack Networking
OpenStack NetworkingIlya Shakhat
 
"One network to rule them all" - OpenStack Summit Austin 2016
"One network to rule them all" - OpenStack Summit Austin 2016"One network to rule them all" - OpenStack Summit Austin 2016
"One network to rule them all" - OpenStack Summit Austin 2016Phil Estes
 
Bridges and Tunnels: A Drive Through OpenStack Networking
Bridges and Tunnels: A Drive Through OpenStack NetworkingBridges and Tunnels: A Drive Through OpenStack Networking
Bridges and Tunnels: A Drive Through OpenStack Networkingmarkmcclain
 
OVN: Scaleable Virtual Networking for Open vSwitch
OVN: Scaleable Virtual Networking for Open vSwitchOVN: Scaleable Virtual Networking for Open vSwitch
OVN: Scaleable Virtual Networking for Open vSwitchmestery
 
Safety vs Security: How to Create Insecure Safety-Critical System
Safety vs Security: How to Create Insecure Safety-Critical SystemSafety vs Security: How to Create Insecure Safety-Critical System
Safety vs Security: How to Create Insecure Safety-Critical SystemAleksandr Timorin
 
How to write a Neutron Plugin - if you really need to
How to write a Neutron Plugin - if you really need toHow to write a Neutron Plugin - if you really need to
How to write a Neutron Plugin - if you really need tosalv_orlando
 
Why are we still vulnerable to Side Channel Attacks?
Why are we still vulnerable to Side Channel Attacks?Why are we still vulnerable to Side Channel Attacks?
Why are we still vulnerable to Side Channel Attacks?Riscure
 
OpenStack Neutron Advanced Services by Akanda
OpenStack Neutron Advanced Services by AkandaOpenStack Neutron Advanced Services by Akanda
OpenStack Neutron Advanced Services by AkandaSean Roberts
 
OpenStack networking (Neutron)
OpenStack networking (Neutron) OpenStack networking (Neutron)
OpenStack networking (Neutron) CREATE-NET
 
OpenStack Meetup - SDN
OpenStack Meetup - SDNOpenStack Meetup - SDN
OpenStack Meetup - SDNSzilvia Racz
 

What's hot (20)

OpenStack Neutron new developers on boarding
OpenStack Neutron new developers on boardingOpenStack Neutron new developers on boarding
OpenStack Neutron new developers on boarding
 
Networking 101 AWS - VPCs, Subnets, NAT Gateways, etc
Networking 101 AWS - VPCs, Subnets, NAT Gateways, etcNetworking 101 AWS - VPCs, Subnets, NAT Gateways, etc
Networking 101 AWS - VPCs, Subnets, NAT Gateways, etc
 
Log and control all service-to-service traffic in one place (Kelvin Wong)
Log and control all service-to-service traffic in one place (Kelvin Wong)Log and control all service-to-service traffic in one place (Kelvin Wong)
Log and control all service-to-service traffic in one place (Kelvin Wong)
 
Intro to Hardware Firmware Hacking
Intro to Hardware Firmware HackingIntro to Hardware Firmware Hacking
Intro to Hardware Firmware Hacking
 
Whats new in neutron for open stack havana
Whats new in neutron for open stack havanaWhats new in neutron for open stack havana
Whats new in neutron for open stack havana
 
Alexander Timorin, Dmitry Efanov. Industrial protocols for pentesters
Alexander Timorin, Dmitry Efanov. Industrial protocols for pentestersAlexander Timorin, Dmitry Efanov. Industrial protocols for pentesters
Alexander Timorin, Dmitry Efanov. Industrial protocols for pentesters
 
BlueHat v18 || Memory resident implants - code injection is alive and well
BlueHat v18 || Memory resident implants - code injection is alive and wellBlueHat v18 || Memory resident implants - code injection is alive and well
BlueHat v18 || Memory resident implants - code injection is alive and well
 
ARM uVisor Debug Refinement Project(debugging facility improvements)
ARM uVisor Debug Refinement Project(debugging facility improvements)ARM uVisor Debug Refinement Project(debugging facility improvements)
ARM uVisor Debug Refinement Project(debugging facility improvements)
 
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
2014 OpenStack Summit - Neutron OVS to LinuxBridge Migration
 
OpenStack Networking
OpenStack NetworkingOpenStack Networking
OpenStack Networking
 
"One network to rule them all" - OpenStack Summit Austin 2016
"One network to rule them all" - OpenStack Summit Austin 2016"One network to rule them all" - OpenStack Summit Austin 2016
"One network to rule them all" - OpenStack Summit Austin 2016
 
Bridges and Tunnels: A Drive Through OpenStack Networking
Bridges and Tunnels: A Drive Through OpenStack NetworkingBridges and Tunnels: A Drive Through OpenStack Networking
Bridges and Tunnels: A Drive Through OpenStack Networking
 
OVN: Scaleable Virtual Networking for Open vSwitch
OVN: Scaleable Virtual Networking for Open vSwitchOVN: Scaleable Virtual Networking for Open vSwitch
OVN: Scaleable Virtual Networking for Open vSwitch
 
Safety vs Security: How to Create Insecure Safety-Critical System
Safety vs Security: How to Create Insecure Safety-Critical SystemSafety vs Security: How to Create Insecure Safety-Critical System
Safety vs Security: How to Create Insecure Safety-Critical System
 
How to write a Neutron Plugin - if you really need to
How to write a Neutron Plugin - if you really need toHow to write a Neutron Plugin - if you really need to
How to write a Neutron Plugin - if you really need to
 
Why are we still vulnerable to Side Channel Attacks?
Why are we still vulnerable to Side Channel Attacks?Why are we still vulnerable to Side Channel Attacks?
Why are we still vulnerable to Side Channel Attacks?
 
OpenStack Neutron Advanced Services by Akanda
OpenStack Neutron Advanced Services by AkandaOpenStack Neutron Advanced Services by Akanda
OpenStack Neutron Advanced Services by Akanda
 
Openstack Networking and ML2
Openstack Networking and ML2Openstack Networking and ML2
Openstack Networking and ML2
 
OpenStack networking (Neutron)
OpenStack networking (Neutron) OpenStack networking (Neutron)
OpenStack networking (Neutron)
 
OpenStack Meetup - SDN
OpenStack Meetup - SDNOpenStack Meetup - SDN
OpenStack Meetup - SDN
 

Similar to A2: Analog Malicious Hardware

DIY Home Weather Station (Devoxx Poland 2023)
DIY Home Weather Station (Devoxx Poland 2023)DIY Home Weather Station (Devoxx Poland 2023)
DIY Home Weather Station (Devoxx Poland 2023)Ryan Cuprak
 
Introduction to PCB Design (Eagle)
Introduction to PCB Design (Eagle)Introduction to PCB Design (Eagle)
Introduction to PCB Design (Eagle)yeokm1
 
DIGITAL IC TESTER USING UNIVERSAL GATES.pptx
DIGITAL IC TESTER USING UNIVERSAL GATES.pptxDIGITAL IC TESTER USING UNIVERSAL GATES.pptx
DIGITAL IC TESTER USING UNIVERSAL GATES.pptxAshish Sadavarti
 
RTOS based Confidential Area Security System
RTOS based Confidential Area Security SystemRTOS based Confidential Area Security System
RTOS based Confidential Area Security Systemajinky gadewar
 
chp3-Sensors, Actuators, and Microcontroller
chp3-Sensors, Actuators, and Microcontrollerchp3-Sensors, Actuators, and Microcontroller
chp3-Sensors, Actuators, and Microcontrollerssuser06ea42
 
Zigbee based trolley cart access system using rfid
Zigbee based trolley cart access system using rfidZigbee based trolley cart access system using rfid
Zigbee based trolley cart access system using rfidSam Joey
 
Scada deep inside: protocols and security mechanisms
Scada deep inside: protocols and security mechanismsScada deep inside: protocols and security mechanisms
Scada deep inside: protocols and security mechanismsAleksandr Timorin
 
Networking of multiple microcontrollers
Networking of multiple microcontrollersNetworking of multiple microcontrollers
Networking of multiple microcontrollersEdgefxkits & Solutions
 
L3-.pptx
L3-.pptxL3-.pptx
L3-.pptxasdq4
 
Silicon to software share
Silicon to software shareSilicon to software share
Silicon to software shareNarendra Patel
 
Ajal mod 1
Ajal mod 1Ajal mod 1
Ajal mod 1AJAL A J
 
major project ppt 27-4-16
major project ppt 27-4-16major project ppt 27-4-16
major project ppt 27-4-16rafiya begum
 
Automatic Power Factor Correction Using Arduino Uno
Automatic Power Factor Correction Using Arduino UnoAutomatic Power Factor Correction Using Arduino Uno
Automatic Power Factor Correction Using Arduino UnoVineetKumar508
 
InternEncoderPresentation
InternEncoderPresentationInternEncoderPresentation
InternEncoderPresentationClayton Monahan
 
BsidesSP: Pentesting in SDN - Owning the Controllers
BsidesSP: Pentesting in SDN - Owning the ControllersBsidesSP: Pentesting in SDN - Owning the Controllers
BsidesSP: Pentesting in SDN - Owning the ControllersRoberto Soares
 

Similar to A2: Analog Malicious Hardware (20)

Chapter 10.pptx
Chapter 10.pptxChapter 10.pptx
Chapter 10.pptx
 
DIY Home Weather Station (Devoxx Poland 2023)
DIY Home Weather Station (Devoxx Poland 2023)DIY Home Weather Station (Devoxx Poland 2023)
DIY Home Weather Station (Devoxx Poland 2023)
 
Project_updated
Project_updatedProject_updated
Project_updated
 
Introduction to PCB Design (Eagle)
Introduction to PCB Design (Eagle)Introduction to PCB Design (Eagle)
Introduction to PCB Design (Eagle)
 
DIGITAL IC TESTER USING UNIVERSAL GATES.pptx
DIGITAL IC TESTER USING UNIVERSAL GATES.pptxDIGITAL IC TESTER USING UNIVERSAL GATES.pptx
DIGITAL IC TESTER USING UNIVERSAL GATES.pptx
 
Akash
AkashAkash
Akash
 
RTOS based Confidential Area Security System
RTOS based Confidential Area Security SystemRTOS based Confidential Area Security System
RTOS based Confidential Area Security System
 
chp3-Sensors, Actuators, and Microcontroller
chp3-Sensors, Actuators, and Microcontrollerchp3-Sensors, Actuators, and Microcontroller
chp3-Sensors, Actuators, and Microcontroller
 
Zigbee based trolley cart access system using rfid
Zigbee based trolley cart access system using rfidZigbee based trolley cart access system using rfid
Zigbee based trolley cart access system using rfid
 
Scada deep inside: protocols and security mechanisms
Scada deep inside: protocols and security mechanismsScada deep inside: protocols and security mechanisms
Scada deep inside: protocols and security mechanisms
 
ATmega 16
ATmega 16ATmega 16
ATmega 16
 
Networking of multiple microcontrollers
Networking of multiple microcontrollersNetworking of multiple microcontrollers
Networking of multiple microcontrollers
 
L3-.pptx
L3-.pptxL3-.pptx
L3-.pptx
 
Silicon to software share
Silicon to software shareSilicon to software share
Silicon to software share
 
Vlsi lab
Vlsi labVlsi lab
Vlsi lab
 
Ajal mod 1
Ajal mod 1Ajal mod 1
Ajal mod 1
 
major project ppt 27-4-16
major project ppt 27-4-16major project ppt 27-4-16
major project ppt 27-4-16
 
Automatic Power Factor Correction Using Arduino Uno
Automatic Power Factor Correction Using Arduino UnoAutomatic Power Factor Correction Using Arduino Uno
Automatic Power Factor Correction Using Arduino Uno
 
InternEncoderPresentation
InternEncoderPresentationInternEncoderPresentation
InternEncoderPresentation
 
BsidesSP: Pentesting in SDN - Owning the Controllers
BsidesSP: Pentesting in SDN - Owning the ControllersBsidesSP: Pentesting in SDN - Owning the Controllers
BsidesSP: Pentesting in SDN - Owning the Controllers
 

More from yeokm1

I became a Private Pilot and this is my story
I became a Private Pilot and this is my storyI became a Private Pilot and this is my story
I became a Private Pilot and this is my storyyeokm1
 
What's inside a Cessna 172 and flying a light plane
What's inside a Cessna 172 and flying a light planeWhat's inside a Cessna 172 and flying a light plane
What's inside a Cessna 172 and flying a light planeyeokm1
 
Speaking at Tech meetups/conferences for Junior Devs
Speaking at Tech meetups/conferences for Junior DevsSpeaking at Tech meetups/conferences for Junior Devs
Speaking at Tech meetups/conferences for Junior Devsyeokm1
 
Reflections on Trusting Trust for Go
Reflections on Trusting Trust for GoReflections on Trusting Trust for Go
Reflections on Trusting Trust for Goyeokm1
 
Meltdown and Spectre
Meltdown and SpectreMeltdown and Spectre
Meltdown and Spectreyeokm1
 
Gentoo on a 486
Gentoo on a 486Gentoo on a 486
Gentoo on a 486yeokm1
 
BLE Localiser (Full) for iOS Dev Scout
BLE Localiser (Full) for iOS Dev ScoutBLE Localiser (Full) for iOS Dev Scout
BLE Localiser (Full) for iOS Dev Scoutyeokm1
 
BLE Localiser for iOS Conf SG 2017
BLE Localiser for iOS Conf SG 2017BLE Localiser for iOS Conf SG 2017
BLE Localiser for iOS Conf SG 2017yeokm1
 
Repair Kopitiam Specialty Tools (Part 2): Short Circuit Limiter
 Repair Kopitiam Specialty Tools (Part 2): Short Circuit Limiter Repair Kopitiam Specialty Tools (Part 2): Short Circuit Limiter
Repair Kopitiam Specialty Tools (Part 2): Short Circuit Limiteryeokm1
 
PCB Business Card (Singapore Power)
PCB Business Card (Singapore Power)PCB Business Card (Singapore Power)
PCB Business Card (Singapore Power)yeokm1
 
SP Auto Door Unlocker
SP Auto Door UnlockerSP Auto Door Unlocker
SP Auto Door Unlockeryeokm1
 
SP IoT Doorbell
SP IoT DoorbellSP IoT Doorbell
SP IoT Doorbellyeokm1
 
Distance Machine Locker
Distance Machine LockerDistance Machine Locker
Distance Machine Lockeryeokm1
 
A Science Project: Building a sound card based on the Covox Speech Thing
A Science Project: Building a sound card based on the Covox Speech ThingA Science Project: Building a sound card based on the Covox Speech Thing
A Science Project: Building a sound card based on the Covox Speech Thingyeokm1
 
A Science Project: Swift Serial Chat
A Science Project: Swift Serial ChatA Science Project: Swift Serial Chat
A Science Project: Swift Serial Chatyeokm1
 
The slide rule
The slide ruleThe slide rule
The slide ruleyeokm1
 
Windows 3.1 (WFW) on vintage and modern hardware
Windows 3.1 (WFW) on vintage and modern hardwareWindows 3.1 (WFW) on vintage and modern hardware
Windows 3.1 (WFW) on vintage and modern hardwareyeokm1
 
Repair Kopitiam Circuit Breaker Training
Repair Kopitiam Circuit Breaker TrainingRepair Kopitiam Circuit Breaker Training
Repair Kopitiam Circuit Breaker Trainingyeokm1
 
Getting Started with Raspberry Pi
Getting Started with Raspberry PiGetting Started with Raspberry Pi
Getting Started with Raspberry Piyeokm1
 
My Life as a Maker
My Life as a MakerMy Life as a Maker
My Life as a Makeryeokm1
 

More from yeokm1 (20)

I became a Private Pilot and this is my story
I became a Private Pilot and this is my storyI became a Private Pilot and this is my story
I became a Private Pilot and this is my story
 
What's inside a Cessna 172 and flying a light plane
What's inside a Cessna 172 and flying a light planeWhat's inside a Cessna 172 and flying a light plane
What's inside a Cessna 172 and flying a light plane
 
Speaking at Tech meetups/conferences for Junior Devs
Speaking at Tech meetups/conferences for Junior DevsSpeaking at Tech meetups/conferences for Junior Devs
Speaking at Tech meetups/conferences for Junior Devs
 
Reflections on Trusting Trust for Go
Reflections on Trusting Trust for GoReflections on Trusting Trust for Go
Reflections on Trusting Trust for Go
 
Meltdown and Spectre
Meltdown and SpectreMeltdown and Spectre
Meltdown and Spectre
 
Gentoo on a 486
Gentoo on a 486Gentoo on a 486
Gentoo on a 486
 
BLE Localiser (Full) for iOS Dev Scout
BLE Localiser (Full) for iOS Dev ScoutBLE Localiser (Full) for iOS Dev Scout
BLE Localiser (Full) for iOS Dev Scout
 
BLE Localiser for iOS Conf SG 2017
BLE Localiser for iOS Conf SG 2017BLE Localiser for iOS Conf SG 2017
BLE Localiser for iOS Conf SG 2017
 
Repair Kopitiam Specialty Tools (Part 2): Short Circuit Limiter
 Repair Kopitiam Specialty Tools (Part 2): Short Circuit Limiter Repair Kopitiam Specialty Tools (Part 2): Short Circuit Limiter
Repair Kopitiam Specialty Tools (Part 2): Short Circuit Limiter
 
PCB Business Card (Singapore Power)
PCB Business Card (Singapore Power)PCB Business Card (Singapore Power)
PCB Business Card (Singapore Power)
 
SP Auto Door Unlocker
SP Auto Door UnlockerSP Auto Door Unlocker
SP Auto Door Unlocker
 
SP IoT Doorbell
SP IoT DoorbellSP IoT Doorbell
SP IoT Doorbell
 
Distance Machine Locker
Distance Machine LockerDistance Machine Locker
Distance Machine Locker
 
A Science Project: Building a sound card based on the Covox Speech Thing
A Science Project: Building a sound card based on the Covox Speech ThingA Science Project: Building a sound card based on the Covox Speech Thing
A Science Project: Building a sound card based on the Covox Speech Thing
 
A Science Project: Swift Serial Chat
A Science Project: Swift Serial ChatA Science Project: Swift Serial Chat
A Science Project: Swift Serial Chat
 
The slide rule
The slide ruleThe slide rule
The slide rule
 
Windows 3.1 (WFW) on vintage and modern hardware
Windows 3.1 (WFW) on vintage and modern hardwareWindows 3.1 (WFW) on vintage and modern hardware
Windows 3.1 (WFW) on vintage and modern hardware
 
Repair Kopitiam Circuit Breaker Training
Repair Kopitiam Circuit Breaker TrainingRepair Kopitiam Circuit Breaker Training
Repair Kopitiam Circuit Breaker Training
 
Getting Started with Raspberry Pi
Getting Started with Raspberry PiGetting Started with Raspberry Pi
Getting Started with Raspberry Pi
 
My Life as a Maker
My Life as a MakerMy Life as a Maker
My Life as a Maker
 

Recently uploaded

Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxYounusS2
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Commit University
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsSeth Reyes
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IES VE
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
Spring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfSpring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfAnna Loughnan Colquhoun
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfAijun Zhang
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfDaniel Santiago Silva Capera
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintMahmoud Rabie
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAshyamraj55
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Websitedgelyza
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioChristian Posta
 
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdfJamie (Taka) Wang
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxMatsuo Lab
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdfPedro Manuel
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfinfogdgmi
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Cloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial DataCloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial DataSafe Software
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 

Recently uploaded (20)

Babel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptxBabel Compiler - Transforming JavaScript for All Browsers.pptx
Babel Compiler - Transforming JavaScript for All Browsers.pptx
 
Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)Crea il tuo assistente AI con lo Stregatto (open source python framework)
Crea il tuo assistente AI con lo Stregatto (open source python framework)
 
Computer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and HazardsComputer 10: Lesson 10 - Online Crimes and Hazards
Computer 10: Lesson 10 - Online Crimes and Hazards
 
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
IESVE Software for Florida Code Compliance Using ASHRAE 90.1-2019
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
Spring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdfSpring24-Release Overview - Wellingtion User Group-1.pdf
Spring24-Release Overview - Wellingtion User Group-1.pdf
 
Machine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdfMachine Learning Model Validation (Aijun Zhang 2024).pdf
Machine Learning Model Validation (Aijun Zhang 2024).pdf
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdfIaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
IaC & GitOps in a Nutshell - a FridayInANuthshell Episode.pdf
 
Empowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership BlueprintEmpowering Africa's Next Generation: The AI Leadership Blueprint
Empowering Africa's Next Generation: The AI Leadership Blueprint
 
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPAAnypoint Code Builder , Google Pub sub connector and MuleSoft RPA
Anypoint Code Builder , Google Pub sub connector and MuleSoft RPA
 
COMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a WebsiteCOMPUTER 10 Lesson 8 - Building a Website
COMPUTER 10 Lesson 8 - Building a Website
 
Comparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and IstioComparing Sidecar-less Service Mesh from Cilium and Istio
Comparing Sidecar-less Service Mesh from Cilium and Istio
 
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
20200723_insight_release_plan_v6.pdf20200723_insight_release_plan_v6.pdf
 
Introduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptxIntroduction to Matsuo Laboratory (ENG).pptx
Introduction to Matsuo Laboratory (ENG).pptx
 
Nanopower In Semiconductor Industry.pdf
Nanopower  In Semiconductor Industry.pdfNanopower  In Semiconductor Industry.pdf
Nanopower In Semiconductor Industry.pdf
 
Videogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdfVideogame localization & technology_ how to enhance the power of translation.pdf
Videogame localization & technology_ how to enhance the power of translation.pdf
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Cloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial DataCloud Revolution: Exploring the New Wave of Serverless Spatial Data
Cloud Revolution: Exploring the New Wave of Serverless Spatial Data
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 

A2: Analog Malicious Hardware

  • 1. A2: Analog Malicious Hardware Authored by: 1. Kaiyuan Yang 2. Matthew Hicks 3. Qing Dong 4. Todd Austin 5. Dennis Sylvester Department of Electrical Engineering and Computer Science University of Michigan Ann Arbor, MI, USA Paper: http://static1.1.sqspcdn.com/static/f/543048/26931843/1464016046717/A2_SP_2016.pdf 1 Papers We Love #22 (29 Aug 2016) By: Yeo Kheng Meng (yeokm1@gmail.com)
  • 2. Remember “Reflections on Trusting Trust”? 1984 Turing award lecture by Ken Thompson • Hack compilers to inject malicious code into output binaries • Conclusion • “You can’t trust code that you did not totally create yourself” • “We can go lower to avoid detection like assembler, loader or hardware microcode” 2
  • 3. Threat Model/Paper Abstract • “we show how a fabrication-time attacker can leverage analog circuits to create a hardware attack that is small and stealthy 1. “we construct a circuit that uses capacitors to siphon charge from nearby wires as they transition between digital values. “ 2. “When the capacitors fully charge, they deploy an attack that forces a victim flip-flop to a desired value.” 3. “We weaponize this attack into a remotely-controllable privilege escalation by attaching the capacitor to a wire controllable and by selecting a victim flip-flop that holds the privilege bit for our processor.” 4. We implement this attack in an OR1200 processor and fabricate a chip 3 Privilege escalation with maliciously-modified hardware
  • 5. Analog vs Digital Circuits • Analog • Continuous Signal • Signal is a fraction of logic level voltage • Digital • Discrete • Usually binary 0 or 1 • 1: High logic voltage • 0: Low logic voltage 5 Image from: https://www.renesas.com/en-us/support/technical-resources/engineer-school/digital-circuits-01-and-circuit-or-circuit-not-circuit.html
  • 6. What is a Capacitor? https://en.wikipedia.org/wiki/Capacitor • A capacitor is a passive two-terminal electrical component used to store electrical energy temporarily in an electrostatic field. • AKA temporary small-capacity battery • Capacitor “leaks” 6
  • 7. Charge Pump Design • A charge pump is a kind of DC to DC converter that uses capacitors as energy-storage elements to create either a higher- or lower-voltage power source. • Clock/Pulse at regular intervals build up a charge in capacitor 7
  • 8. What is a flip-flop/latch? • Circuit that has two stable states and can be used to store state information. • Example Set-Reset (SR) latch • 2 Interconnected NOR Gates An animated SR latch. Black = 1, White = 0 Value is stored in Q, Q’ is the compliment. https://en.wikipedia.org/wiki/Flip-flop_(electronics)#SR_NOR_latch https://en.wikipedia.org/wiki/NOR_gate 8 SR Latch Truth table S R Q Action Qnext 0 0 Q Hold Q 0 1 0 Reset 0 0 1 1 Reset 0 1 0 0 Set 1 1 0 1 Set 1 1 1 X NA NA NOR Gate Operation Input Output A B A NOR B 0 0 1 0 1 0 1 0 0 1 1 0
  • 9. Integrated Circuit (IC) Design Process • Similar to Printed Circuit Board Design 1. Digital Design Phase • Logic Simulation with HDL: VHDL/Verilog • Circuit schematic design 2. Backend Design • Routing, layout • Design Rule Check (DRC) • Graphic Database System II (GDSII) file is generated • GDSII to ICs, Gerbels to PCBs 3. Fabrication 4. Verification 9
  • 10. Chip Fabrication Processlayers • Front End Of Line (FEOL) contains • Transistors, Capacitors, Resistors, Flip-Flops • PCB Analogy: Board Components • Back End Of Line (BEOL) contains • Layers of tiny Copper Wiring • PCB Analogy: Trace layers • Solder-Bump • Attachment to host PCB or motherboard 10 https://upload.wikimedia.org/wikipedia/commons/e/ee/Cmos-chip_structure_in_2000s_%28en%29.svg
  • 11. Attack Components • Trigger • Monitors wires and states till the moment to activate payload • Payload • Malicious action accomplished when triggered 11
  • 12. Target Platform • OpenRISC 1200 processor • Open source CPU • Uses 32-bit OR1K instruction set • 128KB instruction cache • Implemented as FPGA using VHDL 12
  • 13. OR1200 Supervision Register • SM bit • Determines if current process is user or supervisor • 0 for usermode, 1 for supervisor mode • OV bit • If overflow occurred during last arithmetic operation • 0 for no overflow, 1 for overflow 13 Page 29-30 of OpenRISC 1000 Architecture Manual, Architecture Version 1.1, Document Revision 0 https://github.com/openrisc/doc/blob/master/openrisc-arch-1.1-rev0.pdf
  • 14. Attack model 1. Show Analog Circuits with a capacitor can create attacks 2. Pick victim wires that will trigger attacks 3. When the capacitors fully charge, they deploy an attack that changes the flip-flop that holds the privilege bit 4. Stealthily implement this attack in an OR1200 processor 5. Run malicious code to activate the attack 14
  • 15. 15 1. Single-stage Analog trigger circuit behaviour model • Based on charge-pump design • When Cap Voltage > Threshold, trigger output • Trigger Input: Victim Wire • Trigger Time: Time taken to activate trigger at certain trigger frequency • Retention Time: Time taken to reset trigger after input stops
  • 16. 16 1. Multi-stage Analog trigger circuit behaviour model • Lower probability of false trigger activation • Normal operations/benchmarks can “accidentally” trigger a wire • Software flexibility • Multiple attack vectors
  • 17. 2. Single-stage trigger victim wire selection • We use the overflow flag wire as trigger 17 Page 29-30 of OpenRISC 1000 Architecture Manual, Architecture Version 1.1, Document Revision 0 https://github.com/openrisc/doc/blob/master/openrisc-arch-1.1-rev0.pdf
  • 18. 2. Two-stage trigger victim wire selection • Trigger 1: Signed Division wire • Trigger 2: Unsigned Division wire 18 Page 29-30 of OpenRISC 1000 Architecture Manual, Architecture Version 1.1, Document Revision 0 https://github.com/openrisc/doc/blob/master/openrisc-arch-1.1-rev0.pdf
  • 19. 3. The Attack Payload • Overwrite register value containing “privilege/supervisor bit” • Usermode process now given superuser privileges 19 Reset Latch (Active-Low) Set Latch (Active-High)
  • 20. 4. Attack insertion vector? • Can be done anywhere along the chain • Adding in Digital Design Phase? • Easiest to implement on schematic level • Easily detected during verification checks • Tight security of designer’s machines • Backend? • Moderate difficulty but still able to find insertion location • Can be discovered by SPICE simulation • Tight security of designer’s machines • Final choice: Fabrication • Relatively lower security at foundry level • Requires insider access to GDSII between backend and fabrication • Tough to detect 20
  • 21. 4. Stealth implementation on OR1200 21 • CPU die size is 2.1mm2 • A2 Analog attack • 1 gate, 13.4um2 • Digital counter-based equivalent of A2 • 91 cells or gates, 382um2
  • 22. 5. Pseudocode for single-stage trigger attack 22Page 54 of OpenRISC 1000 Architecture Manual, Architecture Version 1.1, Document Revision 0 https://github.com/openrisc/doc/blob/master/openrisc-arch-1.1-rev0.pdf Divide by 0
  • 23. 5. Pseudocode for two-stage trigger attack 23 Page 9 of the Paper
  • 24. Test Results • It works! • Voltage range: 0.8V to 1.2V • Temperature range: -25°C to 100°C • Result Trends • ↑ temperature -> ↑ capacitor leakage -> ↑ trigger cycles • ↑ voltage -> ↑ rate of capacitor accumulation -> ↓ trigger cycles 24
  • 25. Possible Defences? • Side Channel? • Power difference of extra gate in 100000 gates is negligible • Visual inspection? • Detecting anomalous 13.4um2 circuitry in 2.1mm2 die size is impractical • Split Manufacturing? • Trusted and expensive • Untrusted and cheaper 25
  • 26. Intuitive Split Manufacturing strategy • Goal: Obfuscate design from untrusted fabricator by withholding some wires on upper layers • BUT possible to reverse engineer 96% of “some wires” using knowledge of layout tools • J. Rajendran, O. Sinanoglu, and R. Karri, “Is split manufacturing secure?” in Design, Automation and Test in Europe, ser. DATE, 2013, pp. 1259–1264. 26 Trusted Fabricator And Assembler Untrusted/Cheaper Fabricator Design House GDSII of gates and other wires GDSII of some wires Assembled chip Unfinished bottom portion
  • 27. Proposed Split Manufacturing strategy • Split at Level 1 • Untrusted Manufacturer does not make any gates • However… • Expensive $$$ to join two copper layers at low layers • No such process exists 27 Trusted Fabricator And Assembler Untrusted/Cheaper Fabricator Design House Assembled chip FEOL + Metal Level 1 BEOL – Metal Level 1 Unfinished top portion
  • 28. Potential for x86 attacks? • Much harder to detect and easier to implement than on OR1200 • x86 has more registers, A2 only needs one • x86 has more victim wires • “The only aspect of scaling to an x86-class processor that we anticipate as a challenge is maintaining controllability as there are many redundant functional units inside an x86, so a trigger would either need to tap equivalent wires in all functional units or be open to some probabilistic effects.” 28