Pub Date : 2022-05-23DOI: 10.1109/ETS54262.2022.9810399
Jonti Talukdar, Arjun Chaudhuri, K. Chakrabarty
We propose TaintLock, a lightweight dynamic scan data authentication and encryption scheme that performs per-pattern authentication and encryption using taint and signature bits embedded within the test pattern. To prevent IP theft, we pair TaintLock with truly random logic locking (TRLL) to ensure resilience against both Oracle-guided and Oracle-free attacks, including scan deobfuscation attacks. TaintLock uses a substitution-permutation (SP) network to cryptographically authenticate each test pattern using embedded taint and signature bits. It further uses cryptographically generated keys to encrypt scan data for unauthenticated users dynamically. We show that it offers a low overhead, non-intrusive secure scan solution without impacting test coverage or test time while preventing IP theft.
{"title":"TaintLock: Preventing IP Theft through Lightweight Dynamic Scan Encryption using Taint Bits*","authors":"Jonti Talukdar, Arjun Chaudhuri, K. Chakrabarty","doi":"10.1109/ETS54262.2022.9810399","DOIUrl":"https://doi.org/10.1109/ETS54262.2022.9810399","url":null,"abstract":"We propose TaintLock, a lightweight dynamic scan data authentication and encryption scheme that performs per-pattern authentication and encryption using taint and signature bits embedded within the test pattern. To prevent IP theft, we pair TaintLock with truly random logic locking (TRLL) to ensure resilience against both Oracle-guided and Oracle-free attacks, including scan deobfuscation attacks. TaintLock uses a substitution-permutation (SP) network to cryptographically authenticate each test pattern using embedded taint and signature bits. It further uses cryptographically generated keys to encrypt scan data for unauthenticated users dynamically. We show that it offers a low overhead, non-intrusive secure scan solution without impacting test coverage or test time while preventing IP theft.","PeriodicalId":334931,"journal":{"name":"2022 IEEE European Test Symposium (ETS)","volume":"106 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114512253","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-05-23DOI: 10.1109/ETS54262.2022.9810441
Vahid Eftekhari Moghadam, P. Prinetto, Gianluca Roascio
The spread of the Internet of Things (IoT) and the use of smart control systems in many mission-critical or safety-critical applications domains, like automotive or aeronautical, make devices attractive targets for attackers. Nowadays, several of these are mixed-criticality systems, i.e., they run both high-criticality tasks (e.g., a car control system) and low-criticality ones (e.g., infotainment). High-criticality routines often employ Real-Time Operating Systems (RTOS) to enforce hard real-time requirements, while the tasks with lower constraints can be delegated to more generic-purpose operating systems (GPOS).Much of the control code for these devices is written in memory-unsafe languages such as C and C++. This makes them susceptible to powerful binary attacks, such as the famous Return-Oriented Programming (ROP). Control-Flow Integrity (CFI) is the most investigated security technique to protect against such threats. At now, CFI solutions for real-time embedded systems are not as mature as the ones for general-purpose systems, and even more, there is a lack of in-depth studies on how different operating systems with different security requirements and timing constraints can coexist on a single multicore platform.This paper aims at drawing attention to the subject, discussing the current scientific proposal, and in turn proposing a solution for an optimized asymmetric verification system for execution integrity. By using an embedded hypervisor, predefined cores could be dedicated to only high or low-criticality tasks, with the high-priority core being monitored by the lower-criticality core, relying on offline binary instrumentation and a light exchange of information and signals at runtime. The work also presents preliminary results about a possible implementation for multicore ARM platforms, running both RTOS and GPOS, both in terms of security and performance penalties.
{"title":"Real-Time Control-Flow Integrity for Multicore Mixed-Criticality IoT Systems","authors":"Vahid Eftekhari Moghadam, P. Prinetto, Gianluca Roascio","doi":"10.1109/ETS54262.2022.9810441","DOIUrl":"https://doi.org/10.1109/ETS54262.2022.9810441","url":null,"abstract":"The spread of the Internet of Things (IoT) and the use of smart control systems in many mission-critical or safety-critical applications domains, like automotive or aeronautical, make devices attractive targets for attackers. Nowadays, several of these are mixed-criticality systems, i.e., they run both high-criticality tasks (e.g., a car control system) and low-criticality ones (e.g., infotainment). High-criticality routines often employ Real-Time Operating Systems (RTOS) to enforce hard real-time requirements, while the tasks with lower constraints can be delegated to more generic-purpose operating systems (GPOS).Much of the control code for these devices is written in memory-unsafe languages such as C and C++. This makes them susceptible to powerful binary attacks, such as the famous Return-Oriented Programming (ROP). Control-Flow Integrity (CFI) is the most investigated security technique to protect against such threats. At now, CFI solutions for real-time embedded systems are not as mature as the ones for general-purpose systems, and even more, there is a lack of in-depth studies on how different operating systems with different security requirements and timing constraints can coexist on a single multicore platform.This paper aims at drawing attention to the subject, discussing the current scientific proposal, and in turn proposing a solution for an optimized asymmetric verification system for execution integrity. By using an embedded hypervisor, predefined cores could be dedicated to only high or low-criticality tasks, with the high-priority core being monitored by the lower-criticality core, relying on offline binary instrumentation and a light exchange of information and signals at runtime. The work also presents preliminary results about a possible implementation for multicore ARM platforms, running both RTOS and GPOS, both in terms of security and performance penalties.","PeriodicalId":334931,"journal":{"name":"2022 IEEE European Test Symposium (ETS)","volume":"110 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124738581","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-05-23DOI: 10.1109/ETS54262.2022.9810467
G. Medeiros, M. Fieback, A. Gebregiorgis, M. Taouil, L. Bolzani, S. Hamdioui
High-quality memory diagnosis methodologies are critical enablers for scaled memory devices as they reduce time to market and provide valuable information regarding test escapes and customer returns. This paper presents an efficient Hierarchical Memory Diagnosis (HMD) approach that accurately diagnoses faults in the entire memory. Faults are diagnosed hierarchically; first, their location, then their nature (i.e., static or dynamic), and finally, their functional fault model. The HMD approach leads to a more accurate diagnostic, enabling the precise identification of yield loss causes.
{"title":"Hierarchical Memory Diagnosis","authors":"G. Medeiros, M. Fieback, A. Gebregiorgis, M. Taouil, L. Bolzani, S. Hamdioui","doi":"10.1109/ETS54262.2022.9810467","DOIUrl":"https://doi.org/10.1109/ETS54262.2022.9810467","url":null,"abstract":"High-quality memory diagnosis methodologies are critical enablers for scaled memory devices as they reduce time to market and provide valuable information regarding test escapes and customer returns. This paper presents an efficient Hierarchical Memory Diagnosis (HMD) approach that accurately diagnoses faults in the entire memory. Faults are diagnosed hierarchically; first, their location, then their nature (i.e., static or dynamic), and finally, their functional fault model. The HMD approach leads to a more accurate diagnostic, enabling the precise identification of yield loss causes.","PeriodicalId":334931,"journal":{"name":"2022 IEEE European Test Symposium (ETS)","volume":"68 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125874110","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Aging degradation dominated by bias temperature instability (BTI) effect is one of the important considerations in system on chip (SOC) design margin. Research on path delay with BTI recovery effect which mitigates degradation is meaningful to set a reasonable aging margin. Since BTI recovery effect known in transistor level occurs very fast, it is a challenge to sample aged path delay in a short interval. In this paper, we propose an aging monitor to investigate the impact of BTI recovery effect on path delay degradation (Δdelay) in nanosecond intervals. The results show that the power function of recovery time accurately fits the trend of Δdelay after the removal of stress. The higher the stress voltage, the faster the absolute value of Δdelay recovers. Increasing stress time obviously reduces the recovery speed of Δdelay. It’s note that BTI recovery effect occurs not only after the removal of stress but also during AC stress. Therefore, the Δdelay is so dependent on stress type that the Δdelay with BTI recovery is 0.2 times of that without BTI recovery. The silicon data also contributes to aging model’s calibration by the introduction of BTI recovery coefficient, which has a ~4% design margin benefit in a 1GHz SOC design.
{"title":"Research on Path Delay with BTI Recovery Effect","authors":"Jiebing Wu, Yongsheng Sun, Yuan Wang, Yukai Lin, M. Fan, Junlin Huang","doi":"10.1109/ETS54262.2022.9810373","DOIUrl":"https://doi.org/10.1109/ETS54262.2022.9810373","url":null,"abstract":"Aging degradation dominated by bias temperature instability (BTI) effect is one of the important considerations in system on chip (SOC) design margin. Research on path delay with BTI recovery effect which mitigates degradation is meaningful to set a reasonable aging margin. Since BTI recovery effect known in transistor level occurs very fast, it is a challenge to sample aged path delay in a short interval. In this paper, we propose an aging monitor to investigate the impact of BTI recovery effect on path delay degradation (Δdelay) in nanosecond intervals. The results show that the power function of recovery time accurately fits the trend of Δdelay after the removal of stress. The higher the stress voltage, the faster the absolute value of Δdelay recovers. Increasing stress time obviously reduces the recovery speed of Δdelay. It’s note that BTI recovery effect occurs not only after the removal of stress but also during AC stress. Therefore, the Δdelay is so dependent on stress type that the Δdelay with BTI recovery is 0.2 times of that without BTI recovery. The silicon data also contributes to aging model’s calibration by the introduction of BTI recovery coefficient, which has a ~4% design margin benefit in a 1GHz SOC design.","PeriodicalId":334931,"journal":{"name":"2022 IEEE European Test Symposium (ETS)","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125882785","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-05-23DOI: 10.1109/ETS54262.2022.9810403
Sergio Vinagrero Gutierrez
With the rapid growth of IoT and embedded devices, the development of low power, high density, high performance SoCs has pushed the embedded memories to their limits and opened the field to the development of emerging memory technologies. The Resistive Random Access Memory (ReRAM) has emerged as a promising choice for embedded memories due to its reduced read/write latency and high CMOS integration capability. Intrinsic properties of ReRAMs make them suitable for the implementation of basic security primitives such as Physically Unclonable Functions (PUFs) and True Random Number Generators (TRNGs). The studies to be carried out during this thesis will allow the creation of robust, low cost and reliable security primitives by exploiting the inner variability of memristive technologies.
{"title":"Memristor-based security primitives","authors":"Sergio Vinagrero Gutierrez","doi":"10.1109/ETS54262.2022.9810403","DOIUrl":"https://doi.org/10.1109/ETS54262.2022.9810403","url":null,"abstract":"With the rapid growth of IoT and embedded devices, the development of low power, high density, high performance SoCs has pushed the embedded memories to their limits and opened the field to the development of emerging memory technologies. The Resistive Random Access Memory (ReRAM) has emerged as a promising choice for embedded memories due to its reduced read/write latency and high CMOS integration capability. Intrinsic properties of ReRAMs make them suitable for the implementation of basic security primitives such as Physically Unclonable Functions (PUFs) and True Random Number Generators (TRNGs). The studies to be carried out during this thesis will allow the creation of robust, low cost and reliable security primitives by exploiting the inner variability of memristive technologies.","PeriodicalId":334931,"journal":{"name":"2022 IEEE European Test Symposium (ETS)","volume":"88 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115159887","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: