HARDWARE SECURITY

UNIT 5
INTRODUCTION TO HARDWARE SECURITY

Definition: Protection of physical devices from

threats of unauthorized access.
• Protects physical devices, machines and
peripherals.
• Eg. CCTV, locked doors, guards, IC
programmed etc.,
INTRODUCTION TO HARDWARE SECURITY

• Protect a device that scans employee

endpoints or monitors network traffic.eg.
Firewall, proxy server.
• Hardware security Modules (HSM)-gives
device based security.
• HSM generate and manage cryptographic keys
for authentication and encryption of systems,
and provides another layer of security.
Scope of Hardware security & trust for modern
computing
• Refer block diagram fig 5.1.1
 Scope of Hardware security & trust for modern
computing
• Vulnerabilities:
– Weakness in the hardware architecture,
implementation or design/test process, which can
be exploited by an attacker to mount an attack.

– Typical attack consists of an identification of one

or more vulnerabilities, exploiting them for
successful attack.
 Scope of Hardware security & trust for modern
computing
• Hardware Vulnerabilities lead to attack at
different levels from chip or PCB.
• It is required to ensure the security and
reliability of software stack.
• It protects sensitive assets stored in hardware
from mischievous software and network and
isolates secure data from insecure data and
code.
 Trusted system

The system is trusted then,

Failure of component can break security policy.
The system is unTrusted then,
• Untrusted program entities get associated
with hardware lifecycle. Eg. Untrusted IP, CAD
tools, fabrication, test and distribution.
 Attacks on hardware
1. Physical attack
2. Attack vectors
3. Supply chain
4. Accidents
 Attacks on hardware
Physical attack:

The physicality of the attack done with hardware tools.

Attack vectors:

• Security may be implemented for a product either by software or hardware.

• The fabricating company would provide read access and write access for the
• ordering company.
• The write component can be destroyed to avoid rewriting.
• The approach can not be used for all hardware.
 Attacks on hardware
Supply Chain:
Product manufactures---send through shipping—
intercepted by attackers—tampered—re-packaged—
without the knowledge of consumer.

Accidents:
Memory based devices like USB Keys, Digital picture
frames may contain malware, that would affect the
system.
 Attacks Surface
Chip Level attack:
Chips may be targeted for reserve engineering,
cloning, malicious insertion, side channel attack etc.,

PCB Level Attack:

PCB are much easier to reverse engineer and tamper than ICs.
Attackers may physically tamper a PCB, to make them leak
sensitive information or bypass DRAM protection.

System Level Attack:

Complex attacks involving the interaction of hardware or
software components can be mounted on the system.
 Security Model
Security Model has 2 components:
• Threat model
defines the threat including purpose and mechanism of an attack.
• Trust model
This model defines the trusting parties or components.
-Trusted Platform Module
• TPM helps to keep PCs secure by offering hardware level protection
against malware and cyber attacks.
• TPM can be added into CPU’s to store artifacts to authenticate the
platform.
• Helps to store essential and critical information such as user credentials,
passwords, fingerprints, certificates, encryption keys , to keep it safe
from external attacks.
• TPM access to authenticated users if key is validated.
 Vulnerabilities
• Weakness in the hardware architecture,
implementation or design/test process, which
can be exploited by an attacker to mount an
attack.

• Typical attack consists of an identification of

one or more vulnerabilities, exploiting them for
successful attack.
 Vulnerabilities

Types:
• Functional bugs- weak cryptographic H/W
• Side channel bugs-leak critical infm. Inside HW
by side channels
• Test/Debug infrastructure-using limited
testability in H/W.
• Access control or information flow issue-
system unable to distinguish between
authorized and unauthorized users.
• Creates a malicious modification to a circuit.

• Modifications: Trojan may control, modify,

disable the contents and communications of
the computing device.
• A Hardware Trojan (HT) is categorized by two
things –
• Physical Representation (i.e. how it behaves,
how it looks like)
• It’s behavior (i.e. how it shows up and what
are its effects)
 Properties of a Hardware Trojan
• It can take place pre or post manufacturing.
• It is inserted by some intellectual adversary.
• It is extremely small hardware overhead.
• It is Stealthy and nearly Impossible to detect
• It causes IC to malfunction in-field.
 Affects of a Hardware Trojan
• Affects of a Hardware Trojan if it’s placed
inside a chip –
• Potentially disastrous consequences.
• Loss of human life or property.
• Whenever the HT wakes up , the entire
activity that the Trojan performs or executes is
known as payload.
Components of a Hardware Trojan
• It contains a trigger and a payload
• Trigger – Trigger decides when the Hardware
Trojan or HT will wake up.
• Payload – Payload decides what will happen
when the Trojan will wake up.
Hardware Trojans
Hardware Trojans
 Physical characteristics
• It represents several hardware aspects of Trojans.
• The Type of the Trojan can be divided into functional or parametric.
• The first type (Functional Trojans) appear through add/delete transistors
or gates in design of the original.
• The second type (Parametric Trojans) revealed by modification of wires
and logic that effect the reliability of the chip.
• The Size of a hardware Trojan is another physical characteristic that the
attacker has to consider. Size, in this case, refers to the number of
elements that have been added, deleted or compromised.
• During the activation, the size of an HD can be significant factor; the
activation of a larger Trojan has a lower probability than a smaller Trojan.
• The Distribution of a Trojan describes the layout of the Trojan
components within the chip.
 Activation Characteristics
• Activation characteristics refer to the standards that cause Trojans to be
active in their disruptive functions.
• Trojan activation characteristics have two main classifications:
Internally activated and Externally activated.
• There are two categories of internally activated Trojans: “Always on”
and “Condition-based”.
• "Always on" means the Trojan is active and at any time can damage the
function of the chip.
• This subclass covers Trojans that are executed by adjusting the
geometry of the chip so that some nodes or paths are more susceptible
to failure.
• The adversary may embed the Trojans on rarely exercised nodes.
"Condition-based" means Trojans are inactive until the attacker
identifies a specific condition or cause.
 Action Characteristics
• It describe the effects of a Trojan on chip design and
determine the type of destruction introduced by the Trojan.
• There are three main classes of action characteristics.
Modify function: in this class, the Trojan changes the
original function of the chip by adding, removing or
bypassing existing logic to cause a failure in operations or
add extraneous logic.
• Modify specification: in this class, the Trojan make changes
in some of the parametric properties chip, for Example
delay when we reduce the quantity of existing wire.
• Transmit information: in this class, the Trojan doesn’t make
a change in the operation of the device; instead, it
transmits important information to an opponent
 Side channel attack
• An attack enabled by leakage of information
from a physical cryptosystem.

• A side-channel attack is any attack based on

information gained from the physical
implementation of a system (process), rather
than theoretical weaknesses in the algorithms
 Blockchain
• A blockchain is a decentralized, distributed
and public digital ledger that is used to record
transactions across many computers so that
the record cannot be altered retroactively
without the alteration of all subsequent blocks
and the consensus of the network.
Layers of Block Chain
 The hardware layer
• It consists of hardware, like network
connections, the computers within the network
and data servers.
• The data stored inside a blockchain is hosted by
data servers, and computers on the blockchain
network can share this data with each other.
• This leads to the creation of a P2P network
where information is validated by individual
nodes (or computers) on the network.
 THE DATA LAYER
• The information stored on the network is managed in this layer.
• This layer is made up of blocks of information with each
block connected to the previous one.
• The only block that is not linked back to another is the genesis block
(the first block in the network).
• Each transaction written on these blocks is protected through a
private key and a public key.
• A private key is a digital signature known only by the owner for
authorizing a transaction;
• A public key is used to verify who has signed for the transaction. To
put it simply, if someone sends you some crypto, they will need to
know your public key; for you to receive the crypto, you have to use
your private key to verify the transaction and prove your ownership
to your blockchain wallet.
• The network layer
• This layer facilitates communication between the
different nodes within the blockchain network. It
is also in this layer that blocks are created and
added to the blockchain. As a result, this layer
is also referred to as the propagation layer.
• The consensus layer
• This layer ensures that the rules of the network
are effectively enforced to preserve uniformity
within the network. One node cannot simply add
a transaction to the blockchain; to do so, all
nodes within the network need to agree on it.
This level of verification lowers the risk of
fraudulent transactions being added to the
blockchain.
 The application layer

• This layer facilitates the use of the blockchain

for a wide variety of purposes. It is made up
of smart contracts and decentralized
applications (DApps). This layer acts as
the front end of the blockchain and is
essentially what a user would typically
encounter when operating within a blockchain
network.