Viewing entries in
Research paper

IEEE PAINE 2023 - Attest: Non-Destructive Identification of Counterfeit FPGA Devices

We have a poster presentation at IEEE PAINE 2023 in Huntsville, AL on October 24, 2023. Come learn about our Enforte™ Attest™ device verification tool!

—————

Attest: Non-Destructive Identification of Counterfeit FPGA Devices

Whitney Batchelor, James Koiner, Cody Crofford, Kevin Paar, Margaret Winslow, Mia Taylor, Scott Harper, Ph.D.

Abstract: With ongoing microelectronic supply chain issues, the demand for genuine field-programmable gate arrays (FPGAs) is increasing – but so is the occurrence of counterfeit devices. Frequently, devices are used, salvaged from old systems, and repackaged as new. These recycled devices represent the largest class of counterfeit devices and are becoming more rampant. Therefore, it is often necessary to test whether a device is counterfeit before employing it in a new system. Current methods for evaluating the genuine nature of devices are frequently destructive, allowing for only small sample testing within lots.  Other methods require complex external equipment and cannot be readily deployed throughout the supply chain. Graf Research Corporation has developed a methodology for using telemetry bitstreams to characterize an FPGA device and subsequently classify whether a device is a repackaged counterfeit via statistical and machine learning models. The new method utilizes minimal external equipment, is non-destructive, and can be employed at any point throughout the supply chain.  

GOMAC 2023 - Three Papers

GOMAC 2023 - Three Papers

We’re presenting three papers at GOMAC 2023 in March – two posters and one presentation. Our papers discuss the quality of trojan benchmarks for microelectronics quantifiable assurance as well as a methodology for calculating the risk in hardware trojan detection strategies. We are also discussing our microelectronics lab experimentation platform, Benches, and how it can be used to capture digital threads of experiments. We will be demoing Benches at our booth, so definitely come check that out!

We’ll send out another update soon with information on our session numbers and dates. The team has put in significant effort, and we can’t wait for you to see it.


Poster

Generating Statistically Relevant Trojan Benchmarks for Microelectronics Quantifiable Assurance

Margaret Winslow, Whitney Bachelor, James Koiner, Kevin Paar, Scott Harper, Jonathan Graf

Abstract: Hardware trojan horse (HTH) detection metrics are used to quantify the value of trojan detection methods. These metrics, often in terms of probability of detection and probability of false alarm, can be used to help quantify the impact on design assurance when applying mitigations to a microelectronics circuit. A question arises, however, regarding how statistically sound the metric values must be to make reasonable trust and assurance decisions. Statistical relevance metrics have been used in many fields to justify confidence in claims, and benchmarks that can produce statistically relevant detection metrics are necessary to trust the quantification of microelectronics assurance. This work defines the requirements for generating statistically relevant detection metrics that are useful for quantifying microelectronics design assurance via testing with a strategically implemented circuit design benchmark set.

-----

Presentation

Determining Residual Risk from Optimized Selection of Hardware Trojan Detection Strategies

Zachary A. Collier, Whitney Batchelor, Margaret Winslow, Scott Harper, Jonathan Graf

Abstract: Game theory has been shown to have practical applications in the optimal selection of hardware trojan detection and prevention strategies for circuit design. Previous work has used quantitative metrics measuring performance and cost of a countermeasure to predict optimal defense strategy selections, while considering the goals and actions of an adversary. This was accomplished with a game theoretic model of the response of a defender and an attacker to possible design assurance strategy selections. To date, no concrete quantification of the changes in risk associated with the resulting design decisions has been presented. This work introduces a methodology for deriving and calculating the inherent risk, residual risk, and risk reduction that result from the game theoretic models of design decisions when evaluating hardware trojan detection and prevention strategies.

-----

Poster

Facilitating Assurance and Collaboration through Digital Threads in Microelectronics Experiments

Edward Carlisle IV, Scott Harper, Jonathan Graf

Abstract: Laboratory experimentation with circuits and systems can be a complex process. Exact repetition of processes such as radiation testing, second-party verification of conclusions drawn from side channel analysis, and preservation of experimental processes all require the full detail of an experiment to be captured when it is run. Capturing a digital thread of an experiment provides this capability but can be a complex process that is prone to human error if not fully automated. This paper presents an automated microelectronics lab experimentation platform called Benches. We describe how Benches automates the capture of the digital thread of a microelectronics experiment and how these digital threads facilitate assurance and collaboration.

Anti-Tamper Conference 2022 – Two Papers

We’re presenting two papers at the 2022 Anti-Tamper Conference in Laurel, Maryland.

-----

Anti-Tamper Implementation – An Irrefutable Logger in Microchip Polarfire Devices

Kevin Paar, Jonathan Graf, Scott Harper, Tim Dunham

Abstract: This paper discusses the implementation of a rich, irrefutable tamper logging solution for the Microchip Polarfire family of flash-based Field Programmable Gate Array (FPGA) ICs. Leveraging the unique capabilities of the Polarfire FPGA, the solution immediately journals incoming log entries into secure internal storage and later archives the log entries to an external non-volatile storage media. The solution utilizes rolling-key encryption, authentication, and chained hashing of the externally stored log entries to support verification and validation of log integrity. Implementing this system in Polarfire FPGAs requires a vastly different solution than similar logs implemented in Xilinx Kintex and Zynq UltraScale+ devices.

-----

Modernizing FPGA Design Assurance Software

Jonathan Graf, Scott Harper, Ali Asgar Sohanghpurwala, and Edward Carlisle IV

Abstract: We present five principles for modern FPGA design assurance tools: verification, auditing, quantification, automation, and interoperability. We claim these principles are mandatory for such tooling and explore three software tools in this context – DELV, Trace, and PV‐Bit. Our conclusion is that it is possible to create tools that follow the principles and that this approach quantifiably impacts FPGA design assurance.

GOMAC 2022: Four more papers!

The team has done it again! Last year we presented three papers at GOMAC, and this year, we’ll be presenting four! The whole team has put so much effort into this research, and we can’t wait to show off our achievements. GOMAC will be hosted in Miami, so the team hopes to thaw out a bit from winter in addition to giving great presentations on our latest work. Take a look below to learn more about what we’ll discuss.  Come out and see us in our first in-person conference in 2 years!

-----

Modernizing FPGA Design Assurance Software

Jonathan Graf, Scott Harper, Ali Asgar Sohanghpurwala, Edward Carlisle IV

Abstract: This paper presents five key principles for modern FPGA design assurance tools: verification, auditing, quantification, automation, and interoperability. We claim these principals are mandatory for such tooling and explore three hardware design assurance software tools in this context – DELV, Trace, and PV-Bit. Our conclusion is that it is possible to create tools that follow the principles and that adherence to these principles quantifiably impacts design assurance.

-----

Advancing Strategy Selection for Hardware Trojan Detection with Subrational Behavior Models

Whitney Batchelor, Meg Winslow, Cody Crofford, Michael Blacconiere, Scott Harper, Jonathan Graf

Abstract: Game theory has been shown to have practical applications in the optimization of hardware Trojan detection and prevention strategy selection in circuit design. In previous work, metrics measuring the performance and cost of a countermeasure when considering the action of an adversary given their goals are quantified to predict optimal defense strategy selections. Those models assume an encounter between two rational players and build upon a security economic approach in the context of empirically derived countermeasure efficacy metrics. That is, both offensive and defensive players act in a rational manner, choosing the action resulting in their greatest financial gain (or lowest loss) when considering the likely action of their opponent. The assumption of rational players allows for a baseline analysis when optimizing detection strategy selection but does not consider human behaviors that may drive a sub-optimal decision. These behaviors may result from having risk adverse/seeking players, carrying bias towards certain methods, understanding the results from prior attacks and defensive mechanisms, and/or additional motivations. In this paper, we extend the rational game theoretic model previously evaluated in the quantitative assurance space with the concept of subrationality; that is, when the players have the option of making an informed but less optimal choice due to some definable bias. This work introduces three subrational models that simulate risk adverse and risk seeking players, knowledge of prior play, and random error with application to the previously developed models pertaining to the optimal selection of hardware Trojan detection strategies.

-----

Trace: Towards a Traceable Microelectronics Implementation Flow

Ali Asgar Sohanghpurwala, Carlton Fraley, Jonathan Graf, Scott Harper

Abstract: Microelectronics design processes often include implementation flows that perform incremental steps to convert human-readable source code or schematics into a binary executable or hardware circuit that can be deployed on the desired Microprocessor, FPGA, PCB, or ASIC technology. Available tools help users partially verify the output of these implementation flows, but a gap exists in assuring and preserving the integrity of those output products along with the source code and implementation settings that were used to produce them. Ideally, a security auditor should be able to prove or disprove the trustworthiness of specific design implementations deployed in the face of an advanced adversary. What is proposed here is progression towards a fully traceable and reproducible implementation flow that uses proven cryptographic principles to enable a tamper-resistant audit trail for Microelectronic design implementation along with companion tools for auditing and precisely reproducing the implementation process.

-----

Automated Analysis of a Thermally Triggered FPGA Hardware Trojan

Edward Carlisle IV, Scott Harper, James Koiner, Kevin Paar, Michael Capone, and Jonathan Graf

Abstract: This paper presents a remote hardware-in-the-loop Hardware Trojan Horse (HTH) analysis approach that automates the process of examining HTH effects and characterizing detection/mitigation effectiveness. We frame the discussion around a novel HTH that is triggered by variations in temperature and is implemented in the fabric of a Field Programmable Gate Array device. We demonstrate the characterization and activation of the HTH using a fully automated web-based lab bench platform.

HaSS: “A practical application of game theory to optimize selection of hardware Trojan detection strategies”

HaSS: “A practical application of game theory to optimize selection of hardware Trojan detection strategies”

This Christmas, Graf Research Corporation celebrates the gift of having a new paper published in the Journal of Hardware and Systems Security! The paper is entitled “A practical application of game theory to optimize selection of hardware Trojan detection strategies.” Paper contributors included Jonathan Graf, Whitney Batchelor, Scott Harper, Ryan Marlow, Ed Carlisle, and Peter Athanas. The paper will appear in the journal next week, so be on the lookout for it!

And of course, Happy Holidays and Happy New Year to all!

-----

A practical application of game theory to optimize selection of hardware Trojan detection strategies

Jonathan Graf, Whitney Batchelor, Scott Harper, Ryan Marlow, Edward Carlisle IV, and Peter Athanas

Abstract: A wide variety of Hardware Trojan countermeasures have been developed, but less work has been done to determine which are optimal for any given design. To address this, we consider not only metrics related to the performance of the countermeasure, but also the likely action of an adversary given their goals. Trojans are inserted by an adversary to accomplish an end, so these goals must be considered and quantified in order to predict these actions. The model presented here builds upon a security economic approach that models the adversary and defender motives and goals in the context of empirically derived countermeasure efficacy metrics. The approach supports formation of a two-player strategic game to determine optimal strategy selection for both adversary and defender. A game may be played in a variety of contexts, including consideration of the entire design lifecycle or only a step in product development. As a demonstration of the practicality of this approach, we present an experiment that derives efficacy metrics from a set of countermeasures (defender strategies) when tested against a taxonomy of Trojans (adversary strategies). We further present a software framework, GameRunner, that automates not only the solution to the game but also mathematical and graphical exploration of “what if” scenarios in the context of the game. GameRunner can also issue “prescriptions,” a set of commands that allows the defender to automate the application of the optimal defender strategy to their circuit of concern. Finally, we include a discussion of ongoing work to include additional software tools, a more advanced experimental framework, and the application of irrationality models to account for players who make subrational decisions.

GOMAC 2019: “Introducing a Trust Metric Foundation and Deriving Trust-for-Buck”

GOMAC 2019: “Introducing a Trust Metric Foundation and Deriving Trust-for-Buck”

Graf Research Corporation will be returning to GOMAC, this time in Albuquerque, New Mexico. In addition to marveling at the ridges of the Sandia mountains and the wine-colored sunsets of New Mexico, we’ll be presenting our paper, “Introducing a Trust Metric Foundation and Deriving Trust-for-Buck.” Paper contributors include Scott Harper, Jonathan Graf, Whitney Batchelor, Tim Dunham, and Peter Athanas. If you’re going to GOMAC, come out and say hello to us!

-----

Hardware Trojan Detection using Xilinx Vivado

Scott Harper, Jonathan Graf, Whitney Batchelor, Tim Dunham, Peter Athanas

Abstract: This study defines a flexible quantitative metric for measuring trust-related aspects across a broad range of domains and a means of using that foundation to derive domain-specific measurements. A Trust Basis Metric is described here along with examples that build on its foundation to measure assurances and identify cost-effective trust-enhancing investments. Our primary motivation in performing this study was to quantitatively determine the best increase in trust per dollar (Trust-for-Buck) when investing in current device manufacture and distribution flows for microelectronic components.

 
 

Graf Research Corporation to present at NAECON

Graf Research Corporation will head to the IEEE National Aerospace and Electronics Conference in Fairborn, OH, to present our paper “Hardware Trojan Detection using Xilinx Vivado.” Paper contributors include Ryan Marlow, Scott Harper, Whitney Batchelor, and Jon Graf. Ryan Marlow will be the presenter.

-----

Hardware Trojan Detection using Xilinx Vivado

Ryan Marlow, Scott Harper, Whitney Batchelor, Jonathan Graf

Abstract: Modern commercial EDA tools provide end users with a framework for application specific customizations through a general-purpose programming language interface to an underlying circuit object model. Xilinx Vivado exposes that information through Tcl. This work demonstrates an implementation of a static hardware detection algorithm utilizing this interface of Vivado.

 
 

Graf Research at GOMAC 2018

Scott Harper from Graf Research will be attending GOMAC 2018 in Miami from March 12-15.  Our very own Scott Harper and Tim Dunham are co-authors on "Malicious Trigger Discovery in FPGA Firmware."  Make sure to say hello to Scott!

XSWG 2017: “A Cryptographically Secure Immutable Memory for Irrefutable Tamper Logging”

Graf Research Corporation is going to XSWG! We have been invited to give the lecture “A Cryptographically Secure Immutable Memory for Irrefutable Tamper Logging” at both groups: Longmont, Colorado (Oct 17-19) and Herndon, Virginia (Nov 7-9). Contributors to the lecture include Jonathan Graf, Ali Asgar Sohanghpurwala, Matt French, and Dr. Andrew Schmidt from USC-ISI. Register for the conference and come see us!

IEEE NAECON 2017: "Formal Enforcement of Mission Assurance Properties in Cyber-Physical Systems"

Graf Research and Georgia Tech are publishing and presenting our research on “Formal Enforcement of Mission Assurance Properties in Cyber-Physical Systems” at IEEE NAECON 2017. Come out and see our presentation!

-----

Formal Enforcement of Mission Assurance Properties in Cyber-Physical Systems
Scott Harper, Jonathan Graf, Michael A. Capone, Justin Eng, Michael Farrell, Lee W. Lerner

Abstract: Cyber-Physical Systems improve efficiency, accuracy, and access in systems ranging from household appliances to power stations to airplanes. They also bring new risks at the intersection of physical, information, and mission assurance. This paper presents CP-SMARTS, a framework providing a means for propagating CPS assurances from planning to deployment.

georgia tech.png
150 2017LogoResolution.jpg

Graf Research and USC-ISI Publish Research Results

Graf Research and the University of Southern California's Information Sciences Institute will publish our work on “Irrefutable Tamper Logging through FPGA Key Management” at the 2017 DoD Anti-Tamper Conference.  Co-authors include Jonathan Graf and Ali Asgar Sohanghpurwala from Graf Research and Matthew French and Dr. Andrew Schmidt from USC-ISI.

isi_logo.jpg

GOMAC 2017: "Private Verification for FPGAs" and "OpTrust"

Graf Research will present two papers at GOMAC 2017.  The first is on the private verification of FPGA bitstreams: a method for verifying that bitstream contents are trustworthy without reverse engineering them.  The second is on OpTrust, the software tool that encapsulates our game theoretic decision engine for microelectronics trust.

-----

Private Verification for FPGA Bitstreams
Jonathan Graf and Ali Asgar Sohanghpurwala

Abstract: We introduce private verification, a novel paradigm for trustworthy microelectronics design verification. Private verification methods and software simultaneously meet two requirements: (1) comprehensively verifying the design and (2) maintaining the privacy of certain aspects of the design, such as its implementation details or design format. We present an implementation of such a tool, entitled PV-Bit, which is capable of verifying the contents of FPGA bitstreams without exposing the details of the vendor-proprietary bitstream format or posing other security risks.

-----

OpTrust: Software for Determining Optimal Test Coverage and Strategies for Trust
Jonathan Graf

Abstract: Building on our prior work in the theory and practice of applying game theory to determine optimal test strategies for hardware Trojan detection, we present the OpTrust software tool. OpTrust is an automated game solving tool that offers microelectronics developers guidance about the optimal test strategies to ensure the trustworthiness of their designs. It divides roles among a red team, a threat environment team, and the developer. In this way, complexity and sensitive information are hidden from developers, allowing them easy access to test guidance.

IEEE NAECON 2016: "System-Level Adversary Attack Surface Modeling for Microelectronics Trust"

Continuing our publication of the applications of Game Theory to various levels of trust assessment, we discuss system-level applications in our IEEE NAECON 2016 paper. Come on out and see our presentation!

-----

Towards System-Level Adversary Attack Surface Modeling for Microelectronics Trust
Jonathan Graf

Abstract: Models of trust for microelectronic systems are difficult to create due to the large variety of adversarial strategies available. Building on previous work, we present a new adversary model that considers the large heterogeneous attack surface that is realistically available on a diverse microelectronic system. We also present an expanded game theoretic model that permits reasoning about optimal adversarial and defensive strategies across this varied attack surface.

 

IEEE HOST 2016: "Trust Games"

We are continuing to publish our research on the use of Game Theory to optimize hardware Trojan detection processes in our paper at IEEE HOST 2016.  Make sure to come by and chat with us!

 -----

Trust Games: How Game Theory Can Guide the Development of Hardware Trojan Detection Methods

Jonathan Graf

Abstract: The development of circuit testing and verification methods is commonly driven by formal analysis centered on an abstract mathematical model of the error or defect the method is designed to detect. Hardware Trojans, however, confound attempts to develop simple representative models due to the varieties of their physical embodiments in a circuit and the creative nature of a rational human adversary. Since it is nonetheless desirable to have a mathematical framework for determining the effectiveness of hardware Trojan detection methods, we present a game theoretic framework for so doing. Modeling the Trojan maker and detection method designer as opposing players in a 2-person strategic game is a necessary step in our process. However, the ultimate utility of the approach depends on an accurate security economic model of both players that can correctly consider the players’ incentives, empirically-derived detection method efficacy metrics, a comprehensive taxonomy of hardware Trojans, and the places in the design cycle of the circuit where the Trojan insertion and detection occur. In this paper, we present such a security economic model and the resulting game, which we call the Trust Game. We illustrate the value of this game primarily in the context of how it may guide the development of new hardware Trojan detection methods. We solve a representative game, illustrating the value of two common solution concepts, the iterated elimination of dominated strategies and Nash equilibrium. We further show that this framework has utility to both of the opposing players in the game. Finally, we recommend the development of standardized Trust Games that can be used to quickly measure the efficacy of both new hardware Trojans and hardware Trojan detection methods.

GOMAC 2016: "Optimal Hardware Trojan Detection through Security Economics and Game Theory"

We're going to GOMAC this year to present our paper, "Toward Optimal Hardware Trojan Detection through Security Economics and Game Theory."  Come on out to see us!

——-

Toward Optimal Hardware Trojan Detection through Security Economics and Game Theory

Jonathan Graf

Abstract: We present a security economic model that informs the optimal selection of hardware Trojan detection strategies.  Our model accurately represents the economics and efficacy of available verification and Trojan detection methods and accounts for the varieties of available hardware Trojans.  Paired with game theoretic analysis, this model informs ASIC/FPGA designers and associated policy makers of optimal defensive strategies.