ENTT: A family of emerging NVM-based trojan triggers

Karthikeyan Nagarajan, Mohammad Nasim Imtiaz Khan, Swaroop Ghosh

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

Hardware Trojans in the form of malicious modifications during the design and/or the fabrication process is a security concern due to globalization of the semiconductor production process. A Trojan is designed to evade structural and functional testing and trigger under certain conditions (e.g., after a number of clock ticks or assertion of a rare net) and deliver the payload (e.g., denial-of-service, information leakage). A wide variety of logic Trojans (both triggers and payloads) have been identified, however, very limited literature exists on memory Trojans in spite of their high likelihood. Emerging Non-Volatile Memories (NVMs) e.g., Resistive RAM (RRAM) possess unique characteristics e.g., non-volatility and gradual drift in resistance with pulsing voltage that make them a prime target to deploy a Hardware Trojan. In this paper, we present a delay and voltage-based Trojan trigger by exploiting the RRAM resistance drift under pulsing current. Simulation results indicate that these triggers can be activated by accessing a pre-selected address 2500-3000 times (varies with trigger designs) since the proposed trigger requires a large number of hammerings to evade test phase. Due to non-volatility, the hammering need not be consecutive and therefore can evade system-level techniques that can classify hammering as a potential security threat. We also propose a mechanism to reset the triggers. The maximum area and static/dynamic power overheads of the trigger circuit are 6.68μm2 and 104.24μW/0.426μW, respectively in PTM 65nm technology.

Original languageEnglish (US)
Title of host publicationProceedings of the 2019 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2019
PublisherInstitute of Electrical and Electronics Engineers Inc.
Pages51-60
Number of pages10
ISBN (Electronic)9781538680643
DOIs
StatePublished - May 1 2019
Event2019 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2019 - McLean, United States
Duration: May 6 2019May 10 2019

Publication series

NameProceedings of the 2019 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2019

Conference

Conference2019 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2019
CountryUnited States
CityMcLean
Period5/6/195/10/19

Fingerprint

Trigger circuits
Pulse time modulation
Data storage equipment
Electric potential
Information services
Computer hardware
Clocks
Semiconductor materials
Fabrication
Testing
RRAM
Hardware security

All Science Journal Classification (ASJC) codes

  • Hardware and Architecture
  • Safety, Risk, Reliability and Quality

Cite this

Nagarajan, K., Khan, M. N. I., & Ghosh, S. (2019). ENTT: A family of emerging NVM-based trojan triggers. In Proceedings of the 2019 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2019 (pp. 51-60). [8740836] (Proceedings of the 2019 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2019). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/HST.2019.8740836
Nagarajan, Karthikeyan ; Khan, Mohammad Nasim Imtiaz ; Ghosh, Swaroop. / ENTT : A family of emerging NVM-based trojan triggers. Proceedings of the 2019 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2019. Institute of Electrical and Electronics Engineers Inc., 2019. pp. 51-60 (Proceedings of the 2019 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2019).
@inproceedings{e004e7d60bc647ab856e97aa5dda07f6,
title = "ENTT: A family of emerging NVM-based trojan triggers",
abstract = "Hardware Trojans in the form of malicious modifications during the design and/or the fabrication process is a security concern due to globalization of the semiconductor production process. A Trojan is designed to evade structural and functional testing and trigger under certain conditions (e.g., after a number of clock ticks or assertion of a rare net) and deliver the payload (e.g., denial-of-service, information leakage). A wide variety of logic Trojans (both triggers and payloads) have been identified, however, very limited literature exists on memory Trojans in spite of their high likelihood. Emerging Non-Volatile Memories (NVMs) e.g., Resistive RAM (RRAM) possess unique characteristics e.g., non-volatility and gradual drift in resistance with pulsing voltage that make them a prime target to deploy a Hardware Trojan. In this paper, we present a delay and voltage-based Trojan trigger by exploiting the RRAM resistance drift under pulsing current. Simulation results indicate that these triggers can be activated by accessing a pre-selected address 2500-3000 times (varies with trigger designs) since the proposed trigger requires a large number of hammerings to evade test phase. Due to non-volatility, the hammering need not be consecutive and therefore can evade system-level techniques that can classify hammering as a potential security threat. We also propose a mechanism to reset the triggers. The maximum area and static/dynamic power overheads of the trigger circuit are 6.68μm2 and 104.24μW/0.426μW, respectively in PTM 65nm technology.",
author = "Karthikeyan Nagarajan and Khan, {Mohammad Nasim Imtiaz} and Swaroop Ghosh",
year = "2019",
month = "5",
day = "1",
doi = "10.1109/HST.2019.8740836",
language = "English (US)",
series = "Proceedings of the 2019 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2019",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
pages = "51--60",
booktitle = "Proceedings of the 2019 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2019",
address = "United States",

}

Nagarajan, K, Khan, MNI & Ghosh, S 2019, ENTT: A family of emerging NVM-based trojan triggers. in Proceedings of the 2019 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2019., 8740836, Proceedings of the 2019 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2019, Institute of Electrical and Electronics Engineers Inc., pp. 51-60, 2019 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2019, McLean, United States, 5/6/19. https://doi.org/10.1109/HST.2019.8740836

ENTT : A family of emerging NVM-based trojan triggers. / Nagarajan, Karthikeyan; Khan, Mohammad Nasim Imtiaz; Ghosh, Swaroop.

Proceedings of the 2019 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2019. Institute of Electrical and Electronics Engineers Inc., 2019. p. 51-60 8740836 (Proceedings of the 2019 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2019).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - ENTT

T2 - A family of emerging NVM-based trojan triggers

AU - Nagarajan, Karthikeyan

AU - Khan, Mohammad Nasim Imtiaz

AU - Ghosh, Swaroop

PY - 2019/5/1

Y1 - 2019/5/1

N2 - Hardware Trojans in the form of malicious modifications during the design and/or the fabrication process is a security concern due to globalization of the semiconductor production process. A Trojan is designed to evade structural and functional testing and trigger under certain conditions (e.g., after a number of clock ticks or assertion of a rare net) and deliver the payload (e.g., denial-of-service, information leakage). A wide variety of logic Trojans (both triggers and payloads) have been identified, however, very limited literature exists on memory Trojans in spite of their high likelihood. Emerging Non-Volatile Memories (NVMs) e.g., Resistive RAM (RRAM) possess unique characteristics e.g., non-volatility and gradual drift in resistance with pulsing voltage that make them a prime target to deploy a Hardware Trojan. In this paper, we present a delay and voltage-based Trojan trigger by exploiting the RRAM resistance drift under pulsing current. Simulation results indicate that these triggers can be activated by accessing a pre-selected address 2500-3000 times (varies with trigger designs) since the proposed trigger requires a large number of hammerings to evade test phase. Due to non-volatility, the hammering need not be consecutive and therefore can evade system-level techniques that can classify hammering as a potential security threat. We also propose a mechanism to reset the triggers. The maximum area and static/dynamic power overheads of the trigger circuit are 6.68μm2 and 104.24μW/0.426μW, respectively in PTM 65nm technology.

AB - Hardware Trojans in the form of malicious modifications during the design and/or the fabrication process is a security concern due to globalization of the semiconductor production process. A Trojan is designed to evade structural and functional testing and trigger under certain conditions (e.g., after a number of clock ticks or assertion of a rare net) and deliver the payload (e.g., denial-of-service, information leakage). A wide variety of logic Trojans (both triggers and payloads) have been identified, however, very limited literature exists on memory Trojans in spite of their high likelihood. Emerging Non-Volatile Memories (NVMs) e.g., Resistive RAM (RRAM) possess unique characteristics e.g., non-volatility and gradual drift in resistance with pulsing voltage that make them a prime target to deploy a Hardware Trojan. In this paper, we present a delay and voltage-based Trojan trigger by exploiting the RRAM resistance drift under pulsing current. Simulation results indicate that these triggers can be activated by accessing a pre-selected address 2500-3000 times (varies with trigger designs) since the proposed trigger requires a large number of hammerings to evade test phase. Due to non-volatility, the hammering need not be consecutive and therefore can evade system-level techniques that can classify hammering as a potential security threat. We also propose a mechanism to reset the triggers. The maximum area and static/dynamic power overheads of the trigger circuit are 6.68μm2 and 104.24μW/0.426μW, respectively in PTM 65nm technology.

UR - http://www.scopus.com/inward/record.url?scp=85068747370&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85068747370&partnerID=8YFLogxK

U2 - 10.1109/HST.2019.8740836

DO - 10.1109/HST.2019.8740836

M3 - Conference contribution

AN - SCOPUS:85068747370

T3 - Proceedings of the 2019 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2019

SP - 51

EP - 60

BT - Proceedings of the 2019 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2019

PB - Institute of Electrical and Electronics Engineers Inc.

ER -

Nagarajan K, Khan MNI, Ghosh S. ENTT: A family of emerging NVM-based trojan triggers. In Proceedings of the 2019 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2019. Institute of Electrical and Electronics Engineers Inc. 2019. p. 51-60. 8740836. (Proceedings of the 2019 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2019). https://doi.org/10.1109/HST.2019.8740836