Most of us have a good understanding that not all software is secure by definition. Ill-intended actors can be lurking on the web, attempting to scam an unsuspecting user that clicks on a malicious link, opens an attachment with malware, or even downloads a compromised app on his/her phone.
On the hardware side, there are malicious actors as well. They operate at different levels depending on where they are located in the supply chain. In general, our concerns are at the level of computer chips. Unfortunately, many instances of chips were bought in the open market with a sticker that says its producer is a trustworthy company, but in fact, the chip is from an unknown source. This is somewhat equivalent to buying a counterfeit purse or a pair of shoes. But the issues do not stop there; there is also the concern that the chip has been manipulated and does something else that it is not supposed to do, perhaps leaking some sensitive user data.
All of these hardware issues (and many more) are studied in the domain of Hardware Security. Luckily, TalTech has a research group that focuses precisely on these issues. In their recent research, the group led by Prof. Samuel Pagliarini has studied how adversaries can insert clever Trojans Horses while a chip is undergoing fabrication. Remarkably, the Trojan Horse insertion took just a little over one hour. And this is only one of the topics that TalTech’s Centre for Hardware Security is tackling.
What are the main issues in the field?
Samuel Pagliarini states that his own simple definition of hardware security is the study of all bad things a malicious actor can apply to a computer chip (or to a system composed of chips). But, in order to understand what these vulnerabilities are, one must first understand how chips are designed. The ecosystem that supports this activity is incredibly distributed, he adds.
“For instance, when my research group does even a relatively small chip that is only for academic purposes, I need to interface with a handful of companies in the US, the UK, Taiwan, and Singapore. For commercial products, this list gets even longer,” the professor brings out. And here lies the problem: “I have no ownership or control whatsoever over any of those companies, so I cannot rule out the presence of malicious actors in my supply chain. I can hire a company to fabricate one million units of my chip, but if they decide to produce 1.1 million parts and sell the extra ones in the black market, I have no means to prevent that,” he formulates the main issues.
Computer hardware security is an increasing challenge, given the global distribution of the ecosystem needed to produce ICs. The different stages of IC production are carried out by different organizations based in different countries. This makes it challenging to ensure that ICs are not modified during production and that the knowledge contained therein is not copied. This problem is so pressing that the Hardware Security community has organized many competitions to understand how to improve defences against reverse engineering.
International competitions bring out the importance and quality of the research
Professor Pagliarini’s team has been successful several times at international competitions. The latest one, HeLLo:CTF, is a prestigious hardware security contest held worldwide, attracting students, faculty members, and industry practitioners as participants. It was co-organized by the U. of Florida, Texas A&M University, and the University of Maryland with support from Intel. TalTech was represented in the competition by team UKU, with Zain Ul Abideen as team captain; Levent Aksoy, Felipe Almeida, and Mohammad Eslami as team members; and Prof. Samuel Pagliarini as supervisor.
What was the contest about? The design process for a computer chip is known for its high complexity and costs, often requiring the participation of several entities spread around the globe. Such globalisation leads to serious security threats because these entities cannot always be considered trusted, which then brings concerns about Intellectual Property (IP) being copied or produced without authorization. The contest was organized into four tracks: logic locking, state space obfuscation, fine grain hardware redaction, and routing table configuration. All of these are state-of-the-art forms of obfuscation that, if successful, would render a computer chip harder to understand and, therefore, harder to copy. “Protecting IP is not only about protecting the creator’s financial interests but also about maintaining the integrity of their work and preserving the incentives for future innovation”, says Levent Aksoy.
In this context, HeLLo:CTF is organised as a red team versus a blue team event. The organisers, considered the blue team, provide IP protected by state-of-the-art techniques, while the participants, considered as red teams, try to break these defences. The challenge round began in September 2022 with 18 teams and lasted until November of that year. From there, ten teams advanced to the final round that commenced in December. The competition concluded in January 2023, and 7 teams were finalists, including team UKU from TalTech.
On February 2023, the competition’s award ceremony was conducted, where all the finalist teams presented their solutions and approaches to the given problems. Logic locking is a known technique, while the other problems in the competition were relatively new and rather complex. Many teams ignored specific difficult problems, but UKU gave equal attention to all four problems. “Our team stood out as the only team that tackled all the problems and presented innovative solutions, which awarded us 1st place and the grand prize of $15,000”, states the team captain, Zain.
The other teams that were awarded in the same competition were from IIT Guwahati, New York University, Auburn University, University of Kansas, U. of South Florida at Tampa, and U. of Texas at Dallas. These universities are well-known in the Hardware Security domain, which made the achievement of the TalTech team even more impressive.