The security of modern ICT (Information and Communication Technology) systems relies on the authenticity and integrity of the software and hardware components used to implement them. Such systems may be applied in homeland security markets, embedded systems, and critical infrastructures.
While software integrity has been intensively researched over the past years, hardware integrity had been mainly taken for granted. However, attacks on such hardware components keep improving. Physical attacks, giving access to internal information, side channel attacks, using passive observations of execution time, power consumption or electro-magnetic (EM) radiations, or fault injection attacks using power glitches, light, laser and EM perturbations are ‘proven’ ways of retrieving secret data out of those devices. Today’s security circuits offer protections against these attacks, but an absolute protection is not possible given that other means of attacks, like Hardware Trojans, exist raising new security challenges.
The threat of “Trojans” or hidden functions in Integrated Circuits (IC) is moving from theoretical to real thus bringing in alarming security concerns (de-activation of critical parts of the circuit, leaking sensitive information…) whenever embedding a given IC coming from a third party provider or even from one’s own delocalised production facilities.
The discovery of counterfeit chips in industrial and military products over the last years has made this threat much more conceivable. For instance, according to https://people.umass.edu/gbecker/BeckerChes13.pdf in 2010 the chip broker VisionTech was charged with selling fake chips, many of which were destined for safety and security critical systems such as high-speed train breaks, hostile radar tracking in F-16 fighter jets, and ballistic missile control systems (see C. Gorman. “Counterfeit chips on the rise”. IEEE Spectrum, 49(6):16-17, june 2012). The threat of hardware Trojans is expected to only increase with time, especially with the recent concerns about cyberwar.
The HINT (Holistic Approaches for Integrity of ICT-Systems) project addresses these new challenges by proposing the development of novel technologies to provide a means of approval that a system is genuine and unmodified. Those technologies shall help to ensure the authenticity and integrity of the hardware components used in a given system. In order to check the integrity of a given IC the partners investigate analysis of this IC through its Electromagnetic (EM) emanations. These methods of ‘Trojans’ detection shall be based on active methods where characteristic signatures are extracted from given test patterns.
You can follow our news on HINT project homepage: http://hint-project.eu/index.php/news and on Twitter: https://twitter.com/hint_project.
The HINT project has started on 01 October 2012 and will last 36 months. It has received funding from the European Union’s Seventh Framework Programme (FP7/2007-2013) under grant agreement n° 317930.