Skip to main content

Advertisement

SpringerLink
Log in

Securing Medical Devices Against Hardware Trojan Attacks Through Analog-, Digital-, and Physiological-Based Signatures

  • Published:
Journal of Hardware and Systems Security Aims and scope Submit manuscript

Abstract

Corruption of data in embedded and medical devices can cause serious harm if not quickly detected. In this paper, we emphasize the part of the attack surface which entails inserting malicious hardware circuitry (Hardware Trojans) during the manufacturing process of a digital microchip. The Hardware Trojan (HT) is composed of a few gates and attempts to modify the functionality of the chip. Such types of extremely small HTs are hard to detect using other conventional offline HT detection methods, such as side-channel analysis and digital systems test techniques. In our approach, however, we focus on an online method for rapidly detecting HTs at runtime by checking for correct functionality of the underlying hardware. We present an architecture that addresses these threats by splitting the design into a two-chip approach where we generate signatures deep in the hardware during data harvesting, and we then check for these signatures during data processing and encryption for transmission. In addition, we take advantage of known physiological relationships between medical data to ensure the integrity of the data that is processed by the hardware. Our experimental results demonstrate the effectiveness of our HT detection architecture and show that not only can we detect such types of attacks but also that we can distinguish these attacks from actual health problems. Our synthesis results show that our architecture minimally impacts performance and area especially in light of the fact that most of our techniques rely on digital logic modules which are already typically present in modern digital chips for test and other purposes.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16

Similar content being viewed by others

References

  1. Johnson R The Navy bought fake Chinese microchips that could have disarmed U.S. missiles, Business Insider, July 2011. [Online]. Available: http://www.businessinsider.com/navy-chinese-microchips-weapons-could-have-been-shut-off-2011-6 http://www.businessinsider.com/navy-chinese-microchips-weapons-could-have-been-shut-off-2011-6

  2. West J, Kohno T, Lindsay D, Sechman J (2016) WearFit: Security design analysis of a wearable fitness tracker, IEEE Center for Secure Design

  3. Post-market management of cybersecurity in medical devices, Center for Devices and Radiological Health, Food and Drug Administration, U.S. Department of Health and Human Services and Center for Biologics Evaluation and Research, 2016

  4. Wehbe T, Mooney V, Keezer D, Parham NB (2015) A novel approach to detect hardware Trojan attacks on primary data inputs. In: Proceedings of the 10th Workshop on Embedded Systems Security (WESS), pp 2:1–2:10

  5. Wehbe T, Mooney VJ, Javaid AQ, Inan OT (2017) A novel physiological features-assisted architecture for rapidly distinguishing health problems from hardware Trojan attacks and errors in medical devices. In: 2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST), pp 106–109

  6. Wehbe T, Mooney VJ, Keezer DC, Inan OT, Javaid AQ (2017) Use of analog signatures for hardware Trojan detection. In: Proceedings of the 14th FPGAworld Conference

  7. Inan OT, Migeotte PF, Park KS, Etemadi M, Tavakolian K, Casanella R, Zanetti J, Tank J, Funtova I, Prisk GK, Rienzo MD (2015) Ballistocardiography and seismocardiography: a review of recent advances. IEEE J Biom Health Inf 19(4):1414– 1427

    Article  Google Scholar 

  8. Tehranipoor M, Koushanfar F (2010) A survey of hardware Trojan taxonomy and detection. IEEE Des Test Comput 27(1):10–25

    Article  Google Scholar 

  9. Bhunia S, Hsiao MS, Banga M, Narasimhan S (2014) Hardware Trojan attacks: threat analysis and countermeasures. Proc IEEE 102(8):1229–1247

    Article  Google Scholar 

  10. Lamech C, Plusquellic J (2012) Trojan detection based on delay variations measured using a high-precision, low-overhead embedded test structure. In: 2012 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp 75–82

  11. Wei S, Potkonjak M (2013) The undetectable and unprovable hardware Trojan horse. In: 2013 50th ACM/EDAC/IEEE Design Automation Conference (DAC), pp 1–2

  12. Wei S, Li K, Koushanfar F, Potkonjak M (2012) Hardware Trojan horse benchmark via optimal creation and placement of malicious circuitry. In: DAC Design Automation Conference, vol 2012, pp 90–95

  13. Wu TF, Ganesan K, Hu YA, Wong HSP, Wong S, Mitra S (2016) TPAD: Hardware Trojan prevention and detection for trusted integrated circuits. IEEE Trans Comput Aided Des Integr Circuits Syst 35 (4):521–534

    Article  Google Scholar 

  14. Francq J, Frick F (2015) Introduction to hardware Trojan detection methods. In: 2015 Design, Automation Test in Europe Conference Exhibition (DATE), pp 770–775

  15. Moein S, Subramnian J, Gulliver TA, Gebali F, El-Kharashi MW (2015) Classification of hardware Trojan detection techniques, in 10th Int’l Conf. on Computer Engineering Systems (ICCES), pp 357–362

  16. Gbade-Alabi A, Keezer D, Mooney V, Poschmann AY, Stöttinger M., Divekar K (2014) A signature based architecture for Trojan detection. In: Proceedings of the 9th Workshop on Embedded Systems Security (WESS), pp 3:1–3:10

  17. Sullivan D, Biggers J, Zhu G, Zhang S, Jin Y (2014) FIGHT-metric: Functional identification of gate-level hardware trustworthiness. In: 2014 51st ACM/EDAC/IEEE Design Automation Conference (DAC), pp 1–4

  18. Abramovici M, Breuer M, Friedman A (1990) Digital systems testing and testable design. IEEE Press, Piscataway

    Google Scholar 

  19. Richard E, Chan ADC (2010) Design of a gel-less two-electrode ECG monitor. In: Int’l Workshop on Medical Measurements and Applications, pp 92–96

  20. Prisk GK, Verhaeghe S, Padeken D, Hamacher H, Paiva M (2001) Three-dimensional ballistocardiography and respiratory motion in sustained microgravity. Aviat Space Environ Med 72:1067–1074

    Google Scholar 

  21. Etemadi M, Inan OT, Giovangrandi L, Kovacs GTA (2011) Rapid assessment of cardiac contractility on a home bathroom scale. IEEE Trans Inf Technol Biomed 15(6):864–869

    Article  Google Scholar 

  22. Wahby RS, Howald M, Garg S, Shelat A, Walfish M Verifiable ASICs. In: 2016 IEEE Symposium on Security and Privacy (SP), pp 759–778, vol 2016

  23. Imeson F, Emtenan A, Garg S, Tripunitara MV (2013) Securing computer hardware using 3D integrated circuit (IC) technology and split manufacturing for obfuscation. In: Proc. of the 22nd USENIX Conf. on Security (SEC), USENIX Association, pp 495–510

  24. Bogdanov A, Knudsen LR, Leander G, Paar C, Poschmann A, Robshaw MJB, Seurin Y, Vikkelsoe C (2007) PRESENT: an ultra-lightweight block cipher. Springer, pp 450–466

  25. Maes R, Van Herrewege A, Verbauwhede I (2012) PUFKY: A fully functional PUF-based cryptographic key generator. In: Prouff E, Schaumont P (eds) Cryptographic hardware and embedded systems – CHES 2012. Springer, Berlin, pp 302– 319

    Chapter  Google Scholar 

  26. Javaid AQ, Fesmire NF, Weitnauer MA, Inan OT (2015) Towards robust estimation of systolic time intervals using head-to-foot and dorso-ventral components of sternal acceleration signals. In: 2015 IEEE 12th international conference on wearable and implantable body sensor networks (BSN), pp 1–5

  27. Ashouri H, Inan OT (2016) Improving the accuracy of proximal timing detection from ballistocardiogram signals using a high bandwidth force plate. In: 2016 IEEE-EMBS international conference on biomedical and health informatics (BHI), pp 553–556

  28. Coughlin RF, Villanucci RS (1990) Introductory operational amplifiers and linear ICs: theory and experimentation. Harlow. Pearson Education Limited, United Kingdom

    Google Scholar 

  29. Wiens AD, Etemadi M, Roy S, Klein L, Inan OT (2015) Toward continuous, noninvasive assessment of ventricular function and hemodynamics: Wearable ballistocardiography. IEEE J Biom Health Inf 19(4):1435–1442

    Article  Google Scholar 

  30. Jordanov VT, Hall DL (2002) Digital peak detector with noise threshold. In: IEEE Nuclear Science Symp. Conf. Record, vol 1, pp 140–142

  31. Schlant RC, Adolph R, DiMarco J, Dreifus L, Dunn M, Fisch C et al (1992) Guidelines for electrocardiography. A report of the American college of cardiology/American Heart Association Task Force on assessment of diagnostic and therapeutic cardiovascular procedures. J Am Coll Cardiol 19(3):473–481

    Article  Google Scholar 

  32. Yu MD, Devadas S (2010) Secure and robust error correction for physical unclonable functions. IEEE Des Test Comput 27(1):48–65

    Article  Google Scholar 

  33. NCSU 45nm FreePDKTM process design kit. Electronic Design Automation, North Carolina State University. [Online]. Available: http://www.eda.ncsu.edu/wiki/FreePDK

  34. Syed AH Performance of different multipliers in the DesignWare building block IP, DesignWare Technical Bulletin, Synopsys Inc

Download references

Author information

Authors and Affiliations

  1. School of Electrical and Computer Engineering, Georgia Institute of Technology, Atlanta, GA, 30332, USA

    Taimour Wehbe, Vincent J. Mooney, Omer T. Inan & David C. Keezer

Authors
  1. Taimour Wehbe
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vincent J. Mooney
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Omer T. Inan
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. David C. Keezer
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Taimour Wehbe.

Ethics declarations

The human subjects measurements were approved by the Georgia Tech Institutional Review Board, and subjects provided written informed consent.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Wehbe, T., Mooney, V.J., Inan, O.T. et al. Securing Medical Devices Against Hardware Trojan Attacks Through Analog-, Digital-, and Physiological-Based Signatures. J Hardw Syst Secur 2, 251–265 (2018). https://doi.org/10.1007/s41635-018-0040-7

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s41635-018-0040-7

Keywords

Search

Navigation