Skip to main content
SpringerLink
Log in

Security and Trust Verification of IoT SoCs

  • Chapter
  • First Online:
Security and Fault Tolerance in Internet of Things

Part of the book series: Internet of Things ((ITTCC))

Abstract

System-on-Chips (SoCs) are widely used in designing Internet-of-Things (IoT) devices. In order to ensure the security of IoT devices, it is crucial to guarantee the trustworthiness of SoCs. Verifying the trust in SoCs is a major challenge due to their long and globally distributed supply chain. Malicious components can be inserted in different stages of the design cycle. These malicious functionalities work as a backdoor to severely affect the security of the design by giving control of the system to adversaries. The threat creates a critical need for designing new validation approaches that are capable of identifying hidden Trojans. Existing validation techniques cannot efficiently activate and detect Trojans since Trojans are designed to be inactive most of the time and triggered using very rare events. For example, if an adversary wants to hide a Trojan in register-transfer level (RTL) designs, rare branches would be an ideal choice to host Trojans. In this chapter, we introduce a Trojan activation technique that utilizes an effective combination of symbolic simulation as well as concrete execution to identify Trojans that are hidden under rare branches and assignments. The technique is scalable as it considers one path at a time instead of considering the whole design. It uses satisfiability modulo theories (SMT) solvers to solve the path constraints in order to generate a valid test to explore a new path in the design. The exploration continues until all of the rare branches in the design are activated in the search for hidden Trojans.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 99.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 129.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Opencores website (2017). https://www.opencores.org

  2. TrustHub website (2017). https://www.trust-hub.org

  3. Ahmed, A., Farahmandi, F., Mishra, P.: Directed test generation using concolic testing on RTL models. In: 2018 Design, Automation and Test in Europe Conference and Exhibition (DATE), pp. 1538–1543. IEEE (2018)

    Google Scholar 

  4. Ahmed, A., Mishra, P.: QUEBS: Qualifying event based search in concolic testing for validation of RTL models. In: 2017 IEEE 35th International Conference on Computer Design (ICCD), pp. 185–192. IEEE (2017)

    Google Scholar 

  5. Banga, M., Hsiao, M.S.: Trusted RTL: trojan detection methodology in pre-silicon designs. In: 2010 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 56–59. IEEE (2010)

    Google Scholar 

  6. Biere, A., Cimatti, A., Clarke, E.M., Fujita, M., Zhu, Y.: Symbolic model checking using SAT procedures instead of BDDs. In: Proceedings of the 36th Annual ACM/IEEE Design Automation Conference, pp. 317–320. ACM (1999)

    Google Scholar 

  7. Burnim, J., Sen, K.: Heuristics for scalable dynamic test generation. In: ASE, pp. 443–446 (2008)

    Google Scholar 

  8. Chakraborty, R.S., Narasimhan, S., Bhunia, S.: Hardware trojan: threats and emerging solutions. In: 2009 IEEE International High Level Design Validation and Test Workshop, HLDVT 2009, pp. 166–171. IEEE (2009)

    Google Scholar 

  9. Chakraborty, R.S., Wolff, F., Paul, S., Papachristou, C., Bhunia, S.: Mero: a statistical approach for hardware trojan detection. In: Cryptographic Hardware and Embedded Systems-CHES 2009, pp. 396–410. Springer (2009)

    Google Scholar 

  10. Chandra, S., et al.: Snugglebug: a powerful approach to weakest preconditions. In: SIGPLAN, vol. 44, pp. 363–374 (2009)

    Article  Google Scholar 

  11. Charreteur, F., Gotlieb, A.: Constraint-based test input generation for java bytecode. In: ISSRE, pp. 131–140 (2010)

    Google Scholar 

  12. Chen, M., Mishra, P.: Functional test generation using efficient property clustering and learning techniques. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 29(3), 396–404 (2010)

    Article  Google Scholar 

  13. Chen, M., Mishra, P.: Property learning techniques for efficient generation of directed tests. IEEE Trans. Comput. 60(6), 852–864 (2011)

    Article  MathSciNet  Google Scholar 

  14. Chen, M., Qin, X., Koo, H.-M., Mishra, P.: System-Level Validation: High-Level Modeling and Directed Test Generation Techniques. Springer Science & Business Media (2012)

    Google Scholar 

  15. Chen, M., et al.: Automatic RTL test generation from systemC TLM specifications. TECS 11, 38 (2012)

    Article  Google Scholar 

  16. Corno, F., et al.: RT-level ITC’99 benchmarks and first ATPG results. IEEE Des. Test Comput. 17(3), 44–53 (2000)

    Article  Google Scholar 

  17. Cruz, J., Farahmandi, F., Ahmed, A., Mishra, P.: Hardware trojan detection using ATPG and model checking. In: International Conference on VLSI Design (2018)

    Google Scholar 

  18. Dinges, P., Agha, G.: Targeted test input generation using symbolic-concrete backward execution. In: ASE, pp. 31–36 (2014)

    Google Scholar 

  19. Dutertre, B., De Moura, L.: The Yices SMT solver. 2:1–2 (2006). Tool paper. http://yices.csl.sri.com/tool-paper.pdf

  20. Farahmandi, F., Huang, Y., Mishra, P.: Trojan localization using symbolic algebra. In: 2017 22nd Asia and South Pacific Design Automation Conference (ASP-DAC), pp. 591–597. IEEE (2017)

    Google Scholar 

  21. Farahmandi, F., Mishra, P.: Automated test generation for debugging arithmetic circuits. In: DATE, pp. 1351–1356 (2016)

    Google Scholar 

  22. Farahmandi, F., Mishra, P.: Automated debugging of arithmetic circuits using incremental gröbner basis reduction. In: 2017 IEEE 35th International Conference on Computer Design (ICCD), pp. 193–200. IEEE (2017)

    Google Scholar 

  23. Farahmandi, F., Mishra, P.: FSM anomaly detection using formal analysis. In: 2017 IEEE 35th International Conference on Computer Design (ICCD), pp. 313–320. IEEE (2017)

    Google Scholar 

  24. Godefroid, P., et al.: DART: directed automated random testing. In: ACM SIGPLAN Notices, vol. 40, pp. 213–223 (2005)

    Article  Google Scholar 

  25. Guo, X., Dutta, R.G., Jin, Y., Farahmandi, F., Mishra, P.: Pre-silicon security verification and validation: a formal perspective. In: Proceedings of the 52nd Annual Design Automation Conference, p. 145. ACM (2015)

    Google Scholar 

  26. Hicks, M., Finnicum, M., King, S.T., Martin, M.M., Smith, J.M.: Overcoming an untrusted computing base: detecting and removing malicious hardware automatically. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 159–172. IEEE (2010)

    Google Scholar 

  27. Hu, W., et al.: Detecting hardware trojans with gate-level information-flow tracking. Computer 44–52 (2016)

    Article  Google Scholar 

  28. Koo, H.-M., Mishra, P.: Functional test generation using design and property decomposition techniques. ACM Trans. Embed. Comput. Syst. (TECS) 8(4), 32 (2009)

    Google Scholar 

  29. Li, Y., et al.: Steering symbolic execution to less traveled paths. In: ACM SIGPLAN Notices, vol. 48, pp. 19–32 (2013)

    Article  Google Scholar 

  30. Liu, L., Vasudevan, S.: STAR: generating input vectors for design validation by static analysis of RTL. In: HLDVT, pp. 32–37 (2009)

    Google Scholar 

  31. Liu, L., Vasudevan, S.: Efficient validation input generation in RTL by hybridized source code analysis. In: DATE, pp. 1–6 (2011)

    Google Scholar 

  32. Liu, L., et al.: Scaling input stimulus generation through hybrid static and dynamic analysis of RTL. TODAES 20, 4 (2014)

    Article  Google Scholar 

  33. Lyu, Y., Qin, X., Chen, M., Mishra, P.: Directed test generation for validation of cache coherence protocols. IEEE Trans. Comput. Aided Des. Integr, Circuits Syst (2018)

    Book  Google Scholar 

  34. Mishra, P., Dutt, N.: Specification-driven directed test generation for validation of pipelined processors. ACM Trans. Des. Autom. Electron. Syst. (TODAES) 13(3), 42 (2008)

    Google Scholar 

  35. Mukherjee, R., et al.: Hardware verification using software analyzers. In: ISVLSI, pp. 7–12 (2015)

    Google Scholar 

  36. Park, S., et al.: Carfast: achieving higher statement coverage faster. In: FSE, p. 35 (2012)

    Google Scholar 

  37. Pnueli, A.: The temporal semantics of concurrent programs. Theor. Comput. Sci. 13(1), 45–60 (1981)

    Article  MathSciNet  Google Scholar 

  38. Qin, X., Mishra, P.: Directed test generation for validation of multicore architectures. ACM Trans. Des. Autom. Electron. Syst. (TODAES) 17(3), 24 (2012)

    Google Scholar 

  39. Qin, X., Mishra, P.: Scalable test generation by interleaving concrete and symbolic execution. In: VLSID, pp. 104–109 (2014)

    Google Scholar 

  40. Rajendran, J., Vedula, V., Karri, R.: Detecting malicious modifications of data in third-party intellectual property cores. In: Proceedings of the 52nd Annual Design Automation Conference, p. 112. ACM (2015)

    Google Scholar 

  41. Salmani, H., et al.: On design vulnerability analysis and trust benchmarks development. In: ICCD, pp. 471–474 (2013)

    Google Scholar 

  42. Sen, K., Agha, G.: CUTE and jCUTE: concolic unit testing and explicit path model-checking tools. In: CAV, pp. 419–423 (2006)

    Google Scholar 

  43. Sen, K., et al.: CUTE: a concolic unit testing engine for C. In: ACM SIGSOFT Software Engineering Notes, vol. 30, pp. 263–272 (2005)

    Article  Google Scholar 

  44. Seo, H., Kim, S.: How we get there: a context-guided search strategy in concolic testing. In: FSE, pp. 413–424 (2014)

    Google Scholar 

  45. Sturton, C., Hicks, M., Wagner, D., King, S.T.: Defeating UCI: building stealthy and malicious hardware. In: 2011 IEEE Symposium on Security and Privacy (SP), pp. 64–77. IEEE (2011)

    Google Scholar 

  46. Tehranipoor, M., Koushanfar, F.: A survey of hardware trojan taxonomy and detection. IEEE Des. Test Comput. 27(1) (2010)

    Article  Google Scholar 

  47. Waksman, A., Suozzo, M., Sethumadhavan, S.: Fanci: identification of stealthy malicious logic using boolean functional analysis. In: Proceedings of the 2013 ACM SIGSAC Conference on Computer and Communications Security, pp. 697–708. ACM (2013)

    Google Scholar 

  48. Williams, S.: Icarus Verilog (2006). http://iverilog.icarus.com/

  49. Zhang, J., Yuan, F., Wei, L., Liu, Y., Xu, Q.: Veritrust: verification for hardware trust. IEEE Trans. Comput. Aided Des. Integr. Circuits Syst. 34(7), 1148–1161 (2015)

    Article  Google Scholar 

  50. Zhang, J., Yuan, F., Xu, Q.: Detrust: defeating hardware trust verification with stealthy implicitly-triggered hardware trojans. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security, pp. 153–166. ACM (2014)

    Google Scholar 

  51. Zhang, X., Tehranipoor, M.: Case study: detecting hardware trojans in third-party digital IP cores. In: 2011 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST), pp. 67–70. IEEE (2011)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer and Information Science and Engineering, University of Florida, Gainesville, USA

    Alif Ahmed, Farimah Farahmandi & Prabhat Mishra

  2. Advanced Security Research Group, Cisco Systems, San Jose, USA

    Yousef Iskander

Authors
  1. Alif Ahmed
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Farimah Farahmandi
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yousef Iskander
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Prabhat Mishra
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Alif Ahmed .

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, Indian Institute of Technology Kharagpur, Kharagpur, West Bengal, India

    Rajat Subhra Chakraborty

  2. Department of Computer Science and Engineering, Indian Institute of Technology Patna, Patna, Bihar, India

    Jimson Mathew

  3. Department of Computer Science, Electrical and Space Engineering, Luleå University of Technology, Skellefteå, Sweden

    Athanasios V. Vasilakos

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Ahmed, A., Farahmandi, F., Iskander, Y., Mishra, P. (2019). Security and Trust Verification of IoT SoCs. In: Chakraborty, R., Mathew, J., Vasilakos, A. (eds) Security and Fault Tolerance in Internet of Things. Internet of Things. Springer, Cham. https://doi.org/10.1007/978-3-030-02807-7_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-02807-7_1

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-02806-0

  • Online ISBN: 978-3-030-02807-7

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation