EC 500 - ASCSEC 500 Hardware Security Prof. Michel A. Kinsy Introduction to cybersecurity Cyber attacks examples Department of Electrical & Computer Engineering Course Topics Classic

Department of Electrical & Computer Engineering

EC 500Hardware Security

Prof. Michel A. Kinsy

Introduction to cybersecurityCyber attacks examples


Course Topics § Classic and Modern encryption algorithms: AES, RSA, Hash,

MAC, digital signatures, etc. § Hardware Security Primitives: Physical unclonable functions,

Oblivious RAM, Circuit obfuscation, Hardware Trojans § Distributed Trustworthy Systems: Distributed Key

Management, Authentication, Confidentiality § Secure Computing: Secure Multiparty Computation,

Homomorphic Computation § Secure Architecture Design Concepts: Isolation, Obfuscation,

Attestation § Memory Integrity, Cache Side-Channel, Secure Boot, Trusted

OS § Software Guard Extensions (SGX) and Trusted Execution

Technology (TXT)


Course Learning Vehicle§ As a 500 Level course, it is primarily a reading,

presentation and project driven course § The class project is built around the RISC-V ISA§ We will try to build secure architecture features

targeting each or some of these course topics


Large-Scale System Security Breaches

§ The Emerging Mobile App “Wild West”• https://securityintelligence.com/how-to-protect-mobile-apps-

essentials/§ Apple has now removed over 300 pieces of software

from the App Store• http://www.wired.com/2015/09/apple-removes-300-infected-

apps-app-store/§ Security researcher obtained physical access to the

plane control system through the Seat Electronic Box• http://www.wired.com/2015/05/feds-say-banned-researcher-

commandeered-plane/§ Stuxnet computer worm is shown to work on Siemens

SIMATIC WinCC SCADA system• http://www.theguardian.com/world/2011/apr/17/iran-siemens-

stuxnet-cyberattack


Large-Scale System Security Breaches§ Home routers

§ Stealthy, destructive malware infects half a million routers https://www.wired.com/story/vpnfilter-router-malware-outbreak/

§ Services sector: databases and data centers§ Equifax breach of 145.5 million people's data§ Yahoo hack that affected 3 billion accounts§ Hospitals

§ https://www.zdnet.com/article/us-hospital-pays-55000-to-ransomware-operators/§ https://www.healthcareitnews.com/news/when-medical-devices-get-hacked-hospitals-

often-dont-know-it

§ Fitness and wellness § Under Armour

§ https://www.wired.com/story/under-armour-myfitnesspal-hack-password-hashing/

§ Internet of Things § World's largest DDoS attack launched from 152,000 hacked Smart

Deviceshttps://thehackernews.com/2016/09/ddos-attack-iot.html§ 230 crypto keys are actively being used by more than 4 Million IoT

devices§ https://thehackernews.com/2015/11/iot-device-crypto-keys.html

https://www.wired.com/story/vpnfilter-router-malware-outbreak/

https://www.wired.com/story/under-armour-myfitnesspal-hack-password-hashing/


Large-Scale System Security Breaches§ Power grid systems: their control systems§ U.S. investigators find proof of cyberattack on

Ukraine power grid§ https://www.cnn.com/2016/02/03/politics/cyberattack-

ukraine-power-grid/index.html

Source: U.S. Department of Energy


Example: MicrogridsAn information-centric energy infrastructure: The Berkeley view

Source: http://www.energy-daily.com/images/smart-grid-electricity-schematic-bg.jpg.


Example: Cybersecurity of Microgrids

§ Computation requirements§ The control systems deal with continuous,

computational intensive dynamics, discrete events, and generic commands§ Low and high-performance processing units required

§ The correctness, stability, and efficiency in controlling these system are closely related to the data propagation delay in the control (low-latency, and hard real-time)§ Fast and predictable execution units are imperative

§ Security requirements


Example: Cybersecurity of Microgrids

§ Computation requirements§ Security requirements

§ Local control algorithms change over time, due to changes in the physical plant functions or capacity§ Programmable architectures are required

§ The system wide control is a network of independent or loosely coupled local controls§ Robust network security is needed

§ Firewalls, intrusion detection, deep packet sniffing, logging, unauthorized access monitoring, etc.


Social media and networks Mobile devices

Scientific instruments

Sensor technologyData storage has grown significantly, shifting markedly from analog to digital after 2000

SOURCE: Hilbert and López, “The world’s technological capacity to store, communicate, and compute information,” Science, 2011

Global installed, optimally compressed, storage

OverallExabytes

Detail%; exabytes

NOTE: Numbers may not sum due to rounding.

50

300

250

200

150

100

02007200019931986

6

75

979994

100% =

Analog

Digital

20072000

54 295

25

1993

163

1986

31

Evolving Nature of Applications


Computer System Components View

Digital Design

Circuit Design

Compiler

OperatingSystem

Applications

Firmware

Datapath & Control

Layout

I/O systemProcessor Memory organizationISA


Computer Architecture Domains§ The art of abstraction

Algorithm

Register-Transfer Level (RTL)

Application

Instruction Set Architecture (ISA)Operating System/Virtual Machine

Microarchitecture

Devices

Programming Language

Circuits

Physics

Original domain of

the computer architect

(‘50s-‘80s)

Domain of computer architecture (�90s)

Reliability, power

Parallel computing security, …


Computer Architecture Components

§ The processing elements or cores do the actual computations, i.e., data manipulations, operations

On-chip Interconnect

Memory Subsystem

Processing Cores



§ The memory hierarchy is responsible for the on-chip data storage, organization and access scheme


Memory Subsystem

Processing Cores



§ On-chip network handles data movements, e.g., cache lines and cache coherence messages, between processor cores and memory modules


Memory Subsystem

Processing Cores


Why Hardware Level Security? Defense becomes more and more complex, yet still outmatched by offense

Unified threatmanagement

Network flightrecorder

SnortMilky WayStalkerDEC seal

10,000,000

8,000,000

6,000,000

4,000,000

2,000,000

01985 1990 1995 2000 2005 2010

Line

s of

cod

e

Security software

Malware:125 lines of code*

Source: Defense Advanced Research Projects Agency (DARPA)

Brief to Defense Science Board (DSB) Task Force (May 2011).

Data through 2010.


Computing Systems Security§ Hardware Security

• Circuit Level§ Hardware obfuscation

• Digital Design§ IC watermarking

• Datapath & Control§ Self-repair and regeneration of

datapaths• Component Level

§ Hardware security primitives (PUF, ORAM, RNG,…)

• Architecture Level§ Secure computing architectures

• Secure heterogeneous system-on-chip (SoC) architectures

Hardware

OS

Applications

Network


Architecture Design Challenge§ Relatively easy to get two of three, harder to get

all three!

Performance

Energy Efficiency

Programmability

Performance

Energy Efficiency

Programmability

Performance

Energy Efficiency

Programmability

Uniprocessor ASIC Superscalar



all three!

Performance

Energy Efficiency

Programmability

Performance

Energy Efficiency

Programmability

Performance

Energy Efficiency

Programmability


Performance

Energy Efficiency

Programmability The general design objectives of the community have been:§ If only I could get all three! § Image the future of

computing!



all three!

Performance

Energy Efficiency

Programmability

Performance

Energy Efficiency

Programmability

Performance

Energy Efficiency

Programmability


Performance

Energy Efficiency

ProgrammabilityWhat about security? § What about privacy-preserving computing? § What about the integrity of the execution? § On-chip data confidentiality?

§ Albert! You really know how to kill a party!!!


Computer Architecture Security§ The mainstream wake-up call § Meltdown and Spectre

§ Meltdown security vulnerability allows a local, unprivileged, userspace process to read data from any memory location mapped to the process, including kernel memory§ The key reason why this vulnerability is so terrifying

§ Spectre security vulnerability allows a local, unprivileged, userspace process to read data from memory locations assigned to other processes


Control Flow and Performance§ A basic block is a piece of code with no control flow

instruction, i.e., no branches or jumps§ Profiling results on a small set of common applications

using the Intel Pintool44

38

4230

5425 20

824

8081

4.65

4.69

4.62

4.66

4.59

C LEAR MKDIR LS UNTAR FIND

BASIC BLOCK DISTRIBUTIONNumber of BBLs Average Inst/BBLs


Reducing Control Flow Penalty § Modern processors may have > 10 pipeline

stages between next pc calculation and branch resolution!

FetchI-cache

Fetch Buffer

IssueBuffer

Func.Units

Arch.State

Execute

Decode

ResultBuffer

Commit

PC


Pentium 4: A Superscalar CISC Architecture3 4

TC Fetch5

Drive6

Alloc9

Que10Sch

12Sch

13Disp

14Disp

15RF

16RF

17Ex

18Flgs

19BrCk

20Drive

1 2TC Nxt IP

7 8Rename

11Sch

3.2 GB/s System

Interface

L2 Cache and Control

BTB

BTB & I-TLB

Decoder

Trace Cache

Rename/Alloc

µop Queues

Schedulers

Integer RFFP RFµCode

ROM

StoreAGULoad AGUALUALUALUALU

FP moveFP store

FmulFaddMMXSSE

L1 D-Cache and D

-TLB


Reducing Control Flow Penalty § Modern processors may have > 10

pipeline stages between next pc calculation and branch resolution!

§ Hardware solutions§ Find something else to do - delay

slots replaces pipeline bubbles with useful work (requires software cooperation)

§ Speculate - branch prediction speculative execution of instructions beyond the branch

FetchI-cache

Fetch Buffer

IssueBuffer

Func.Units

Arch.State

Execute

Decode

ResultBuffer

Commit

PC


Reducing Control Flow Penalty § Sequential execution of

instructions § Speculative non-sequential

execution of instructions i: instruction

i+1: instruction

i+2: instruction

i+3: instruction

i+4: instruction

j: instruction

j+k: instruction…

…

i: instruction

i+1: instruction

i+2: instruction

i+3: instruction

j: instruction

j+1: instruction

j+k: instruction

i+4: instruction

unprivileged Non-control flow instruction

unprivileged control flow instruction

unprivileged control flow resolution instruction

privileged instruction


Victim’s Domain

. . .

. . .Inputs Outputs

Data

Process

Secret


Victim’s Domain

. . .

. . .Inputs Outputs

Data

Process

Secret

Attacker


Victim’s Domain

. . .

. . .Inputs Outputs

Data

Process

Secret

Attacker

Initiate attack


Victim’s Domain

. . .

. . .Inputs Outputs

Data

Process

Secret

Attacker

Initiate attack

ATP

ATP: Attack Transmission Process


Victim’s Domain

. . .

. . .Inputs Outputs

Data

Process

Secret

Attacker

Initiate attack

ATP


ATP requests and sends out the secret


Victim’s Domain

. . .

. . .Inputs Outputs

Data

Process

Secret

Attacker

Initiate attack

ATP



SRP

SRP: Secret Receiving Process


Victim’s Domain

. . .

. . .Inputs Outputs

Data

Process

Secret

Attacker

Initiate attack

ATP



SRP

SRP: Secret Receiving Process

A new attack channel may be created (e.g., side-channel)


Next Class§ Secure Design Examples

Documents

EC 500 - ASCSEC 500 Hardware Security Prof. Michel A. Kinsy Introduction to cybersecurity Cyber attacks examples Department of Electrical & Computer Engineering Course Topics Classic