Visible to the public Biblio

Filters: Keyword is Clocks  [Clear All Filters]
2019-11-12
Mahale, Anusha, B.S., Kariyappa.  2019.  Architecture Analysis and Verification of I3C Protocol. 2019 3rd International Conference on Electronics, Communication and Aerospace Technology (ICECA). :930-935.

In VLSI industry the design cycle is categorized into Front End Design and Back End Design. Front End Design flow is from Specifications to functional verification of RTL design. Back End Design is from logic synthesis to fabrication of chip. Handheld devices like Mobile SOC's is an amalgamation of many components like GPU, camera, sensor, display etc. on one single chip. In order to integrate these components protocols are needed. One such protocol in the emerging trend is I3C protocol. I3C is abbreviated as Improved Inter Integrated Circuit developed by Mobile Industry Processor Interface (MIPI) alliance. Most probably used for the interconnection of sensors in Mobile SOC's. The main motivation of adapting the standard is for the increase speed and low pin count in most of the hardware chips. The bus protocol is backward compatible with I2C devices. The paper includes detailed study I3C bus protocol and developing verification environment for the protocol. The test bench environment is written and verified using system Verilog and UVM. The Universal Verification Methodology (UVM) is base class library built using System Verilog which provides the fundamental blocks needed to quickly develop reusable and well-constructed verification components and test environments. The Functional Coverage of around 93.55 % and Code Coverage of around 98.89 % is achieved by verification closure.

Hu, Yayun, Li, Dongfang.  2019.  Formal Verification Technology for Asynchronous Communication Protocol. 2019 IEEE 19th International Conference on Software Quality, Reliability and Security Companion (QRS-C). :482-486.

For aerospace FPGA software products, traditional simulation method faces severe challenges to verify product requirements under complicated scenarios. Given the increasing maturity of formal verification technology, this method can significantly improve verification work efficiency and product design quality, by expanding coverage on those "blind spots" in product design which were not easily identified previously. Taking UART communication as an example, this paper proposes several critical points to use formal verification for asynchronous communication protocol. Experiments and practices indicate that formal verification for asynchronous communication protocol can effectively reduce the time required, ensure a complete verification process and more importantly, achieve more accurate and intuitive results.

E.V., Jaideep Varier, V., Prabakar, Balamurugan, Karthigha.  2019.  Design of Generic Verification Procedure for IIC Protocol in UVM. 2019 3rd International Conference on Electronics, Communication and Aerospace Technology (ICECA). :1146-1150.

With the growth of technology, designs became more complex and may contain bugs. This makes verification an indispensable part in product development. UVM describe a standard method for verification of designs which is reusable and portable. This paper verifies IIC bus protocol using Universal Verification Methodology. IIC controller is designed in Verilog using Vivado. It have APB interface and its function and code coverage is carried out in Mentor graphic Questasim 10.4e. This work achieved 83.87% code coverage and 91.11% functional coverage.

2019-04-05
Wu, C., Kuo, M., Lee, K..  2018.  A Dynamic-Key Secure Scan Structure Against Scan-Based Side Channel and Memory Cold Boot Attacks. 2018 IEEE 27th Asian Test Symposium (ATS). :48-53.

Scan design is a universal design for test (DFT) technology to increase the observability and controllability of the circuits under test by using scan chains. However, it also leads to a potential security problem that attackers can use scan design as a backdoor to extract confidential information. Researchers have tried to address this problem by using secure scan structures that usually have some keys to confirm the identities of users. However, the traditional methods to store intermediate data or keys in memory are also under high risk of being attacked. In this paper, we propose a dynamic-key secure DFT structure that can defend scan-based and memory attacks without decreasing the system performance and the testability. The main idea is to build a scan design key generator that can generate the keys dynamically instead of storing and using keys in the circuit statically. Only specific patterns derived from the original test patterns are valid to construct the keys and hence the attackers cannot shift in any other patterns to extract correct internal response from the scan chains or retrieve the keys from memory. Analysis results show that the proposed method can achieve a very high security level and the security level will not decrease no matter how many guess rounds the attackers have tried due to the dynamic nature of our method.

2019-03-15
Hossain, F. S., Shintani, M., Inoue, M., Orailoglu, A..  2018.  Variation-Aware Hardware Trojan Detection through Power Side-Channel. 2018 IEEE International Test Conference (ITC). :1-10.

A hardware Trojan (HT) denotes the malicious addition or modification of circuit elements. The purpose of this work is to improve the HT detection sensitivity in ICs using power side-channel analysis. This paper presents three detection techniques in power based side-channel analysis by increasing Trojan-to-circuit power consumption and reducing the variation effect in the detection threshold. Incorporating the three proposed methods has demonstrated that a realistic fine-grain circuit partitioning and an improved pattern set to increase HT activation chances can magnify Trojan detectability.

2019-02-14
Richard, D. S., Rashidzadeh, R., Ahmadi, M..  2018.  Secure Scan Architecture Using Clock and Data Recovery Technique. 2018 IEEE International Symposium on Circuits and Systems (ISCAS). :1-5.

Design for Testability (DfT) techniques allow devices to be tested at various levels of the manufacturing process. Scan architecture is a dominantly used DfT technique, which supports a high level of fault coverage, observability and controllability. However, scan architecture can be used by hardware attackers to gain critical information stored within the device. The security threats due to an unrestricted access provided by scan architecture has to be addressed to ensure hardware security. In this work, a solution based on the Clock and Data Recovery (CDR) method has been presented to authenticate users and limit the access to the scan architecture to authorized users. As compared to the available solution the proposed method presents a robust performance and reduces the area overhead by more than 10%.

2018-05-16
Salman, A., Diehl, W., Kaps, J. P..  2017.  A light-weight hardware/software co-design for pairing-based cryptography with low power and energy consumption. 2017 International Conference on Field Programmable Technology (ICFPT). :235–238.

Embedded electronic devices and sensors such as smartphones, smart watches, medical implants, and Wireless Sensor Nodes (WSN) are making the “Internet of Things” (IoT) a reality. Such devices often require cryptographic services such as authentication, integrity and non-repudiation, which are provided by Public-Key Cryptography (PKC). As these devices are severely resource-constrained, choosing a suitable cryptographic system is challenging. Pairing Based Cryptography (PBC) is among the best candidates to implement PKC in lightweight devices. In this research, we present a fast and energy efficient implementation of PBC based on Barreto-Naehrig (BN) curves and optimal Ate pairing using hardware/software co-design. Our solution consists of a hardware-based Montgomery multiplier, and pairing software running on an ARM Cortex A9 processor in a Zynq-7020 System-on-Chip (SoC). The multiplier is protected against simple power analysis (SPA) and differential power analysis (DPA), and can be instantiated with a variable number of processing elements (PE). Our solution improves performance (in terms of latency) over an open-source software PBC implementation by factors of 2.34 and 2.02, for 256- and 160-bit field sizes, respectively, as measured in the Zynq-7020 SoC.

2018-04-11
Wang, Q., Geiger, R. L..  2017.  Visible but Transparent Hardware Trojans in Clock Generation Circuits. 2017 IEEE National Aerospace and Electronics Conference (NAECON). :354–357.

Hardware Trojans that can be easily embedded in synchronous clock generation circuits typical of what are used in large digital systems are discussed. These Trojans are both visible and transparent. Since they are visible, they will penetrate split-lot manufacturing security methods and their transparency will render existing detection methods ineffective.

Vasile, D. C., Svasta, P., Codreanu, N., Safta, M..  2017.  Active Tamper Detection Circuit Based on the Analysis of Pulse Response in Conductive Mesh. 2017 40th International Spring Seminar on Electronics Technology (ISSE). :1–6.

Tamper detection circuits provide the first and most important defensive wall in protecting electronic modules containing security data. A widely used procedure is to cover the entire module with a foil containing fine conductive mesh, which detects intrusion attempts. Detection circuits are further classified as passive or active. Passive circuits have the advantage of low power consumption, however they are unable to detect small variations in the conductive mesh parameters. Since modern tools provide an upper leverage over the passive method, the most efficient way to protect security modules is thus to use active circuits. The active tamper detection circuits are typically probing the conductive mesh with short pulses, analyzing its response in terms of delay and shape. The method proposed in this paper generates short pulses at one end of the mesh and analyzes the response at the other end. Apart from measuring pulse delay, the analysis includes a frequency domain characterization of the system, determining whether there has been an intrusion or not, by comparing it to a reference (un-tampered with) spectrum. The novelty of this design is the combined analysis, in time and frequency domains, of the small variations in mesh characteristic parameters.

2018-03-26
Ma, H., Tao, O., Zhao, C., Li, P., Wang, L..  2017.  Impact of Replacement Policies on Static-Dynamic Query Results Cache in Web Search Engines. 2017 IEEE International Conference on Intelligence and Security Informatics (ISI). :137–139.

Caching query results is an efficient technique for Web search engines. A state-of-the-art approach named Static-Dynamic Cache (SDC) is widely used in practice. Replacement policy is the key factor on the performance of cache system, and has been widely studied such as LIRS, ARC, CLOCK, SKLRU and RANDOM in different research areas. In this paper, we discussed replacement policies for static-dynamic cache and conducted the experiments on real large scale query logs from two famous commercial Web search engine companies. The experimental results show that ARC replacement policy could work well with static-dynamic cache, especially for large scale query results cache.

2018-03-05
Sugumar, G., Mathur, A..  2017.  Testing the Effectiveness of Attack Detection Mechanisms in Industrial Control Systems. 2017 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C). :138–145.

Industrial Control Systems (ICS) are found in critical infrastructure such as for power generation and water treatment. When security requirements are incorporated into an ICS, one needs to test the additional code and devices added do improve the prevention and detection of cyber attacks. Conducting such tests in legacy systems is a challenge due to the high availability requirement. An approach using Timed Automata (TA) is proposed to overcome this challenge. This approach enables assessment of the effectiveness of an attack detection method based on process invariants. The approach has been demonstrated in a case study on one stage of a 6- stage operational water treatment plant. The model constructed captured the interactions among components in the selected stage. In addition, a set of attacks, attack detection mechanisms, and security specifications were also modeled using TA. These TA models were conjoined into a network and implemented in UPPAAL. The models so implemented were found effective in detecting the attacks considered. The study suggests the use of TA as an effective tool to model an ICS and study its attack detection mechanisms as a complement to doing so in a real plant-operational or under design.

2018-02-28
Sagisi, J., Tront, J., Marchany, R..  2017.  System architectural design of a hardware engine for moving target IPv6 defense over IEEE 802.3 Ethernet. MILCOM 2017 - 2017 IEEE Military Communications Conference (MILCOM). :551–556.

The Department of Homeland Security Cyber Security Division (CSD) chose Moving Target Defense as one of the fourteen primary Technical Topic Areas pertinent to securing federal networks and the larger Internet. Moving Target Defense over IPv6 (MT6D) employs an obscuration technique offering keyed access to hosts at a network level without altering existing network infrastructure. This is accomplished through cryptographic dynamic addressing, whereby a new network address is bound to an interface every few seconds in a coordinated manner. The goal of this research is to produce a Register Transfer Level (RTL) network security processor implementation to enable the production of an Application Specific Integrated Circuit (ASIC) variant of MT6D processor for wide deployment. RTL development is challenging in that it must provide system level functions that are normally provided by the Operating System's kernel and supported libraries. This paper presents the architectural design of a hardware engine for MT6D (HE-MT6D) and is complete in simulation. Unique contributions are an inline stream-based network packet processor with a Complex Instruction Set Computer (CISC) architecture, Network Time Protocol listener, and theoretical increased performance over previous software implementations.

2018-02-27
Canetti, R., Hogan, K., Malhotra, A., Varia, M..  2017.  A Universally Composable Treatment of Network Time. 2017 IEEE 30th Computer Security Foundations Symposium (CSF). :360–375.
The security of almost any real-world distributed system today depends on the participants having some "reasonably accurate" sense of current real time. Indeed, to name one example, the very authenticity of practically any communication on the Internet today hinges on the ability of the parties to accurately detect revocation of certificates, or expiration of passwords or shared keys.,,However, as recent attacks show, the standard protocols for determining time are subvertible, resulting in wide-spread security loss. Worse yet, we do not have security notions for network time protocols that (a) can be rigorously asserted, and (b) rigorously guarantee security of applications that require a sense of real time.,,We propose such notions, within the universally composable (UC) security framework. That is, we formulate ideal functionalities that capture a number of prevalent forms of time measurement within existing systems. We show how they can be realized by real-world protocols, and how they can be used to assert security of time-reliant applications - specifically, certificates with revocation and expiration times. This allows for relatively clear and modular treatment of the use of time consensus in security-sensitive systems.,,Our modeling and analysis are done within the existing UC framework, in spite of its asynchronous, event-driven nature. This allows incorporating the use of real time within the existing body of analytical work done in this framework. In particular it allows for rigorous incorporation of real time within cryptographic tools and primitives.
2018-02-21
Su, G., Bai, G..  2017.  The undetectable clock cycle sensitive hardware trojan. 2017 International Conference on Electron Devices and Solid-State Circuits (EDSSC). :1–2.

We have proposed a method of designing embedded clock-cycle-sensitive Hardware Trojans (HTs) to manipulate finite state machine (FSM). By using pipeline to choose and customize critical path, the Trojans can facilitate a series of attack and need no redundant circuits. One cannot detect any malicious architecture through logic analysis because the proposed circuitry is the part of FSM. Furthermore, this kind of HTs alerts the trusted systems designers to the importance of clock tree structure. The attackers may utilize modified clock to bypass certain security model or change the circuit behavior.

2018-02-15
Mhamdi, L., Njima, C. B., Dhouibi, H., Hassani, M..  2017.  Using timed automata and fuzzy logic for diagnosis of multiple faults in DES. 2017 International Conference on Control, Automation and Diagnosis (ICCAD). :457–463.
This paper proposes a design method of a support tool for detection and diagnosis of failures in discrete event systems (DES). The design of this diagnoser goes through three phases: an identification phase and finding paths and temporal parameters of the model describing the two modes of normal and faulty operation, a detection phase provided by the comparison and monitoring time operation and a location phase based on the combination of the temporal evolution of the parameters and thresholds exceeded technique. Our contribution lays in the application of this technique in the presence of faults arising simultaneously, sensors and actuators. The validation of the proposed approach is illustrated in a filling system through a simulation.
2018-02-06
Scheitle, Q., Gasser, O., Rouhi, M., Carle, G..  2017.  Large-Scale Classification of IPv6-IPv4 Siblings with Variable Clock Skew. 2017 Network Traffic Measurement and Analysis Conference (TMA). :1–9.

Linking the growing IPv6 deployment to existing IPv4 addresses is an interesting field of research, be it for network forensics, structural analysis, or reconnaissance. In this work, we focus on classifying pairs of server IPv6 and IPv4 addresses as siblings, i.e., running on the same machine. Our methodology leverages active measurements of TCP timestamps and other network characteristics, which we measure against a diverse ground truth of 682 hosts. We define and extract a set of features, including estimation of variable (opposed to constant) remote clock skew. On these features, we train a manually crafted algorithm as well as a machine-learned decision tree. By conducting several measurement runs and training in cross-validation rounds, we aim to create models that generalize well and do not overfit our training data. We find both models to exceed 99% precision in train and test performance. We validate scalability by classifying 149k siblings in a large-scale measurement of 371k sibling candidates. We argue that this methodology, thoroughly cross-validated and likely to generalize well, can aid comparative studies of IPv6 and IPv4 behavior in the Internet. Striving for applicability and replicability, we release ready-to-use source code and raw data from our study.

Alghamdi, W., Schukat, M..  2017.  Advanced Methodologies to Deter Internal Attacks in PTP Time Synchronization Networks. 2017 28th Irish Signals and Systems Conference (ISSC). :1–6.

High accurate time synchronization is very important for many applications and industrial environments. In a computer network, synchronization of time for connected devices is provided by the Precision Time Protocol (PTP), which in principal allows for device time synchronization down to microsecond level. However, PTP and network infrastructures are vulnerable to cyber-attacks, which can de-synchronize an entire network, leading to potentially devastating consequences. This paper will focus on the issue of internal attacks on time synchronization networks and discuss how counter-measures based on public key infrastructures, trusted platform modules, network intrusion detection systems and time synchronization supervisors can be adopted to defeat or at least detect such internal attacks.

2018-01-23
Zhang, Dongrong, He, Miao, Wang, Xiaoxiao, Tehranipoor, M..  2017.  Dynamically obfuscated scan for protecting IPs against scan-based attacks throughout supply chain. 2017 IEEE 35th VLSI Test Symposium (VTS). :1–6.

Scan-based test is commonly used to increase testability and fault coverage, however, it is also known to be a liability for chip security. Research has shown that intellectual property (IP) or secret keys can be leaked through scan-based attacks. In this paper, we propose a dynamically-obfuscated scan design for protecting IPs against scan-based attacks. By perturbing all test patterns/responses and protecting the obfuscation key, the proposed architecture is proven to be robust against existing non-invasive scan attacks, and can protect all scan data from attackers in foundry, assembly, and system developers (i.e., OEMs) without compromising the testability. Furthermore, the proposed architecture can be easily plugged into EDA generated scan chains without having a noticeable impact on conventional integrated circuit (IC) design, manufacturing, and test flow. Finally, detailed security and experimental analyses have been performed on several benchmarks. The results demonstrate that the proposed method can protect chips from existing brute force, differential, and other scan-based attacks that target the obfuscation key. The proposed design is of low overhead on area, power consumption, and pattern generation time, and there is no impact on test time.

2017-12-12
Adnan, S. F. S., Isa, M. A. M., Hashim, H..  2017.  Analysis of asymmetric encryption scheme, AA \#x03B2; Performance on Arm Microcontroller. 2017 IEEE Symposium on Computer Applications Industrial Electronics (ISCAIE). :146–151.

Security protection is a concern for the Internet of Things (IoT) which performs data exchange autonomously over the internet for remote monitoring, automation and other applications. IoT implementations has raised concerns over its security and various research has been conducted to find an effective solution for this. Thus, this work focus on the analysis of an asymmetric encryption scheme, AA-Beta (AAβ) on a platform constrained in terms of processor capability, storage and random access Memory (RAM). For this work, the platform focused is ARM Cortex-M7 microcontroller. The encryption and decryption's performance on the embedded microcontroller is realized and time executed is measured. By enabled the I-Cache (Instruction cache) and D-Cache (Data Cache), the performances are 50% faster compared to disabled the D-Cache and I-Cache. The performance is then compared to our previous work on System on Chip (SoC). This is to analyze the gap of the SoC that has utilized the full GNU Multiple Precision Arithmetic Library (GMP) package versus ARM Cortex-M7 that using the mini-gmp package in term of the footprint and the actual performance.

2017-11-13
Sharma, P., Patel, D., Shah, D., Shukal, D..  2016.  Image security using Arnold method in tetrolet domain. 2016 Fourth International Conference on Parallel, Distributed and Grid Computing (PDGC). :312–315.

The image contains a lot of visual as well as hidden information. Both, information must be secured at the time of transmission. With this motivation, a scheme is proposed based on encryption in tetrolet domain. For encryption, an iterative based Arnold transform is used in proposed methodology. The images are highly textured, which contains the authenticity of the image. For that, decryption process is performed in this way so that maximum, the edges and textures should be recovered, effectively. The suggested method has been tested on standard images and results obtained after applying suggested method are significant. A comparison is also performed with some standard existing methods to measure the effectiveness of the suggested method.

2017-05-18
Hester, Josiah, Tobias, Nicole, Rahmati, Amir, Sitanayah, Lanny, Holcomb, Daniel, Fu, Kevin, Burleson, Wayne P., Sorber, Jacob.  2016.  Persistent Clocks for Batteryless Sensing Devices. ACM Trans. Embed. Comput. Syst.. 15:77:1–77:28.

Sensing platforms are becoming batteryless to enable the vision of the Internet of Things, where trillions of devices collect data, interact with each other, and interact with people. However, these batteryless sensing platforms—that rely purely on energy harvesting—are rarely able to maintain a sense of time after a power failure. This makes working with sensor data that is time sensitive especially difficult. We propose two novel, zero-power timekeepers that use remanence decay to measure the time elapsed between power failures. Our approaches compute the elapsed time from the amount of decay of a capacitive device, either on-chip Static Random-Access Memory (SRAM) or a dedicated capacitor. This enables hourglass-like timers that give intermittently powered sensing devices a persistent sense of time. Our evaluation shows that applications using either timekeeper can keep time accurately through power failures as long as 45s with low overhead.

2017-04-20
Carnevale, B., Baldanzi, L., Pilato, L., Fanucci, L..  2016.  A flexible system-on-a-chip implementation of the Advanced Encryption Standard. 2016 20th International Conference on System Theory, Control and Computing (ICSTCC). :156–161.
Systems-on-a-Chip are among the best-performing and complete solutions for complex electronic systems. This is also true in the field of network security, an application requiring high performance with low resource usage. This work presents an Advanced Encryption Standard implementation for Systems-on-a-Chip using as a reference the Cipher Block Chaining mode. In particular, a flexible interface based and the Advanced Peripheral Bus to integrate the encryption algorithm with any kind of processor is presented. The hardware-software approach of the architecture is also analyzed and described. The final system was integrated on a Xilinx Zynq 7000 to prototype and evaluate the idea. Results show that our solution demonstrates good performance and flexibility with low resource usage, occupying less than 2% of the Zynq 7000 with a throughput of 320 Mbps. The architecture is suitable when implementations of symmetric encryption algorithms for modern Systems-on-a-Chip are required.
Srinivas, N. S. S., Akramuddin, M..  2016.  FPGA based hardware implementation of AES Rijndael algorithm for Encryption and Decryption. 2016 International Conference on Electrical, Electronics, and Optimization Techniques (ICEEOT). :1769–1776.
AES algorithm or Rijndael algorithm is a network security algorithm which is most commonly used in all types of wired and wireless digital communication networks for secure transmission of data between two end users, especially over a public network. This paper presents the hardware implementation of AES Rijndael Encryption and Decryption Algorithm by using Xilinx Virtex-7 FPGA. The hardware design approach is entirely based on pre-calculated look-up tables (LUTs) which results in less complex architecture, thereby providing high throughput and low latency. There are basically three different formats in AES. They are AES-128, AES-192 and AES-256. The encryption and decryption blocks of all the three formats are efficiently designed by using Verilog-HDL and are synthesized on Virtex-7 XC7VX690T chip (Target Device) with the help of Xilinx ISE Design Suite-14.7 Tool. The synthesis tool was set to optimize speed, area and power. The power analysis is made by using Xilinx XPower Analyzer. Pre-calculated LUTs are used for the implementation of algorithmic functions, namely S-Box and Inverse S-Box transformations and also for GF (28) i.e. Galois Field Multiplications involved in Mix-Columns and Inverse Mix-Columns transformations. The proposed architecture is found to be having good efficiency in terms of latency, throughput, speed/delay, area and power.
2017-03-07
Senejohnny, D., Tesi, P., Persis, C. De.  2015.  Self-triggered coordination over a shared network under Denial-of-Service. 2015 54th IEEE Conference on Decision and Control (CDC). :3469–3474.

The issue of security has become ever more prevalent in the analysis and design of cyber-physical systems. In this paper, we analyze a consensus network in the presence of Denial-of-Service (DoS) attacks, namely attacks that prevent communication among the network agents. By introducing a notion of Persistency-of-Communication (PoC), we provide a characterization of DoS frequency and duration such that consensus is not destroyed. An example is given to substantiate the analysis.

2017-02-21
J. Ponniah, Y. C. Hu, P. R. Kumar.  2015.  "A clean slate design for secure wireless ad-hoc networks #x2014; Part 2: Open unsynchronized networks". 2015 13th International Symposium on Modeling and Optimization in Mobile, Ad Hoc, and Wireless Networks (WiOpt). :183-190.

We build upon the clean-slate, holistic approach to the design of secure protocols for wireless ad-hoc networks proposed in part one. We consider the case when the nodes are not synchronized, but instead have local clocks that are relatively affine. In addition, the network is open in that nodes can enter at arbitrary times. To account for this new behavior, we make substantial revisions to the protocol in part one. We define a game between protocols for open, unsynchronized nodes and the strategies of adversarial nodes. We show that the same guarantees in part one also apply in this game: the protocol not only achieves the max-min utility, but the min-max utility as well. That is, there is a saddle point in the game, and furthermore, the adversarial nodes are effectively limited to either jamming or conforming with the protocol.