Security of IoT Systems: Design Challenges and Opportunities

Similar documents
International Journal of Modern Trends in Engineering and Research e-issn No.: , Date: 2-4 July, 2015

Final Project: Musical Memory

A Wave-Pipelined On-chip Interconnect Structure for Networks-on-Chips

Designs and Implementations of Low-Leakage Digital Standard Cells Based on Gate- Length Biasing

PMT EFFECTIVE RADIUS AND UNIFORMITY TESTING

Color Management of Four-Primary Digital Light Processing Projectors

Characterization of transmission line based on advanced SOLTcalibration: Review

A New Method for Tracking Modulations in Tonal Music in Audio Data Format 1

PROFESSIONAL D-ILA PROJECTOR

This is a PDF file of an unedited manuscript that has been accepted for publication in Omega.

automatic source-changeover system with 2 devices

Unit 6 Writing About Research April/May

Experiments in Digital Television

Texas Transportation Institute The Texas A&M University System College Station, Texas

FILTRON DP BUILT IN

Give sequence to events Have memory y( (short-term) Use feedback from output to input to store information

AP Music Theory 2003 Scoring Guidelines

Using Each Guide. Safety Instructions/Support and Service Guide. User's Guide (this guide) Quick Start Guide. 3D Glasses User's Guide

Dream On READING BEFORE YOU READ

Strategic Informative Advertising in a Horizontally Differentiated Duopoly

Using Each Guide. Safety Instructions/Support and Service Guide. User's Guide (this guide) Quick Start Guide. 3D Glasses User's Guide

Arduino Nixie Clock Modular Revision 2 Construction Manual

Using Each Guide. Safety Instructions/Support and Service Guide. User's Guide (this guide) Quick Start Guide. 3D Glasses User's Guide

UNIT-1 19 Acoustics 04 Microphones and Loud speakers 10 Magnetic recording 05. UNIT-2 20 Video disc recording 06 Monochrome TV 10 Remote controls 04

LETTER. Preplay of future place cell sequences by hippocampal cellular assemblies

Using Each Guide. Safety Instructions/Support and Service Guide. User's Guide (this guide) Quick Start Guide. 3D Glasses User's Guide

Planet Earth. Vocabulary Aa Bb. 1 Complete the crossword. Vocabulary extension. 3 Complete the sentences with these prepositions.

2008 English Standard Grade. Foundation, General and Credit Reading. Finalised Marking Instructions

ARTHROPOD MANAGEMENT

LED TV. user manual. Still image warning. Important Warranty Information Regarding Television Format Viewing. Securing the Installation Space

Treatment of Minorities in Texas Government Textbooks

QUESTIONS. EImplicit. Diagnostic Assessment Booklet. Making. Topic. Development. Explicit. Name: Connections

LED TV. user manual. Still image warning. Securing the Installation Space. xif you use parts provided by another manufacturer, it may result in a

This article appeared in a journal published by Elsevier. The attached copy is furnished to the author for internal non-commercial research and

Class Piano Resource Materials

Secure Remote Sensing and Communication using Digital PUFs

research is that it is descriptive in nature. What is meant by descriptive is that in a

- - QUICK START. GUIDE. ~ Batteries. Welcome to your new TV! ~ AC/DC Adapter. Included in this box I. Attach the TV to the Stand.

I am proud of the fact that I never invented weapons to kill - Thomas Edison. All the News that we could jam into a little under 8 pages

TeSys contactors LC1-D09pp (5) LC1-D12pp (5) 0.325

Sounds Abound! Junction City/Fort Riley School District April 17, 2017

Visvesvaraya Technological University,Belgaum Ph.D/M.Sc (Engg.,) by Research Course Work Examinations April/May-2014 Provisional Result Sheet

Introduction to Orff Schulwerk We Sing, We Move, We Play, We Create

Teaching Old Tricks to Young Pups

Effect pressure INTODUCTION. a swirl-type. in this study. marine diesel. engines. The. agent, urea is. (UWS), con- NH 3 slip, and 1 G.

Sharif University of Technology. SoC: Introduction

TeSys GV2 and GV3 Manual Starter and Protector

1. Preliminary remark regarding the connection of terminology, method and theory

SHARP News. Conferences 1. Contents. Volume 25, Number SHARP 2016 Reflections. Global Book History at Paris

LINCOLNSHIRE POSY Works for Wind Ensemble

Û Û Û Û J Û . Û Û Û Û Û Û Û. Û Û 4 Û Û &4 2 Û Û Û Û Û Û Û Û. Û. Û. Û Û Û Û Û Û Û Û Û Û Û. œ œ œ œ œ œ œ œ. œ œ œ. œ œ.

A Survey of Local Library Cataloging Tool and Resource Utilization

Class Piano Resource Materials

The Implications of Bach's Introduction of New Fugal Techniques and Procedures in the Well-Tempered Clavier Book Two

Bach s Musical Revolution

Modifying the Scan Chains in Sequential Circuit to Reduce Leakage Current

Mushroom Soup for Percussion Ensemble SAMPLE. By Michael Varner

What happened? Vocabulary. Goal: describe past experiences. Grammar: past simple and past continuous. Vocabulary: describing feelings and events

Leakage Current Reduction in Sequential Circuits by Modifying the Scan Chains

Internet of Things (IoT): The Big Picture

triode tube power monoblocs

Stringed instruments and technology of their making in Italian acoustics

Aural Skills Quiz (Introduction)

Follow this and additional works at:

Teachers College Reading and Writing Project Reading User s Guide, Kindergarten, Emergent Reading (If Then )

PV 10AT PV 10BT Compact Mixer

GRAMMAR AND LISTENING. Work it out. B Night was falling and the Moon was shining. Beethoven. A One day in the 1920s, the great American composer

Home Monitoring System Using RP Device

FEATURES. I Highly Reliable Playback System I

BIOMAT ~ ~ FINGERPRINT READER TECHNICAL CHARACTERISTICS CONNECTION PROGRAMMING OF MASTER CODE EMERGENCY PROCEDURE COPYING MEMORIES

Grammar Past continuous I can use the past continuous.

nmos transistor Basics of VLSI Design and Test Solution: CMOS pmos transistor CMOS Inverter First-Order DC Analysis CMOS Inverter: Transient Response

Minimizing Leakage of Sequential Circuits through Flip-Flop Skewing and Technology Mapping

Non-Chord Tones. œ œ. () œ. () œ. () œ œ. ( œ œ œ œ) œ

24. Scaling, Economics, SOI Technology

EXCHANGE PARTNERS COURSE EQUIVALENCIES REPORT Report Date: Wednesday, December 12, 2018

Advanced Topics in Information Technology-1 Internet of Things(IT623)

Review pages of the Glossary of Usage for information on the correct use of the following words or word groups:

The Orff Source. Sample. 89 Orff arrangements of traditional folk songs and singing games

Hybrid STT-CMOS Designs for Reverse-engineering Prevention

DETECTION OF KEY CHANGE IN CLASSICAL PIANO MUSIC

Market Evaluation & Identification of Key Prospects

High Performance Microprocessor Design and Automation: Overview, Challenges and Opportunities IBM Corporation

04/17/07 Trevor de Clercq TH521 Laitz HARMONY HOMEWORK

Follow this and additional works at:

Overview of All Pixel Circuits for Active Matrix Organic Light Emitting Diode (AMOLED)

The Orff Source Volume 2. Sample. Correlates to Musicplay 1-4 Sequenced according to tone set

Peak Dynamic Power Estimation of FPGA-mapped Digital Designs

RECENT TRENDS AND ISSUES IN IOT

Automatic Repositioning Technique for Digital Cell Based Window Comparators and Implementation within Mixed-Signal DfT Schemes

Area and Speed Efficient Implementation of Symmetric FIR Digital Filter through Reduced Parallel LUT Decomposed DA Approach

Class Piano Resource Materials

Synchronous Digital Logic Systems. Review of Digital Logic. Philosophy. Combinational Logic. A Full Adder. Combinational Logic

Upper Iowa University. Nicolet College. ~~ Course Equivalency List January 2018

REVISIONS IB (NA) A. *The manual number is given on the bottom left of the back cover. Revision. Print Date Jan., 1992.

Bus-Switch Coding, for Dynamic Power Management in off-chip communication channels.

The best thrilling scenes arising from people in all over the world have been carried

True Random Number Generation with Logic Gates Only

A Reconfigurable, Power-Efficient Adaptive Viterbi Decoder

A conductor's study of George Rochberg's three psalm settings

Transcription:

Seurity of IoT Systems: Design Challenges and Opportunities Teng Xu, James B. Wendt, and Miodrag Potkonjak Computer Siene Department University of California, Los Angeles {xuteng, jwendt, miodrag}@s.ula.edu Astrat Computer-aided design (CAD), in its quest to failitate new design revolutions, is again on the rink of hanging its sope. Following oth historial and reent tehnologial and appliation trends, one an identify several emerging researh and development diretions in whih CAD approahes and tehniques may have major impats. Among them, due to the potential to fundamentally alter everyday life as well as how siene and engineering systems are designed and operated, the Internet of Things (IoT) stands out. IoT also poses an extraordinary system replete with oneptual and tehnial hallenges. For instane, greatly redued quantitative ounds on aeptale area and energy metris require qualitative reakthroughs in design and optimization tehniques. Most likely the most demanding of requirements for the widespread realization of many IoT visions is seurity. IoT seurity has an exeptionally wide sope in at least four dimensions. In terms of seurity sope it inludes rarely addressed tasks suh as trusted sensing, omputation, ommuniation, privay, and digital forgetting. It also asks for new and etter tehniques for the protetion of hardware, software, and data that onsiders the possiility of physial aess to IoT devies. Sensors and atuators are ommon omponents of IoT devies and pose several unique seurity hallenges inluding the integrity of physial signals and atuating events. Finally, during proessing of olleted data, one an envision many semanti attaks. Our strategi ojetive is to provide an impetus for the development of IoT CAD seurity tehniques. We start y presenting a rief survey of IoT hallenges and opportunities with an emphasis on seurity issues. Next, we disuss the potential of hardware-ased IoT seurity approahes. Finally, we onlude with several ase studies that advoate the use of stale PUFs and digital PPUFs for several IoT seurity protools. I. INTRODUCTION Six deades of omputer-aided design (eletroni design automation) have witnessed numerous hanges in its researh and development fous. For example, the dominant design metris have hanged from area (numer of transistors) in the 70 s, to delay in the 80 s to energy in the 90 s. These shifts orrespond to tehnology hanges where, initially, the ost of transistors is replaed with the need for speed, followed y power and energy onsumption emerging as the most onstraining metris. Reently, various seurity metris have attrated a great deal of attention. If we analyze at the level of astration, the sope has shifted from physial design to logi synthesis to register transfer level to ehavioral synthesis to system design. Targeted general purpose arhitetures have een hanging from mainframes to miniomputers, workstations, personal omputers and moile proessors. Similarly, appliation speifi omputing has shifted its targets from audio to video and, more reently, to multimedia and networking devies. We finish our survey with a disussion on proess variation, whih has had a signifiant impat on CAD algorithms and tehniques. Nevertheless, several properties of CAD proesses have eome permanent. For instane, a great emphasis has een onsistently plaed on aurate modeling of relevant design metris. The most onsistent CAD variale (and of paramount importane) is the optimization of systems with a large numer of strongly interating omponents. This type of synthesis is intrinsi to several types of important emerging systems suh as data enters and platforms for support of storing and proessing ig data. In partiular, it is ideally suited for handling millions, if not illions, of distriuted ommuniating devies envisioned in the Internet of Things (IoT). IoT is a rapidly emerging paradigm in whih the essential onept is that a great variety of ojets are instrumented in suh a way that they an e queried and operated over the Internet either diretly y the users or y programs that enapsulate their ehavior and ojetives [1] [2]. IoT will revolutionize the ways in whih individuals and organizations interat with the physial world as well among themselves. For example, the interation with home devies, ars, ustomer items, industrial plants, and weaponry will e fundamentally altered. Many servies, suh as health, learning, and resoure management, will e provided in new ways that are novel, etter organized, and ustomer-ustomized. Radio-frequeny identifiation (RFID) tags, as used for inventory management y ompanies suh as Walmart, provide a first glimpse into a very rudimentary IoT generation. The pratial realization of IoT requires the development of a numer of new versions of platforms and tehnologies inluding devie and proess identifiation and traking, sensing and atuation, ommuniation, omputational sensing, semanti knowledge proessing, oordinated and distriuted ontrol, and ehavioral, traffi, and user modeling [3]. The realization of IoT susystems will e sujeted to numerous onstraints that inlude ost, power, energy, and lifetime. However, there is a wide onsensus that the most hallenging of requirements will e seurity. It is widely aknowledged that the potential for maliious attaks an and will e greatly spread and atuated from the Internet to the physial word. Hene, seurity of IoT is of essential importane. One should also onsider a great diversity of IoT systems from fully organized to small individual nodes [4] [5] [6]. For example, things suh as ars, airplanes, and industrial 978-1-4799-6278-5/14/$31.00 2014 IEEE 417

equipment allow for muh more expensive instrumentation with muh high power and energy udgets in omparison to household IoT devies, suh as those for food, energy, and paper douments. Therefore, although for full impat, generi algorithms and protools are required, different ustomized solutions are also mandatory. This is in partiularly true for seurity solutions. IoT seurity enompasses several layers of astration and a numer of dimensions. The astration levels range from physial layers of sensors, omputation and ommuniation, and devies to the semanti layer in whih all olleted information is interpreted and proessed. We expet that a majority of seurity attaks will our at the software level eause it is urrently most popular and an simultaneously over a large numer of devies and proesses. From a researh point of view, most novel attaks are on physial signals and, in partiular, semanti attaks during data proessing and deision making steps. It is important to oserve that the lowest seurity at any level and at any dimension determines the overall seurity. A signifiant perentage of IoT devies will operate in passive mode without atteries. Their energy will either e harvested or reeived using a wireless medium. Many of these systems allow for only very minimal hardware, and thus, require an ultra ompat seurity solution with an ultra small footprint and energy udget, sine many IoT devies often operate in unproteted and potentially even hostile environments. Our main laim in this paper is that hardware-ased seurity is ideally suited to answer IoT seurity requirements. However, in order to realize the full potential of hardwareased seurity, very signifiant additional researh and engineering issues have to e addressed in novel and reative ways. Hardware-ased seurity provides a natural starting point for the realization of IoT protools and proedures due to their very low area and energy requirements. They are also naturally more resilient against side-hannel and physial attaks. Also very importantly, is that they enale the reation of seure and trusted information flows [7]. Finally, they provide elegant and effiient solutions to several prolems that lassial ryptography has not een ale to solve, suh as seure loation disovery. At the same time, it is important to reognize that hardware-ased seurity primitives and protools have several signifiant limitations. Among them, three are dominant. The first is that, until the invention of the puli physial unlonale funtion (PPUF), their appliation was restrited to seret key protools. While the PPUF eliminates this restrition, the first PPUF generation indued signifiant time and energy overhead on at least one partiipating party. The seond is that the key hardware-ased seurity physial unlonale funtion (PUF) is rather unstale with respet to operational (e.g. supply voltage) and environmental (e.g. temperature) onditions as well due to unavoidale devie aging. The third drawak is that the first generations of PUFs are analog iruitry and therefore are diffiult or at least umersome to integrate into digital designs. We riefly survey two reent hardware seurity results. The first is a very simple tehnique that transforms several lasses of analog PUFs into stale devies with respet to operational onditions. The proedure has very small hardware overhead and no delay and energy overheads. The key idea is to use only a small suset of hallenges that are stale under a wide range of onditions. Although the numer of used hallenges is signifiantly redued from the original hallenge spae, their ardinality is still exponential in the numer of its used y hallenges. This approah is appliale on several popular PUF strutures suh as delay ariter and ring osillator-ased PUFs. The seond is the digital PUF hardware seurity primitive. While it is initialized using stale analog PUFs, it is a digital iruit with very small gate ounts, low lateny, and ultra low energy requirements. Therefore, it an e diretly integrated with regular digital designs and failitate seure and trusted information flow, elimination of side-hannels, and puli key seurity protools with lateny of only a very few numer of gates. Digital PUFs an e used for the reation of new hardware seurity primitives suh as distriuted and synhronized hardware random numer generators. One of our tehnial ojetives is to initialize the quest for oneptually new hardware seurity primitives. For example, we envision that physial properties of hardware and materials used for implementation an reate novel seurity primitives that annot e realized using lassial mathematial and algorithmi tehniques. Speifially, the unidiretional evolution of material properties provides the potential for deteting if there was any interation with a partiular sensing devie sine the legitimate user s last interation. One physial phenomenon with suh potential is devie aging, however may not e fully pratial due to its long term irreversiility. Most likely, a etter andidate for the reation of suh a hardware seurity primitives is the memristor, where urrent-voltage trajetories are suh that passing through any partiular voltage-urrent point is very diffiult to repeat. We onlude our disussion with a proposal to searh for universal hardware seurity primitives that an e used for diverse tasks suh as for maliious alternations of design, for ryptographial and trust protools, and for ensuring seure and trusted information flow. II. IOT SECURITY DESIDERATA The IoT seurity desiderata an e grouped into two road lasses. The first lass onsists of required seurity tasks. As usual, the primary potential diffiulties are related ut ontraditory requirements of different tasks. For instane, the strength of authentiation and trust are in diret ontradition with a riterion of privay. The seond lass of desiderata is related to design metris suh as ost, size, lateny, and, in partiular, energy requirements. As usual, the key impat of these requirements is that they greatly onstrain aeptale seurity solutions. The most important seurity requirements inlude authentiation and traking, data and information integrity, mutual trust, privay, and digital forgetting. We expet that a dominant perentage of omputational sensing, deision making, ommuniation, and ativity organization will e onduted in data enters. Hene, there is a need for ensuring seurity in data enters as well oordinating seurity etween data enters and distriuted IoT devies [8]. 418

It is expeted that illions of devies will e a part of the IoT eosystem. Eah of these nodes should have a unique identifier. In addition, at any point in time the IoT infrastruture should e ale to trak eah item. Another level of diffiulty is that many nodes will e plaed in high densities and aess to them may e hindered or even loked. It is important to ensure that all olleted data is authenti. Some IoT sensors may have high andwidth and low lateny (real-time) data olletion rates. Therefore appropriate data integrity tehniques suh as enryption and watermarking are required. There is an essential need for ensuring that eah user an e guaranteed that the data presented y an IoT devie is trusted, i.e. that it is indeed olleted y the stated sensor at its stated loation and at its stated time. Reently, several shemes have een proposed for ensuring IoT trust. These solutions are ased on hardware seurity primitives and should e further optimized in terms of ost and energy. Also, hardware and software attestation tehniques may e used for trust related tasks. Interestingly, another important prolem is operator trust, in whih sensors and IoT devies an authorize and trust the instrutions of IoT users. A numer of definitions of privay have een proposed [9] [10]. They are ertainly useful in a numer of urrent senarios, however, a ompletely new level of omplexity is posed y IoT. Proaly the most diffiult privay task is one where the attaker integrates information from different sets and modalities at the semanti level. Comining different data from different soures of information at the semanti level an result in the extration of unexpeted information. Data revoation (i.e. digital forgetting) is the proess of provaly deleting all opies of a data set [11]. In addition to the tremendous amount of sensory data that IoT devies will ollet, there will e huge data sets related to ommuniation ativities etween various users and IoT devies. It is plausile to expet that a signifiant perentage of this data will ontain important information and knowledge aout the users and their ations and interests. There are several data revoation tehniques proposed in lassial ryptography [12]. All of them are ased on the simple and elegant idea that enrypted data is effetively deleted if the required deryption key is deleted. There are also several tehniques that employ distriuted data storage so that data is deleted due to unavoidale soial and tehnial proesses [13]. These ideas are valuale and essential to IoT systems whih an ollet large amounts of data that an seriously impat the privay of many individuals and even ompromise the seurity of eonomi entities and government institutions. A large perentage of devies will depend on harvested energy. In order to redue energy onsumption, omputation tasks will often e offloaded to data enters. Communiation will often use tehnologies that require less energy than those urrently widely used. Most likely, near-field ommuniation (NFC) will greatly inrease its market share. Other highly onstrained metris inlude ost and area. It is likely that new pakaging and integration tehnologies will emerge. An important oservation is that many deployed devies should e in operation for years if not deades. Replaing atteries an e expensive and impratial. Therefore, it is expeted that regardless of tehnology progress, most likely energy will eome the most expressed limitation. Intel has demonstrated that passive RFID an e utilized to form WISP network in whih eah devie ollets energy from a querying devie [14]. In their initial implementation, a very limited set of seurity and ryptographi tasks an e exeuted on the items themselves. However, the use of hardware-ased seurity primitives may alter that vision. We onlude this setion with a rief summary of system software requirements for IoT systems. These requirements may serve as a hek list for developers of IoT systems and CAD researh. Currently, it is widely assumed that seurity primitives reated y lassial ryptography will e used. We laim that hardware seurity primitives an e used to reate all expeted protools at a fration of hardware and energy requirements with muh higher resilieny against side-hannel attaks. IoT operating systems will have to provide a numer of servies and system software must e onsistent with standard Internet protools and servies. Targeted seurity protools inlude TLS, IPSe, VPN, SSH, SFTP, HTTPS, SNMP, and seure email [15]. Also, standard enryption and deryption servies are required. Speial attention should e plaed on equipping eah IoT devie with a seure ootloader and automati failak. In addition, system software should e equipped with mehanisms for deteting and reporting physial and in partiular side-hannel attaks and seure wireless links should e provided. III. PUBLIC PUF PPUFs have extended the pratiality of PUFs y enaling the reation of puli key protools. While PUFs require that their haraterization and struture remain hidden and seret, the PPUF design and haraterization is dislosed to the puli. In this way, the design itself eomes the puli key. The puli nature of the PPUF makes it the premier primitive for seuring IoT devies sine its suseptiility to physial and side-hannel attaks is eliminated. Furthermore, PPUFs have small area footprint and orders of magnitude lower energy onsumption than their traditional ryptographi ounterparts. A. XOR Network Delay PPUF Bekmann et al. proposed the first PPUF model along with aompanying protools for puli key ryptography [16]. The puli key onsisted of the omplete haraterization of the design, inluding gate-level harateristis, suh as leakage energy and delay. Due to the effets of proess variation, inherent doping onentrations varianes and line-edge roughnesses manifested as different values of effetive hannel lengths and threshold voltages whih ultimately effet leakage energy and delay of eah transistor. In this way, the puli key was random, and unlonale, however, still ale to e simulated, although very arduous to do so due to the design. The arhiteture of Bekmann s PPUF is a gridded network of XOR gates. Due to inherent intrinsi manufaturing variaility, the physial harateristis of eah XOR gate differ. Speifially, due to variations in doping onentrations and line 419

δ ae 3 δ ei 7 δ e 4 δ fi 2 δ f 5 δ ej 5 δ df 4 δ fj 8 δ ag 4 δ gk 5 δ g 5 δ hk 4 δ h 8 δ gl 7 δ dh 4 δ hl 3 a d a d e f g h i j k l Fig. 1: Differential PPUF ooster ell example. The delay of a rising edge from input i to output j is denoted y δ ij. Fig. 3: Devie aging-ased mathed PPUF arhiteture. a d Fig. 2: Differential PPUF represser ell example. edge roughness, differenes in threshold voltages and effetive hannel lengths emerge. When sending an input through the gates, the rising edges will rae throughout the gridded network. Eah XOR gate will transition upon the arrival of a new rising or lowering edge and emit the output orresponding to its input at that partiular time. These signals will propagate throughout the iruit, ausing multiple transitions at eah XOR gate. The input hallenge is a omination of oth the input vetors (x(0), x(1)) as well as a time delay (t) at whih to read the outputs of the network. The design of this PPUF takes advantage of the glithing effets of multiple propagating and delayed signals throughout the XOR network. This arhiteture also requires ultra aurate, ultra preise, and ultra high frequeny loks in order to operate on the physial PPUF, and, for larger PPUFs, requires muh longer simulation times for the ommuniating parties wishing to initiate authorized ontat with a a PPUF owner. B. Differential PPUF The differential PPUF eliminates the need for ultra aurate lok manipulation for high preision timing as well as long simulation times [17]. Like its predeessor, the unlonaility of the differential PPUF relies on the inherent randomness in manufaturing variaility, speifially manifesting as varianes in gate delays. A key novelty of this arhiteture is that the hallenge vetor is redued from two input vetors plus a timestamp to a single input vetor. This eliminates the need for aurate lok apturing of glith temporal harateristis eause it only requires the measurement of the frontier signal. Consider the differential PPUF ooster example depited in Figure 1. If the input swithes from 0000 to 0101, output i will swith at times 6 and 11, j at times 9 and 12, k at times 8 and 9, and l at times 7 and 12. By plaing an ariter with inputs from i and k and a seond ariter with inputs from j and k, we eliminate the need for high preision timing y only apturing the first winner of the two paths. Hene, only frontier signals are neessary. However, sine one has to simulate only these frontier signals, an arhiteture in whih one an predit whih e frontier signals will not ause transitions is not seure. Thus, in addition to ooster ells, the differential PPUF inludes represser ells onsisting of a NAND gate network to terminate susets of propagating signals in an unpreditale manner, suh as the one depited in Figure 2. Together, the alternation of ooster ells followed y represser ells reates a highly non-linear system that is exponentially hard to simulate with a linear size inrease. C. Devie Aging and Mathed PPUFs All previously proposed PPUFs, inluding the differential PPUF, are potentially sujet to long-term reverse engineering attaks. The devie aging-ased PPUF design eliminates the possiility of these attaks through dynami reonfiguration. The key idea is to leverage devie aging to alter the PUF s physial properties, thus hanging its ehavior. Speifially, devie aging through tehniques suh as NBTI an permanently alter the threshold voltages of gates, thus inreasing their delay [18]. The key limitation to the original devie aging-ased PPUF, along with all other previously designed PPUFs, is that they employ a large time gap etween exeution and simulation to enale puli key ommuniation. While eah PPUF design provided faster simulation time on the part of the authentiation party than its predeessor, the fat remains that at least one partiipating party requires signifiant resoures for ommuniation in omparison to the partiipant in possession of the physial PPUF. The mathed PPUF arhiteture attempts to remove the need for simulation entirely y supplying oth ommuniating parties with physial PPUFs that are gloally unique post fariation, ut an e made idential through a novel mathing proedure. This proedure is exeuted in suh a way that only the two partiipating PPUFs eome idential while it is proailistially negligile that a third snooping adversary is ale to math as well. The arhiteture of the mathed PPUF utilizes ooster ells and represser ells, similar to those designed for the differential PPUF and depited in Figure 1 and 2. The first mathed PPUF arhiteture onsisted of h stages of ooster ells followed y r represser ells, and interstage networks onneting them as depited in Figure 3. Mathing is done post fariation when two ommuniating parties, eah with their own PPUF, enale, disale, and age their individual sets of gates until a portion of gates are mathed etween the two of them and their PPUFs now implement the same funtionality. An adversary snooping on the mathing protool is still only ale to math 58.3% of the onfiguration [19]. Attempting 420

to math the remaining gates through simulation or speial purpose hardware is not quik enough to suessfully imitate the physial PUF. Furthermore, the task is made even more diffiult y inreasing the size of the PPUF, therey inreasing the total numer of unmathed adversarial gates whih has an exponential inrease in simulation omplexity. The mathing PPUF was later improved upon to allow for n-party ommuniation and does not require devie aging upon mathing, ut is aged immediately post-fariation to set quanta. Multiple party mathing is enaled on-the-fly through a quantized mathing sheme [20]. D. NanoPPUF A very natural enaling tehnology for PUFs are emerging nanotehnologies. Reently, PPUF designs have een proposed utilizing III-V nanowires and memristors [21] [22]. Not only do the enaling omponents of these devies (namely, the nanotehnologies themselves) exhiit very non-linear inputoutput responses (this is represented y I-V urves), and thus, are ale to etter satisfy Shannon s onfusion and diffusion priniples, they also exhiit randomness in their synthesis proesses. Most importantly though, they ontriute to the new notion of idiretionality whih enales an entirely new seurity dimension. Current IC designs rely on the most asi omponent of the IC, the transistor. This three terminal devie has a soure, a sink, and a gate, and an only e operated in a unidiretional manner. However, a memristor is a two terminal devie in whih either a negative or positive voltage an e plaed aross it, and will output differently depending upon its urrent state. In urrent IC implementations of PPUFs, input vetors are applied to input pins and flow through a iruit network ultimately produing an output at the assigned output pins. By utilizing partiular nanotehnologies, the input and output pins no longer need to e neessarily statially assigned, ut an e hosen at runtime. This introdues an entirely new dimension to the PPUF design spae. The NanoPPUF arhiteture is omposed of a network of non-linear nanotehnology omponents gridded together as depited in Figure 4. A hallenge onsists of a set of input loations and voltages. Upon applying the inputs the signals travel throughout the non-linear network omponents until settling at the remaining pins, yielding the output. A novel polyomino partitioning sheme enales for quik authentiation while maximizing seurity [22]. IV. HARDWARE OBFUSCATION IoT devies an often e installed in inseure or unattended loations whih an often e physially aessed y an attaker. Hardware logi ofusation is a tehnique that protets the hardware intelletual property of these devies and seures on-hip information speifially e preventing reverse engineering attaks. Wendt et al. have developed two tehniques for hardware ofusation using the standard delay-ased PUF [23]. The first method onnets pairs of wires together in suh a way that a PUF s output it determines whether the two wire values are swithed or not. Sine the original hip designer is the Fig. 4: Nanotehnology-ased PPUF example. Eah ell onsists of a random network of non-linear omponents. The shaded regions represent example polyomino partitions. only one who knows the orret funtionality of the iruit (i.e. whih wires should and should not e swapped) and is the only one who knows the funtionality of eah PUF after fariation, he an set the PUF inputs suh that the iruit will funtion orretly. Furthermore, wire swappings are plaed in suh a way that they produe an exponential numer of possile onfigurations. Furthermore, the speifi key used for eah IC will e different for eah IC sine eah IC will have a unique set of PUFs. The seond tehnique for hardware ofusation is the diret replaement of logi with a PUF and piee of programmale fari. Xu et al. improve upon this design y employing the first digital PUF for diret logi ofusation [24]. V. DIGITAL PUF The onept of the digital PUF was first proposed in [25]. There are two major omponents that ompose the digital PUF: a stale delay-ased PUF and a lookup tale (LUT) network. The analog delay-ased PUF is made stale y the tehniques disussed elow. A. Standard Delay-ased PUF Staility The onept of the delay-ased PUF was first proposed y Pappu et al. [26]. The PUF onsists of two delay paths with nominally the same propagation delay. However, due to proess variation, the atual delay in the two paths differ. An ariter plaed at the end of the two paths generates the output of the PUF ased on whih path is quiker. A major prolem of the delay-ased PUF is its instaility. Beause the propagation delay is extremely sensitive to the external environment (e.g. temperature and voltage) the delay of the two paths are also heavily influened y any variations. As a result, the PUF is onsidered not stale. Figure 5 depits an example of the delay-ased PUF. Eah stage is ontrolled y a single hallenge it. A rising edge is sent through the first stage and depending upon the hallenge it will either swap the trajetories (red) or remain (lue). Path differenes for different hallenges are depited in Tale I. Some hallenges (e.g. 1101) are ale to produe larger delay differenes ompared to other hallenges. The motivation is that if the first path is muh faster than the seond path, even if environmental onditions hange and affet the delays of oth paths, it is with high proaility that the first path will still e faster than the seond. We lael suh a hallenge and 421

Fig. 5: An example of delay-ased PUF with 4-it hallenge. Temp. Delay Ratio (T=300K) 0.04 0.05 0.06 0.07 0.08 0.09 0.1 250K 0.984 0.986 0.996 0.998 1 1 1 350K 0.982 0.986 0.993 0.998 1 1 1 400K 0.954 0.974 0.986 0.991 0.997 1 1 TABLE II: Proaility that outputs of the 64-it PUF are stale over varying temperatures for different delay ratios. C d C d C d C d 0000-1 0001 5 0010-1 0011 5 0100-2 0101 6 0110 0 0111 4 1000 0 1001 4 1010-2 1011 6 1100-3 1101 7 1110 1 1111 3 TABLE I: Delay differenes ( d) etween paths for all hallenges (C) in Figure 5. any other hallenges that are resilient to suh environmental hanges as stale inputs. Xu et al. define the notion of delay ratio to quantify the relative delay differene etween two paths [25]. The delay ratio is defined as the delay differene divided y the minimum of the two delays in question. Tale II depits the staility of inputs with a given delay ratio over varying operational onditions. Note that when the delay ratio reahes some threshold (e.g. 10%), the output of the orresponding hallenges remains stale regardless of environmental onditions. Thus, these hallenges are onsidered stale. B. Lookup Tale Network The lookup tale network is formed with a set of randomly onneted LUTs in a hierarhial struture as shown in Figure 6. Random shuffling is applied etween levels. For a LUT network with m inputs and n outputs, the hierarhial struture provides a mapping etween inputs and outputs. From an attaker s perspetive, it is extremely diffiult to derive the LUT onnetions and onfigurations diretly from the mapping. Therefore, if the attaker wants to implement a hardware lok that generates the same mapping, there is no way to reprodue the same original LUT network, instead, the attaker an only use rute fore to implement the omplex inputs-outputs mapping. Sine the size of the mapping grows exponentially with the size of the inputs, a linear inrease in its size reates an exponential inrease in diffiulty for an attaker. The use of randomly onneted LUT networks for seurity is first proposed in [27]. The outputs from a LUT network exhiit exellent statistial seurity properties; for example, they pass all NIST randomness tests [28]. They also satisfy the avalanhe riterion. In terms of appliation, they enale oth traditional protools suh as puli key ommuniation, as well as new protools suh as remote trust. They require orders of magnitude less energy in omparison to traditional ipher loks, and, most importantly, the LUT network is purely digital, and thus, resilient against variations in environmental and operational onditions. Fig. 6: Lookup tale network with m inputs and n outputs. C. Lookup Tale Initialization Before operation, the LUT network must e initialized and onfigured. Figure 7 depits the initialization proess. The user hooses a set of stale hallenges to apply to the supporting delay-ased PUFs. Then the stale outputs are used to initialize the ells in the LUT network. Note that oth the initialization hallenges as well as their assignment in the LUT network are hosen y the user, thus preventing maliious manufaturers from suverting the system. This integration of the stale delay-ased PUF with the LUT network omprises the digital PUF. The design preserves oth the unlonaility of the analog PUF as well as the digital property of the LUT network. By applying only stale hallenges to the delay-ased PUF at initialization, the output staility is guaranteed. Together with the intrinsi digital property of the LUT network, the whole system is resilient against environmental variations and an e plaed as any other omponent diretly inside digital logi. Furthermore, eause the initialization is dependent upon the delay-ased PUF and the delay-ased PUF an not e reprodued, the system remains unlonale. Therefore, even if an attaker steals information regarding what stale hallenges are used in initialization, he annot know the atual funtionality of the LUT network without reverse engineering delay-ased PUF. 422

Fig. 7: LUT network initialization. VI. CONCLUSION The Internet of Things (IoT) will onnet illions of devies to the Internet and redefine how individuals, eonomi entities, and government organizations will interat with the physial world. The numer of IoT devies will outgrow the numer of personal omputers and even moile phones y several orders of magnitude. Optimization intensive CAD tehniques ompounded with their traditional aurate modeling are naturally suited to enale the design of highly optimized IoT devies. Two paramount onstraints for IoT devies are energy and seurity. Both onstraints an e addressed well using CAD tehniques and we analyze several reently proposed hardware seurity primitives that enale strong and omprehensive seurity under very strit ost (hardware) and seurity onstraints. We explain how stale PUFs an e reated y restriting hallenges to ones that are stale under a great variety of operational onditions. We also riefly surveyed reently a proposed digital PUF that enales the diret use of this hardware seurity primitive inside an aritrary digital logi to reate seure information flow and puli key protools that require only one lok yle. Our strategi goal in this paper is to provide a starting points for reating CAD tehniques that answer IoT design requirements. ACKNOWLEDGEMENTS This work was supported in part y the NSF under award CNS-0958369, award CNS-1059435, and award CCF- 0926127, and y Samsung under award GRO-20130123. REFERENCES [1] N. Counil, Disruptive ivil tehnologies: Six tehnologies with potential impats on us interests out to 2025, in Conferene Report CR, 2008. [2] L. Atzori, A. Iera, and G. Moraito, The internet of things: A survey, Computer Networks, vol. 54, no. 15, pp. 2787 2805, 2010. [3] A. Juels, RFID seurity and privay: A researh survey, IEEE Journal on Seleted Areas in Communiations, vol. 24, no. 2, pp. 381 394, 2006. [4] J.-P. Vasseur and A. Dunkels, Interonneting smart ojets with IP: The next internet. Morgan Kaufmann, 2010. [5] J. Hui, D. Culler, and S. Chakraarti, 6LoWPAN: Inorporating IEEE 802.15. 4 into the IP arhiteture internet protool for smart ojets (IPSO) alliane, white paper #3, 2009. [6] A. Dunkels and J. Vasseur, IP for smart ojets, internet protool for smart ojets (IPSO) alliane, white paper #1, 2008. [7] M. Potkonjak, S. Meguerdihian, and J. L. Wong, Trusted sensors and remote sensing, in IEEE Sensors, pp. 1104 1107, 2010. [8] J. H. Kong, L.-M. Ang, and K. P. Seng, Minimalist seurity and privay shemes ased on enhaned AES for integrated WISP sensor networks, Journal of Communiation Networks and Distriuted Systems, vol. 11, no. 2, pp. 214 232, 2013. [9] A. M. Dunn et al., Eternal sunshine of the spotless mahine: Proteting privay with ephemeral hannels., in Operating Systems Design and Implementation (OSDI), pp. 61 75, 2012. [10] Y. Tang et al., CleanOS: Limiting moile data exposure with idle evition., in Operating Systems Design and Implementation (OSDI), vol. 12, pp. 77 91, 2012. [11] Z. N. Peterson, R. C. Burns, J. Herring, A. Stulefield, and A. D. Ruin, Seure deletion for a versioning file system., in File and Storage Tehnologies (FAST), vol. 5, pp. 4 11, 2005. [12] D. Boneh and R. J. Lipton, A revoale akup system., in USENIX Seurity, pp. 91 96, 1996. [13] S. Diesurg et al., TrueErase: Per-file seure deletion for the storage data path, in Anual Computer Seurity Appliations Conferene (AC- SAC), pp. 439 448, 2012. [14] J. R. Smith et al., RFID-ased tehniques for human-ativity detetion, Communiations of the ACM, vol. 48, no. 9, pp. 39 44, 2005. [15] K. Rowe, Seuring miroontroller RTOSes for the internet of things. http://www.emedded.om/design/operating-systems/4429868/ Seuring-miroontroller-RTOSes-for-the-Internet-of-Things, 2014. [16] N. Bekmann and M. Potkonjak, Hardware-ased puli-key ryptography with puli physially unlonale funtions, in Information Hiding, pp. 206 220, 2009. [17] M. Potkonjak, S. Meguerdihian, A. Nahapetian, and S. Wei, Differential puli physially unlonale funtions: arhiteture and appliations, in Design Automation Conferene (DAC), pp. 242 247, 2011. [18] M. A. Alam and S. Mahapatra, A omprehensive model of PMOS NBTI degradation, Miroeletronis Reliaility, vol. 45, no. 1, pp. 71 81, 2005. [19] S. Meguerdihian and M. Potkonjak, Mathed puli PUF: ultra low energy seurity platform, in International Symposium on Low Power Eletronis and Design (ISLPED), pp. 45 50, 2011. [20] S. Meguerdihian and M. Potkonjak, Using standardized quantization for multi-party PPUF mathing: Foundations and appliations, in International Conferene on Computer-Aided Design (ICCAD), pp. 577 584, 2012. [21] J. B. Wendt and M. Potkonjak, Nanotehnology-ased trusted remote sensing, in IEEE Sensors, pp. 1213 1216, 2011. [22] J. B. Wendt and M. Potkonjak, The idiretional polyomino partitioned PPUF as a hardware seurity primitive, in Gloal Conferene on Signal and Information Proessing (GloalSIP), pp. 257 260, 2013. [23] J. B. Wendt and M. Potkonjak, Hardware ofusation using PUFased logi, in International Conferene on Computer-Aided Design (ICCAD), pp. 1 8, 2014. [24] T. Xu, J. B. Wendt, and M. Potkonjak, Seure remote sensing and ommuniation using digital PUFs, in Symposium on Arhitetures for Networking and Communiations Systems (ANCS), pp. 1 12, 2014. [25] T. Xu and M. Potkonjak, Roust and flexile FPGA-ased digital PUF, in Field Programmale Logi and Appliations, pp. 1 6, 2014. [26] R. Pappu, B. Reht, J. Taylor, and N. Gershenfeld, Physial one-way funtions, Siene, vol. 297, no. 5589, pp. 2026 2030, 2002. [27] T. Xu, J. B. Wendt, and M. Potkonjak, Digital imodal funtion: an ultra-low energy seurity primitive, in International Symposium on Low Power Eletronis and Design (ISLPED), pp. 292 296, 2013. [28] A. Rukhin, J. Soto, J. Nehvatal, M. Smid, and E. Barker, A statistial test suite for random and pseudorandom numer generators for ryptographi appliations, teh. rep., DTIC Doument, 2001. 423

2024 © artsdocbox.com Privacy Policy | Terms of Service | Feedback