On malicious implants in PCBs throughout the supply chain

Harrison, Jacob; Asadizanjani, Navid; Tehranipoor, Mark

doi:10.1016/j.vlsi.2021.03.002

Cited by 29 publications

(15 citation statements)

References 36 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Trojan circuits create a backdoor for attackers and can be utilized to launch attacks compromising security assurance. Known practical PCB Trojans [26], [36], [64] fall into two main categories: Triggerable Trojans (Sec.V-A1 and V-A2). At the board level, Triggerable Trojans are based on small-package chips.…”

Section: Threat Modelmentioning

confidence: 99%

See 1 more Smart Citation

PDNPulse: Sensing PCB Anomaly with the Intrinsic Power Delivery Network

Zhu¹,

Shan²,

Sullivan³

et al. 2022

Preprint

View full text Add to dashboard Cite

The ubiquitous presence of printed circuit boards (PCBs) in modern electronic systems and embedded devices makes their integrity a top security concern. To take advantage of the economies of scale, today's PCB design and manufacturing are often performed by suppliers around the globe, exposing them to many security vulnerabilities along the segmented PCB supply chain. Moreover, the increasing complexity of the PCB designs also leaves ample room for numerous sneaky board-level attacks to be implemented throughout each stage of a PCB's lifetime, threatening many electronic devices. In this paper, we propose PDNPulse, a power delivery network (PDN) based PCB anomaly detection framework that can identify a wide spectrum of boardlevel malicious modifications. PDNPulse leverages the fact that the PDN's characteristics are inevitably affected by modifications to the PCB, no matter how minuscule. By detecting changes to the PDN impedance profile and using the Frechet distancebased anomaly detection algorithms, PDNPulse can robustly and successfully discern malicious modifications across the system. Using PDNPulse, we conduct extensive experiments on seven commercial-off-the-shelf PCBs, covering different design scales, different threat models, and seven different anomaly types. The results confirm that PDNPulse creates an effective security asymmetry between attack and defense.

show abstract

Section: Threat Modelmentioning

confidence: 99%

“…Accounting for every potential point-of-failure or susceptibility is impractical. Efforts have been made in academia to classify state-of-the-art threats and defenses [26], [53]. Still, the work is perennially ongoing and largely unsystematic because of different attack vectors that prevent generalization.…”

Section: Introductionmentioning

confidence: 99%

PDNPulse: Sensing PCB Anomaly with the Intrinsic Power Delivery Network

Zhu¹,

Shan²,

Sullivan³

et al. 2022

Preprint

View full text Add to dashboard Cite

show abstract

“…Nowadays, as an emerging trend, both the chip and printed circuit board (PCB) supply chains have become globalized in terms of, e.g., design, manufacturing, and distribution [20]. Chip or PCB designers devise and produce merely a small portion of components in-house, while relying on a variety of possibly malicious third-party components, contract manufactures, distributors, and EDA tools, thus rendering the supply chains vulnerable to hardware attacks from external entities.…”

Section: Hardware Supply-chain Attacksmentioning

confidence: 99%

PA-Boot: A Formally Verified Authentication Protocol for Multiprocessor Secure Boot

Zhang¹,

Yu²,

He³

et al. 2022

Preprint

View full text Add to dashboard Cite

Hardware supply-chain attacks are raising significant security threats to the boot process of multiprocessor systems. This paper identifies a new, prevalent hardware supply-chain attack surface that can bypass multiprocessor secure boot due to the absence of processor-authentication mechanisms. To defend against such attacks, we present PA-Boot, the first formally verified processorauthentication protocol for secure boot in multiprocessor systems. PA-Boot is proved functionally correct and is guaranteed to detect multiple adversarial behaviors, e.g., processor replacements, man-in-the-middle attacks, and tampering with certificates. The finegrained formalization of PA-Boot and its fully mechanized security proofs are carried out in the Isabelle/HOL theorem prover with 306 lemmas/theorems and ∼7,100 LoC. Experiments on a proof-of-concept implementation indicate that PA-Boot can effectively identify boot-process attacks with a considerably minor overhead and thereby improve the security of multiprocessor systems.

show abstract

“…In 2021, Harrison et. al surveyed existing PCB countermeasures and examples of board-level Trojans [6] and developed a taxonomy for establishing benchmarks for security.…”

Section: A Current Pcb Obfuscation Techniquesmentioning

confidence: 99%

PCB Netlist Obfuscation with Micro Electro Mechanical Systems and Additive Manufacturing Techniques

True

Khan

et al. 2021

International Symposium for Testing and Failure Analysis

Self Cite

View full text Add to dashboard Cite

Semiconductor manufacturing has been outsourced to un-trusted regions due to globalization. The complex multistep fabrication of micro-scale integrated circuits (ICs) and the tedious assembly of macro-scale Printed Circuit Boards (PCBs) are vulnerable to malicious attacks from design to final delivery. PCBs provide the functional connections of Integrated Circuits (ICs), sensors, power supplies, etc. of many critical electronic systems for consumers, corporations, and governments. The feature sizes of PCB signal traces in 2D and vias in 3D are an order of magnitude larger than IC devices, and are thereby more vulnerable to non-destructive attacks such as X-ray or probing. Active and passive countermeasures have been successfully developed for IC devices, however PCBs devices are difficult to wholly secure from all attacks. Passive countermeasures for X-ray attacks using high-z materials to block and scatter X-rays are effective, but there is a lack of active and passive countermeasures for PCB. In this paper, a framework for passively obfuscating a PCB's critical connections between components, such as ICs, from non-destructive attacks is demonstrated. This framework can be further extended to incorporate active countermeasures in future work. A proof of concept for a PCB electronic design automation (EDA) tool which combines the small features of micro electro-mechanical systems (MEMS), simulation of X-ray, and 3D PCB Manufacturing to iteratively optimize PCB design to thwart reverse engineering and probing attacks. Index Terms—Additive Manufacturing, MEMS, Hardware Assurance, Physical Inspection, Non-Destructive Technology

show abstract

On malicious implants in PCBs throughout the supply chain

Cited by 29 publications

References 36 publications

PDNPulse: Sensing PCB Anomaly with the Intrinsic Power Delivery Network

PDNPulse: Sensing PCB Anomaly with the Intrinsic Power Delivery Network

PA-Boot: A Formally Verified Authentication Protocol for Multiprocessor Secure Boot

PCB Netlist Obfuscation with Micro Electro Mechanical Systems and Additive Manufacturing Techniques

Contact Info

Product

Resources

About