Skip directly to content

Minimize RSR Award Detail

Research Spending & Results

Award Detail

Awardee:UNIVERSITY OF CALIFORNIA, SAN DIEGO
Doing Business As Name:University of California-San Diego
PD/PI:
  • Ryan Kastner
  • (858) 534-8908
  • kastner@ucsd.edu
Award Date:07/24/2015
Estimated Total Award Amount: $ 516,000
Funds Obligated to Date: $ 532,000
  • FY 2015=$516,000
  • FY 2016=$16,000
Start Date:09/01/2015
End Date:08/31/2019
Transaction Type:Grant
Agency:NSF
Awarding Agency Code:4900
Funding Agency Code:4900
CFDA Number:47.070
Primary Program Source:040100 NSF RESEARCH & RELATED ACTIVIT
Award Title or Description:TWC: Small: Employing Information Theoretic Metrics to Quantify and Enhance the Security of Hardware Designs
Federal Award ID Number:1527631
DUNS ID:804355790
Parent DUNS ID:071549000
Program:Secure &Trustworthy Cyberspace
Program Officer:
  • Sandip Kundu
  • (703) 292-7314
  • skundu@nsf.gov

Awardee Location

Street:Office of Contract & Grant Admin
City:La Jolla
State:CA
ZIP:92093-0621
County:La Jolla
Country:US
Awardee Cong. District:49

Primary Place of Performance

Organization Name:University of California-San Diego
Street:
City:La Jolla
State:CA
ZIP:92093-0934
County:La Jolla
Country:US
Cong. District:49

Abstract at Time of Award

Computing devices control much of the world around us. They power smart phones, kitchen appliances, cars, power grids, medical devices, and many of the other objects that we rely upon in our everyday lives. The foundation of these systems is the hardware, which are complex multi-billion transistor chips. Gaining control of the hardware provides unfettered access to every part of the system. This makes it a highly attractive target for attackers. Compromised hardware allows unauthorized users to obtain personal information, and can be used to force the device into unsafe and potentially life threatening scenarios. Thus, it is paramount to develop techniques to enable secure hardware design. Creating secure hardware requires the designer to assess potential vulnerabilities. Currently it is hard to concretely say anything about the security (or lack thereof) of the hardware. This project is developing quantitative hardware security metrics that enable designers to precisely evaluate the security of the system. The team is attempting this by employing statistical measures on the amount of uncertainty and information flow that is present across different portions of the hardware. These metrics are oblivious to the types of variables under consideration. Thus, the team can assess both functional security properties related to confidentiality and integrity as well as covert channels. These metrics enable the characterization of portions of the system that are potentially vulnerable to attacks. And they determine the effectiveness of mitigation techniques on the overall security of the system. The end result is more secure hardware, which leads to safer and more secure computing devices.

Publications Produced as a Result of this Research

Note: When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).

Some links on this page may take you to non-federal websites. Their policies may differ from this site.

Shen, Lixiang and Mu, Dejun and Cao, Guo and Qin, Maoyuan and Blackstone, Jeremy and Kastner, Ryan "Symbolic execution based test-patterns generation algorithm for hardware Trojan detection" Computers \& Security, v.78, 2018, p.267--280.

Hu, Wei and Mao, Baolei and Oberg, Jason and Kastner, Ryan "Detecting hardware trojans with gate-level information-flow tracking" Computer, v.49, 2016, p.44--52.

Hu, Wei and Mao, Baolei and Oberg, Jason and Kastner, Ryan "Detecting hardware trojans with gate-level information-flow tracking" Computer, v.49, 2016, p.44--52.

Hu, Wei and Mao, Baolei and Oberg, Jason and Kastner, Ryan "Detecting hardware trojans with gate-level information-flow tracking" Computer, v.49, 2016, p.44--52.

Baolei Mao, Wei Hu, Alric Althoff, Janarbek Matai, Jonathan Valamehr, Timothy Sherwood, Dejun Mu, and Ryan Kastner "Quantifying Timing-Based Information Flow in Cryptographic Hardware" IEEE/ACM International Conference on Computer-Aided Design (ICCAD), v., 2015, p..

Ryan Kastner, Wei Hu, and Alric Althoff "Quantifying Hardware Security Using Joint Information Flow Analysis" Design, Automation & Test in Europe Conference & Exhibition (DATE), v., 2016, p..

Wei Hu, Baolei Mao, Jason Oberg, and Ryan Kastner "Detecting Hardware Trojans with Gate-Level Information-Flow Tracking" IEEE Computer Special Issue on Security of Hardware and Software Supply Chain, v., 2016, p..

Mao, Baolei and Hu, Wei and Althoff, Alric and Matai, Janarbek and Tai, Yu and Mu, Dejun and Sherwood, Timothy and Kastner, Ryan "Quantitative analysis of timing channel security in cryptographic hardware design" IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, v.37, 2017, p.1719--173.

Mao, Baolei and Hu, Wei and Althoff, Alric and Matai, Janarbek and Tai, Yu and Mu, Dejun and Sherwood, Timothy and Kastner, Ryan "Quantitative Analysis of Timing Channel Security in Cryptographic Hardware Design" IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, v.37, 2018, p.1719--173.


Project Outcomes Report

Disclaimer

This Project Outcomes Report for the General Public is displayed verbatim as submitted by the Principal Investigator (PI) for this award. Any opinions, findings, and conclusions or recommendations expressed in this Report are those of the PI and do not necessarily reflect the views of the National Science Foundation; NSF has not approved or endorsed its content.

Designing hardware that is resilient to the vast and growing number of security attacks is a challenging problem. Hardware designs are extremely complex making it difficult to understand any potential security vulnerabilities. Creating secure hardware is even more difficult when the designer cannot assess the potential value that a security feature has in protecting the system from an attack. Currently it is possible to determine the impact that a security feature has on throughput, latency, power, and energy, yet, it is hard to concretely say anything about how the same feature will enhance the security of the system. Thus, metrics that precisely evaluate the security of the design are fundamental to any hardware security design tool.

This research project developed effective metrics that can be employed by the hardware designers to quantify the security of their designs. Such metrics are used alongside traditional hardware design parameters to allow the designer to better understand the tradeoffs between different optimizations, and in particular how they affect the security of the hardware. This facilitates the development of hardware design tools that use those security metrics to assess the quality of the design. The intellectual merits of this projects are:

  • Developing quantitative security metrics that cover a vast number of security interests including confidentiality, integrity, isolation, separation, and side channels.
  • Providing efficient techniques to compute these security metrics on large hardware designs and system on chip.
  • Specifying security properties of interest, identifying security vulnerabilities, and understanding the effectiveness of mitigation techniques.

The broader impacts relate to the training of the next generation of engineers and computer scientists in the development of secure and trustworthy hardware and computing systems; this project partially funded the support of nine undergraduates, six graduate students, and one post-doctoral scholar. Other broader impacts include submitted patents, which are being licensed for use in a commercially available hardware security design tool.

 


Last Modified: 01/14/2020
Modified by: Ryan Kastner

For specific questions or comments about this information including the NSF Project Outcomes Report, contact us.