Hardware Trojans and the Internet of Things
Countless systems ranging from consumer electronics to military equipment are dependent on integrated circuits (ICs). A surprisingly large number of such systems are already security-critical, e.g., automotive electronics, medical devices, or SCADA systems. If the underlying ICs in such applications are maliciously manipulated through hardware Trojans, the security of the entire system can be compromised. In recent years, hardware Trojans have drawn the attention of the scientific community and government. Initially, the primary attacker model was a malicious foundry that could alter the design, i.e., introduce hardware Trojans which could interfere with the functionality of a chip. Many other attacker models exist too. For instance, a legitimate IC manufacturer, such as a consumer electronics company, might be in cohort with a national intelligence agency and could alter its products in a way that compromises their security.
Even though hardware Trojans have been studied for a decade or so in the literature, little is known about how they might look, especially those that are particularly designed to avoid detection. In this talk we introduce several low-level manipulation attacks against embedded system, targeting two popular types of hardware platforms, ASICs and FPGAs.
Christof Paar has the Chair for Embedded Security at Ruhr University Bochum, Germany, and is research professor at the University of Massachusetts Amherst. He co-founded CHES (Cryptographic Hardware and Embedded Systems), the leading international conference on applied cryptography. Christof’s research interests include efficient crypto implementations, hardware security, and security analysis of real-world systems. He also works on applications of embedded security, e.g., in cars or consumer devices. He holds an ERC Advanced Grant in hardware security and is spokesperson for two doctoral research schools. Christof has over 200 peer-reviewed publications and is co-author of the textbook Understanding Cryptography (Springer, 2009). He is Fellow of the IEEE and the IACR (International Association of Cryptological Research) and he has given invited talks at MIT, Yale, Stanford, IBM Labs and Intel.
Christof co-founded ESCRYPT, a leading system provider for automotive security. ESCRYPT is now part of Bosch.In 2003, he founded escar – Embedded Security in Cars, which has become the premier conference in the automotive security domain.