Synthesis Lectures on Information Security, Privacy, and Tru
1 total work
Hardware Malware
by Edgar Weippl, Christian Krieg, Adrian Dabrowski, and Heidelinde Hobel
Published 1 September 2013
In our digital world, integrated circuits are present in nearly every moment of our daily life. Even when using the coffee machine in the morning, or driving our car to work, we interact with integrated circuits. The increasing spread of information technology in virtually all areas of life in the industrialized world offers a broad range of attack vectors. So far, mainly software-based attacks have been considered and investigated, while hardware-based attacks have attracted comparatively little interest. The design and production process of integrated circuits is mostly decentralized due to financial and logistical reasons. Therefore, a high level of trust has to be established between the parties involved in the hardware development lifecycle. During the complex production chain, malicious attackers can insert non-specified functionality by exploiting untrusted processes and backdoors. This work deals with the ways in which such hidden, non-specified functionality can be introduced into hardware systems. After briefly outlining the development and production process of hardware systems, we systematically describe a new type of threat, the hardware Trojan. We provide a historical overview of the development of research activities in this field to show the growing interest of international research in this topic. Current work is considered in more detail. We discuss the components that make up a hardware Trojan as well as the parameters that are relevant for an attack. Furthermore, we describe current approaches for detecting, localizing, and avoiding hardware Trojans to combat them effectively. Moreover, this work develops a comprehensive taxonomy of countermeasures and explains in detail how specific problems are solved. In a final step, we provide an overview of related work and offer an outlook on further research in this field.