Cyber security is a hot topic, and so it should be. With the proliferation of smart devices, we need to make sure we are protecting our data. But have you ever considered the threat to the hardware supply chain? With the complexity of modern integrated circuits (IC), it is no longer possible for one company to design, fabricate, and test a chip – even more so as some have more than 2 billion transistors. IC production has become a multi-national distributed business, significantly increasing the risk of security breaches, leading to the emergence of new forms of attacks on the IC supply chain.
This article originally appeared on the Arm Community blog.
“I was awarded an industrial fellowship in 2019 to develop a defense mechanism against hardware supply chain security attacks, in particular the risk of counterfeiting. The latter is costing the UK economy around £30bn and is putting 14,800 jobs at risk, making it a huge issue that we need to address . We come back to this further on.
During the fellowship, I was able to build detailed threat models of the ICs supply chain. This was in addition to designing unforgeable Root of Trust hardware that can be embedded in computing devices to enable tracking and life-time monitoring. The solution is based on combining PUF with blockchain technology, an approach where ICs are uniquely identified and tracked along the chain, across multiple sites, to detect tampering. The solution is based on consortium blockchain and smart contract technologies; so, it is decentralized, highly available, and provides strong guarantees on the integrity of stored data and executed business logic. The unique identification of ICs along the chain is implemented by using PUFs as tamper-resistant IDs.”
“The fellowship was awarded thanks the support I received from Arm Research, who have recognized the importance of addressing the major challenges currently facing the hardware supply chain. During the fellowship, I was able to work closely with Hugo Vincent, Lead Security Research Architect, on these issues, and his feedback on industry perspectives surrounding these challenges was invaluable in formulating the research problem and developing practical solutions.”
“The relentless drive for more sophisticated and cheaper electronic products has led to unprecedented levels of outsourcing in the hardware supply chain. This has triggered the emergence of new forms of security threats. For example, developers of electronic systems, sometimes need to deal with brokers and third-party suppliers. This is because authorized distributors are out of stock of a certain part, seeking a lower price, or cannot afford to wait for the original supplier. Regardless of the reason, this approach put developers at the risks of purchasing counterfeit ICs. The latter can be out-of-specs, recycled or cloned parts. Such a possibility can have serious consequences if the counterfeit parts are used in safety critical systems. There have been many reported incidences that highlights the scale of this issue . For example, counterfeit microcontrollers have been supplied for use in braking systems in high-speed trains in Europe and in nuclear submarines in the United States.
The attack surface on computing devices has been further complicated by the proliferation of IoT technology as it allows interconnectivity among various systems at an unparalleled level. Put simply, it makes it easier for adversary to wage successful cyber, and sometimes, physical attacks. Overlooking security in the electronic products development process will put many systems at risk, leading in many cases to financial losses, damage of reputation, and in extreme cases, to physical harm. Building effective defense mechanisms requires a comprehensive understanding of the attack’s classes, goals of the adversary and their capabilities, such as threat modelling.
Existing threat modelling approaches, like those based on the STRIDE model, are not suitable for analyzing the security of IC supply chains. This is because these types of threats are of an inherently different nature compared to those included in the STRIDE model.
At the start my fellowship, I quickly realized there is a need for a new threat modelling approach that specifically targets the hardware supply chain. This was developed during my fellowship and is called CIST, covering four threat categories: Counterfeiting, Information Leakage, Sabotage and Tampering. CIST covers security risks throughout the lifecycle of an electronic system, from initial design, through operation, to recycle. It allows comprehensive analysis of supply chain risks and provides a systematic method for designing and evaluating security defense mechanisms. I am currently working to design a serious game for hardware supply chain security education, which will be based on the CIST model. My hope is that it will raise awareness of the security attacks on IC supply chains and possible countermeasures for both students and engineers. It is coming soon and will be freely available, so keep an eye out here.
This CIST model, along with related research, was recently published in my book, ‘Hardware Supply Chain Security: Threat Modelling, Emerging Attacks and Countermeasures’.”
“The attack surface on computing devices is becoming very sophisticated, driven by the rapid increase of the number of connected devices. In fact, in 2019, a staggering 2.9 billion cyberattacks were recorded ., and that’s in addition to emerging attacks on hardware supply chain as discussed above. Compromised hardware products pose serious threats if used in critical infrastructure and military applications. This continuously evolving landscape of security threats calls for an equally effective and adaptive defense mechanisms. I think future research should investigate how to develop more intelligent security defence mechanisms, capable of detecting new forms of attacks. I expect ML has an important role to play in this context. Another challenge is the energy costs for security countermeasures, especially for resource constrained devices in IoT applications. A third challenge is the integration of security technology in the current IC design process. Such integration is still facing many hurdles, and is preventing the adoption of innovative solutions in the field of hardware security, such as logic locking and PUF technology.”
“Security attacks impact the semiconductor industry in many ways. Stories of successful systems hacking, or even unexploited security vulnerabilities greatly undermines consumer confidence in such products, and can cause lasting reputational damage if not addressed quickly and satisfactorily. Supply chain security attacks such as IP theft and IC counterfeit, are the cause of significant financial losses. The industry has an important role to play in here, perhaps by actively supporting research in this area and raising awareness of its importance.”
“I am the Director of the Embedded Systems and Internet of Things (IoT) programs, and am the Hardware Security Champion of the GCHQ/EPSRC Academic Centre of Excellence (ACE-CSE) Southampton. My research expertise includes:
Learn more about hardware supply chain security in Basel Halak’s latest book, or contact him with any questions.