We are safe, checking our software's for fallacy, for hacker's tricks. However we never think that the machine we run could be malicious itself. Their could be havoc if so happened, Prof. Indranil Sengupta(IIT-kgp) enlightens us about such threat and future research scope on Hardware Trojans.
VIEW the complete ppt here.
>> Liked the ppt? Then click here to share this on google+.
(Read more: Database Security Vendor Evaluation Guide)
WATCH the complete video here.
>> Liked the video? Then Click Here to share this on Linkedin
( Watch more : Latest Attacks Vectors and Threats on Aircrafts and Unmanned Arial Vehicles )
Excerpt from the talk
Malicious modification of the circuitry of an IC(Integrated Circuit)
- Modifications can take place pre or post manufacturing
- Inserted by intelligent adversary
- Extremely small hardware overhead
- Difficult to detect
- IC malfunctions in field
Do they exist?
- No concrete proof yet
- Tampering masks in fab is highly complex
- Reverse engineering a single IC can take months
Why worry?
- Numerous suspected military and commercial cases(since 1976)
- Reverse engineering in ICs is believed to be practiced in well reputed companies(like IBM)
- Highly sophisticated commercial softwares are available for reverse engineering
- Tampering at design stage is highly tempting and feasible
( Read more: My Key Learning While Implementing Database Security )
Serious Implications
- Military compromise
- Civilian Infrastructure compromise( like power grid, transportation etc.)
- Communication System massacre
- Loss of human life and property
- Monetary loss of billion dollars
( Read More: Firewall Checklist - Top 10 Things Your Next Firewall Must Do!)
Some direct malfunctioning
- “Hardware Trojans could turn microchips into timebombs” (P. Marks, NS, Jul. 2009) tweet this
- “Towards Countering the Rise of the Silicon Trojan” (DSTO, Australian Govt., Dec. 2008)
- “Cracking Security Codes: Does it Matter?” (C. Tartette, IEEE Spectrum, Feb. 2010)
Why is Trojan Detection so Challenging?
- Design overhead for Invasive methods
- Infinite instances,Low controllability and observability for logic-testing methods
- Large process variation,small trojan detection for side channel analysis
What are your views on 'Hardware Trojans' ? Are they really a pressing threat or not ? Share your views in the comments below.
Comments