diff --git a/main.bib b/main.bib index c3e821c..7a4ba68 100644 --- a/main.bib +++ b/main.bib @@ -2528,6 +2528,14 @@ file = {/home/jaseg/Sync/Research/Zotero/2007_Haobijam_Paily_Quality factor enhancement of CMOS inductor with pyramidal winding of metal.pdf;/home/jaseg/Zotero/storage/92HTG5MX/4472624.html} } +@article{harrisonSoKSecurityArchitects, + title = {{{SoK}}: {{A Security Architect}}’s {{View}} of {{Printed Circuit Board Attacks}}}, + author = {Harrison, Jacob and Jessurun, Nathan and Tehranipoor, Mark}, + abstract = {Many recent papers have proposed novel electrical measurements or physical inspection technologies for defending printed circuit boards (PCBs) and PCB assemblies (PCBAs) against tampering. As motivation, these papers frequently cite Bloomberg News’ “The Big Hack”, video game modchips, and “interdiction attacks” on IT equipment. We find this trend concerning for two reasons. First, implementation errors and security architecture are rarely discussed in recent PCBA security research, even though they were the root causes of these commonly-cited attacks and most other attacks that have occurred or been proposed by researchers. This suggests that the attacks may be poorly understood. Second, if we assume that novel countermeasures and validation methodologies are tailored to these oft-cited attacks, then significant recent work has focused on attacks that can already be mitigated instead of on open problems. We write this SoK to address these concerns. We explain which tampering threats can be mitigated by a PCBA security architecture. Then, we enumerate assumptions that security architecture depends on. We compare and contrast assurances achieved by security architecture vs. by recently-proposed electrical or inspection-based tamper detection. Finally, we review over fifty PCBA attacks to show how most can be prevented by proper architecture and careful implementation.}, + langid = {english}, + file = {/home/jaseg/Zotero/storage/2SAPGWBH/Harrison et al. - SoK A Security Architect’s View of Printed Circui.pdf} +} + @inproceedings{hastingsSoKGeneralPurpose2019, title = {{{SoK}}: {{General Purpose Compilers}} for {{Secure Multi-Party Computation}}}, shorttitle = {{{SoK}}}, @@ -4252,6 +4260,14 @@ file = {/home/jaseg/Zotero/storage/SY87W3RX/Silver-Flexible-Circuit-Solutions-Brochure-EN-Brochure.pdf} } +@article{monfaredHardwareMovingTarget, + title = {Hardware {{Moving Target Defenses}} against {{Post-Silicon Side-Channel Leakages}}}, + author = {Monfared, Saleh Khalaj and Mitard, Kyle and Forte, Domenic and Tajik, Shahin}, + abstract = {Pre-silicon tools for hardening hardware against side-channel and fault injection attacks have become popular recently. However, the security of the system is still threatened by sophisticated physical attacks, which exploit the physical layer characteristics of the computing system beyond the integrated circuits (ICs) and, therefore, bypass the conventional countermeasures. Further, environmental conditions for the hardware can also impact side-channel leakage and fault vulnerability in unexpected ways that are challenging to model in pre-silicon. Thus, attacks cannot be addressed solely by conventional countermeasures at higher layers of the compute stack due to the lack of awareness about the events occurring at the physical layer during runtime. In this paper, we first discuss why the current presilicon security and verification tools might fail to achieve security against physical threats in the post-silicon phase. Afterward, we provide insights from the fields of power/signal integrity (PI/SI), and failure analysis (FA) to understand the fundamental issue with the failed current practices. We argue that hardware-based moving target defenses (MTDs) to randomize the physical fabric’s characteristics of the system can mitigate such unaccounted postsilicon threats. We show the effectiveness of such an approach by presenting the results of two case studies in which we perform powerful attacks, such as impedance analysis and laser voltage probing. Finally, we review the overhead of our proposed approach and show that the imposed overhead by MTD solutions can be addressed by making them active only when a threat is detected.}, + langid = {english}, + file = {/home/jaseg/Zotero/storage/6XBDSNWT/Monfared et al. - Hardware Moving Target Defenses against Post-Silic.pdf} +} + @inproceedings{monfaredLeakyOhmSecretBits2023, title = {{{LeakyOhm}}: {{Secret Bits Extraction}} Using {{Impedance Analysis}}}, shorttitle = {{{LeakyOhm}}},