Uncategorized

SAT attack directly finds the key used for obfuscation. The features of design integrated with gate camouflaging can never be reverse engineered. The entire truth table is not needed to attack a design obfuscated by camouflaging. In state space obfuscation, modification cells are added to hide the newly inserted FSM. An attacker cannot reverse engineer […]

Reverse engineering of hardware IP is considered illegal. 1. None of the software obfuscation approaches are applicable to hardware IPs. 2. The design house is untrusted in certain scenarios in an IC supply chain. 3. For maximum output entropy in logic locking, Hamming Distance should be 100%.

Determine the correct key for the logic encrypted circuit below in Fig. 14.12 (in other words, what key makes x = x’ and y = y’). Explain your answer. 1. Describe the vulnerabilities in each step of the supply chain of an IC. 2. Briefly describe the possible obfuscation-based solutions for countering hardware IP piracy

During state space obfuscation, what would be the minimum clock cycle for applying a 256-bit key for an obfuscated IC with 18 primary inputs? Assume only 16 of the primary inputs can be used for applying the obfuscation key. 1. What is a possible way for the attacker to identify the inserted FSM that applies

Briefly discuss SAT attack on logic locking. Also, describe the effect of a distinguishing input pattern (DIP) generated during the SAT attack. 1. What are the programmable resources within the FPGA architecture that could be modified to enable bitstream obfuscation?

Meltdown does not rely on speculative execution; it exploits only out-of-order execution. 1. Internet-of-things ecosystem cannot be attacked using any hardware-software exploit because it is too diverse for the attacker. 2. Software Trigged Hardware Trojans can be used to cause denial-of-service (DoS) attack. 3. Preventing the execution of the clflush (cache flush) command can deter

Trusted Execution Environment can prevent DoS attacks. 1. Evict+Time requires knowledge of cache structure to properly trigger cache contention in a system. 2. Security policies no longer need to be defined when using Security Policy Enforcement Architectures. 3. Modifications to DfD are needed to maintain both security and controllability of internal signals. 4. For pre-silicon

How can overclocking and undervolting lead to a CLKSCREW attack? Which phase of SoC Verification can be used to detect side-channel attacks. Why? Instead of the centralized policy engine described earlier, a designer decides to implement distributed policy enforcement (relevant security policies are described in the corresponding IP instead of a centralized engine). Describe two

What is the difference between Meltdown and Meltdown Prime? 1. What is the potential overhead if we disable out-of-order execution in an attempt to address the Spectre exploit? 2. In a 32-bit RISC architecture with 5-bit instruction opcode, what is the probability of activating a software-induced hardware Trojan with a trigger condition of 5 ADD

Which access control policies, if any, can address software induced hardware Trojans? Describe an encryption method that is ideal for securing data in a DfD structure with cost-effective area overhead, and key management. An attacker uses the same trigger condition from the Trojan in Question 3 Short Answer, to toggle the secure mode flag in