Uncategorized

Let us consider the following data for a semiconductor design company “X”: • Actual yield, Y = 0.9 • Die area A = 1.5 cm × 1.5 cm • Dies are processed on an R = 200 mm diameter wafer at $1500/wafer • Each mask cost $100,000 (Total 10 masks) • 5-man development team at […]

Describe the taxonomy of different types of counterfeits. 1. Explain how IP overuse and IP piracy may take place. Provide respective examples. 2. Why do overproduced ICs cost less than their original counterpart? 3. Why does using out-of-spec chips pose a threat? 4. Why are Trojans inserted by the foundry difficult to detect? 5. What

Describe the lifecycle of a modern electronic hardware / ASIC design. 1. Classify the attacks on hardware IPs in terms of the attacker’s origin and intent. Briefly describe possible attack instances of hardware Trojan and IC overproduction. 2. How can an IP be exploited via reverse engineering? Briefly explain potential attack instances of reverse engineering.

In the high level block diagram of a PCB used in a TV set top box the Digital Right Management (DRM) key is stored in a non-volatile memory (NVM) which goes to a comparator that generates the channel grant access signal. Describe a possible tampering attack that can bypass this protection. You can update the

Define hardware Trojans. What is the definition of a Modchip? What is JTAG? What primary purpose a PCB serves in any electronic hardware system? Describe possible attacks on a PCB.

Only untrusted design houses are vulnerable to PCB attacks. 1. Trusted design houses are not susceptible to malicious attacks. 2. Modchip attacks are prevalent in gaming consoles. 3. PCB reverse engineering requires industry-grade equipment and expertise. 4. It is comparatively easier to find a Trojan in multilayer PCBs.

Weak PUF is ideal for detecting counterfeit ICs via CRP-based authentication schemes. Error Correction Code (ECC) schemes can be used to improve the robustness for both PUF responses and TRNG outputs. A ring oscillator (RO)-PUF is basically a delay-based PUF. A TRNG must rely on random intrinsic or runtime noise.

Describe a potential attack instance when the design house is trusted in the PCB manufacturing process. Illustrate the scenario with an appropriate case study. 1. What would be an attack instance on PCBs manufactured in untrusted design houses? Describe with a relevant case study. 2. What are the possible attacks on PCBs? Explain the taxonomy

Briefly discuss the major characteristic differences between PUFs, TRNGs, and DfACs. 1. Briefly discuss the quality metrics used to evaluate PUFs and TRNGs. 2. Explain why RO-PUFs tend to produce more erroneous responses due to runtime noise and aging compared to traditional arbiter-PUFs. 3. Briefly describe what security primitives (strong PUFs, weak PUFs, or TRNGs)

Ideally, PUFs should have 50% intra-Hamming distance. Ideally, TRNGs should have 50% intra-Hamming distance. Frequency injection attack on an oscillator-based TRNG reduces the throughput, but entropy remains the same.