Pl don't mistake me asking this, I need to ask because if it is not published in India and has been published recently, I would probably publish them in my newspaper (quoting the source).
Subramani -----Original Message----- From: accessindia-boun...@accessindia.org.in [mailto:accessindia-boun...@accessindia.org.in] On Behalf Of Sanjay Sent: Sunday, November 15, 2009 10:25 PM To: accessindia@accessindia.org.in Subject: [AI] Hardware Trojans could turn microchips into timebombs Please do not ask for source. As I myself don't know and do not bother about it, how can I give you the source? I receive most of these mails from one of my tech savvy colleagues. As he forwards/sends me in the form of attachments, I have to open and read then copy and paste to this list. I hope those who ask for source will understand this. If I know the source, I will surely mention it. 'Hardware Trojans' could turn microchips into timebombs Firewalls and anti-virus software will be useless against to a new generation of attacks that target the very fabric of microchips by Paul Marks MICROCHIPS are vulnerable to a host of attacks during their manufacture that could quietly render them useless shortly after being put to use in crucial applications. The possibility is raising fears that critical systems such as air traffic control, power grids and military systems could be hacked more easily than had been thought. Last week, engineers from Case Western Reserve University in Cleveland, Ohio, and the electronics firm Rockwell Automation of Milwaukee, Wisconsin, revealed how microchips could be effectively turned into time bombs in two papers published on the physics preprint server (arXiv:0906.3832 and 0906.3834). There is currently no way to test for chips adulterated in this way, says electronics engineer Frank Wolff of the Case Western team, although he and others are exploring detection techniques (see "Tripping up trojans"). Another kind of chip doctoring is exercising the minds of engineers at the Pentagon's Defense Advanced Research Projects Agency (DARPA). In 2005, a report from the Defense Science Board, an advisory committee for the US military, warned that the inexorable migration of silicon chip manufacturing from the US to countries employing cheaper labour meant the US was no longer in complete control of the technology it relies upon. How would anyone know, the board asked, if a chip-industry engineer in Taiwan, Singapore or China, say, had introduced a malicious circuit - a remotely controllable kill switch, for example - in a chip containing many millions of transistors? How would anyone know if a malicious, remotely controlled circuit had been introduced into a chip? As a result of that report, DARPA, based in Arlington, Virginia, established a research programme called Trust in Integrated Circuits. Its research, carried out largely in secret, is to work out how memory chips, logic circuit designs and the like can be adulterated - and how to detect those that have been. To sabotage a chip, a culprit would have to be an expert chip designer with access to the computer-aided design systems containing a chip's blueprints. The latest fear, however, is that it's not only designs that can be sabotaged - the manufacturing process itself is also vulnerable. The Case Western and Rockwell team says there are four ways in which the properties of semiconductors might allow hidden defects - which they call hardware trojans - to be introduced into microchips. They are all based on the mechanisms that eventually cause chips to wear out naturally some time after their 10-year guaranteed lifetime. The mechanism that most concerns them is called "hot carrier injection" (HCI) because it works by gradually - but undetectably - degrading the function of some of the transistors in a chip. So how would an HCI-based attack work? A transistor is an on-off switch with three terminals: a source and a drain through which the current flows, and a gate that sits above these terminals, linking them together. Applying a voltage to the gate sets up an electric field that allows a current to flow. The speed at which this happens is crucial as it helps to determine the clock speed of a microprocessor, or the access time of a memory. The gate terminal has a layer of silicon dioxide insulation beneath it which is constantly bombarded by electrons (hot carriers) whizzing through the channel between the source and drain. To prevent that insulation from deteriorating, engineers dope it with nitric oxide or nitrous oxide during manufacturing to create a resilient nitrate layer. So without the need to know anything about the circuit design, an engineer in a chip-making facility could modify the nitrate concentration, or the temperature of the nitrate layering process, to create a chip wafer with a thinner protective layer that is more vulnerable to hot carriers. The upshot is that the switching time becomes gradually slower until the gate's insulation breaks down completely - at which point the chip fails. Measuring the thickness of this layer in a chip is almost impossible so victims are initially unaware they've been targeted. A further problem is that the process of deterioration can vary hugely. "That would cause some devices on a wafer to wear out in months to a few years, thus creating a reliability-based trojan," say the team. Earlier this year, Colonel Glenn Zimmerman of the Pentagon's Cyber Command for computer warfare said the need to verify critical microchips is crucial. "We now import most of our semiconductor devices so there is no question that they, and the chip fabrication foundries they come from, need authenticating," he says. Tripping up trojans A SABOTEUR involved in the design of a microchip could include extra circuitry in a chip that distorts calculations only after it is triggered by a predetermined set of instructions. This kind of skulduggery is tricky to spot because such a "hardware trojan" would not reveal itself until it is activated. An ordinary chip test would not find it, and spotting the extra circuits among the billions of legitimate ones is practically impossible. But at an IEEE conference on hardware security in San Francisco in July, engineers at Case Western Reserve University in Cleveland, Ohio, and Rockwell Automation of Milwaukee, Wisconsin, will reveal a smart way to detect such compromised circuits. Their idea is to run critical applications only on chips with multiple processors, or "cores", rather than older chips with a single core. The idea is to run each logical task on at least two cores and compare the outputs. If one of the cores is compromised, the outputs will differ after the trojan is triggered. This allows the core with a trojan to be identified and excluded from use. The penalty is the need to run an ultrafast software algorithm that can carry out this comparison process behind the scenes - but at least the chip can continue in operation despite any adulteration. "This addresses the 'time bomb' issue by using multicore processors to learn where the trojans are over time. It's currently the most attractive solution," says Frank Wolff, a computer security specialist on the Case Western team. To unsubscribe send a message to accessindia-requ...@accessindia.org.in with the subject unsubscribe. To change your subscription to digest mode or make any other changes, please visit the list home page at http://accessindia.org.in/mailman/listinfo/accessindia_accessindia.org.i n Email secured by TPML Raksha Checkpoint To unsubscribe send a message to accessindia-requ...@accessindia.org.in with the subject unsubscribe. To change your subscription to digest mode or make any other changes, please visit the list home page at http://accessindia.org.in/mailman/listinfo/accessindia_accessindia.org.in