Projects

Project title: Securing State-of-the-Art Chips Against High-Resolution Contactless Optical and Electron-Beam Probing Attacks

Acronym: OnE-Secure

Principal Investigators:

• Sebastian Brand (FhG IMWS)
• Rolf Drechsler (U Bremen)
• Jean-Pierre Seifert TU Berlin)
• Frank Sill Torres (DLR)

Project Staff: 

• Sajjad Parvin, (U Bremen)

Available open position: TBA

Attribution within the Priority Program:

Link to Project Website:

Physical hardware attacks, especially optical attacks through the chip’s backside, have shown to be a threat to secret data and intellectual property stored on integrated circuits (ICs). Techniques from IC failure analysis, like optical probing (OP), can extract cryptographic keys, configuration data, or other secrets. Recently, due to the demand in the failure analysis (FA) industry for higher resolving tools, electron beam (E-beam) probing has been gaining more attention. Although the threat of attacks is known, no relevant countermeasures have been deployed in commercial chips so far. Following this observation, this project aims to explore methods that can protect future nano-circuits from ”Optical and E-beam” (OnE) probing attacks. By combining the expertise gained in the OptiSecure and the nanoEBeam projects from the first call into a single project with four partners, this unified project continues researching alternative chip designs that are robust against both of the aforementioned techniques.

Project title: Exploration of an integrated Strain-based TAMPer Sensor for Puf and trng concepts with best-in-class Leakage resilience and robUStness

Acronym: STAMPS-PLUS

Principal Investigators:

• Ralf Brederlow (TU Munich)
• Matthias Hiller (FhG AISEC)
• Michael Pehl (TU Munich)

Project Staff:

• Pengchen Xu (TU Munich)
• Valentin Huber

Available open position: TBA

Attribution within the Priority Program:

Link to Project Website:

Project title:  Randomization in Secure Nano-Scale Microarchitectures 2

Acronym: RAINCOAT II

Principal Investigators:

• Lucas Davi (U Duisburg-Essen)
• Tim Güneysu (RU Bochum)

Project Staff: TBA

Available open position: TBA

Attribution within the Priority Program:

Link to Project Website:

Project title:  Embedded Software Security into Modern Emerging Hardware Paradigms

Acronym: EMBOSOM

Principal Investigators:

• Rolf Drechsler (U Bremen)
• Tim Güneysu (RU Bochum)
• Pascal Sasdrich (RU Bochum)
• Christoph Lüth (U Bremen)

Project Staff: TBA

Available open position: TBA

Attribution within the Priority Program:

Link to Project Website:

Project title: Towards Secure Electroforming-free Memristive Cryptographic Implementations

Acronym: MemCrypto

Principal Investigators:

• Ilia Polian, University of Stuttgart
• Nan Du, TU Chemnitz

Project Staff:

• Li-Wei Chen, University of Stuttgart

Available open position:

Attribution within the Priority Program:

Area 1 "Nano-electronics for Security"

Area 2 "Hardware Security and Cryptography"

Interdisciplinary Group IG3 "Physical Attack Resilience"

Link to Project Website: https://www.iti.uni-stuttgart.de/en/institute/projects/memcrypto/

Project Abstract: Memristive devices offer enormous advantages for non-volatile memories and neuromorphic computing, but there is a rising interest in using memristive technologies for security applications. Project MemCrypto aims at development and investigation of memristive cryptographic implementations, assessment and improvement of their security against physical attacks. This work focuses on combinational and sequential realizations of complete cryptographic circuits and complements earlier research on memristive physical unclonable functions and random number generators.

Within MemCrypto, simplified cryptographic circuits will be physically built out of novel electroforming-free memristive devices fabricated as wire-bonded line arrays using pulsed laser deposition. Physical attacks (side-channel analysis and fault injections) against memristive circuits will be studied, with a focus on identifying and characterizing novel attack mechanisms that do not exist in conventional CMOS technology. For instance, side-channel analysis could utilize effects of memristance and nonvolatility, and fault injections can target both memristive devices and their control logic. Three representative memristive logic families will be explored and low-level protections for information leakage reduction will be developed for all of them, as well as the development of combination of these low-level protections with higher-level masking. We will also perform an experimental comparative study with commercially available memristive devices (with requirement of an electroforming step) and with a CMOS implementation on an FPGA.

A further objective of MemCrypto is to develop electrical simulation models and simulation procedures suitable for security analysis before physical realization of a circuit. On the one hand, we will improve the accuracy of existing Spice-level simulation models by better reflecting switching performances in endurance and retention. On the other hand, we will devise mixed-level simulation procedures that balance between accuracy and simulation speed and are meant for evaluation of physical attacks in medium-size memristive circuits. Using such procedures, we will extend the findings gathered on reduced-scale physical implementations to fully-fledged cryptographic circuits.

MemCrypto is a tandem project that will strongly benefit from interdisciplinary collaboration of both applicants. Ilia Polian will provide competencies in hardware-oriented security, design of complex electronic circuits and mixed-level simulation algorithms. Nan Du, as a co-inventor of the electroforming free BiFeO3 based memristive device family exploited in MemCrypto, will contribute her knowledge in fabrication, characterization, optimization, modeling and simulation of memristive devices. Together, the applicants are a team that includes complementary abilities to holistically address all relevant security aspects of using memristive technologies for cryptographic circuits.

Project title: Verifiable Hardware Security for Out-of-Order Processors

Acronym: HaSPro

Principal Investigators:

• Thomas Eisenbarth, Universität zu Lübeck
• Wolfgang Kunz, RPTU Kaiserslautern-Landau

Project Staff:

• Tobias Jauch, RPTU Kaiserslautern-Landau
• Jonah Heller, Universität zu Lübeck
• Thore Tiemann, Universität zu Lübeck

Attribution within the Priority Program:

Area 2 "Hardware Security and Cryptography"

Area 3 "Secure Composition and Integration"

Interdisciplinary Group IG3 "Physical Attack Resilience"

Link to Project Website: https://www.its.uni-luebeck.de/forschung/haspro.html

Project Abstract: Transient Execution Side Channels (TES), including Spectre and Meltdown, pose continual security risks to modern computer systems, despite mitigation efforts. These vulnerabilities, exacerbated by the security-performance trade-off, are the focus of the HaSPro project. It concentrates on out-of-order processors with speculation and Trusted Execution Environments (TEEs), key for improved system security

In the first project phase, we successfully established Unique Program  Execution Checking (UPEC) for security analysis and scaled the methodology to advanced out-of-order processor architectures. We also  explored side channels that compromise the constant-time programming paradigm and developed UPEC-DIT that can provide security guarantees for data-oblivious computing. With respect to TEEs, phase 1 focused on identifying and mitigating vulnerabilities in prevalent TEE designs such as Intel SGX and AMD SEV, revealing a number of weaknesses  including ciphertext leakage and data-dependent execution. In phase 1 we developed tools like Microwalk-CI, which identifies data-dependent runtime behavior in large code bases, and Cipherfix, which automates the identification and protection of sensitive memory writes vulnerable to ciphertext side-channels.

HaSPro Phase 2 aims at developing new and highly efficient countermeasures against TES at different levels: hardware (HW), software (SW) and HW/SW interface. We investigate how HW-supported in-process isolation mechanisms can effectively counteract Spectre variants and whether these isolation barriers can be utilized by SW compartmentalization for automated and robust protection. We automate  the separation of potential Spectre gadgets from sensitive data using  compiler-based protection. At the HW level, we examine microarchitectural choices to support the proposed extensions to in-process isolation, leveraging formal methods to assure security guarantees. As an alternative to SW-based solutions, we also explore a fully HW-implemented architecture for secure speculation, using a secure-by-construction design methodology. In addition, we explore the combination of code compartmentalization with a partial probabilistic memory encryption engine to establish a new cost-latency tradeoff for TEE memory encryption, aiming for effective prevention of ciphertext side channels. All developed protection mechanisms will be analyzed for effectiveness and overheads and compared to existing countermeasures to evaluate the efficiency of the identified solutions, in order to provide better protection against the remaining attack surface on modern out-of-order processors.

Project title: Nanomaterial-based platform electronics for PUF circuits with extended entropy sources

Acronym: NANOSEC2

Principal Investigators:

• Sascha Hermann, TU Chemnitz
• Elif Bilge Kavun, Uni Passau
• Stefan Katzenbeisser, Uni Passau

Project Staff:
    Martin Schmid, Uni Passau
    Simon Böttger, TU Chemnitz

Available open position:

Attribution within the Priority Program: 

• Area 1 and 2 "Nano-electronics for Security" and "Hardware Security and Cryptography"
• Interdisciplinary Group IG1 and IG3 "Secret Generation" and "Physical Attack Resilience"

Link to Project Website: https://www.pids.uni-passau.de/en/projects/current-projects/

Project Abstract: In this project we investigate the potential of advanced NanoMaterial (NM) circuits manufactured in a modular platform technology to serve as Physical Unclonable Functions (PUFs) with enhanced properties. We will implement various entropy sources making use of the fact that NM-based FETs can be significantly manipulated by their environment and interface. This determines the FET characteristic and in case of charge traps hysteretic switching behavior. We will pursue nanocavities in the Carbon-NanoTube Field-Effect Transistor (CNTFET) structures to induce discrete modification of the gate architecture in order to further increase the entropy of the CNT-PUF. This enables quaternary PUFs with four distinct types of PUF cells, namely conducting, semiconducting, altered semiconducting, and non-conducting cells. We will also investigate configurable CNT-FET circuits to provide an even higher level of entropy, by tuning the hysteresis characteristics. Furthermore, we will examine cell selective erasability of the manufactured Circuit-PUFs, disallowing an attacker from accessing the inherent PUF secret in a low-cost manner. Building upon our previous works on non-invasive attacks against CNT-based PUFs, we will also test the resilience of the constructed CNT-PUFs against side-channel and fault-injection attacks.

Project title:   Secure Circuits through Inherent Reconfigurable FET

Acronym: SecuReFET II

Principal Investigators:

• Akash Kumar (TU Dresden)
• Thomas Mikolajick (NaMLab GmbH)

Project Staff: TBA

Available open position: TBA

Attribution within the Priority Program:

Link to Project Website:

Project title:   Scalable Side-Channel Immune Mirco-Architecture

Acronym: SSIMA

Principal Investigators:

• Amir Moradi (TU Darmstadt)

Project Staff: TBA

Available open position: TBA

Attribution within the Priority Program:

Link to Project Website:

Project title:  Secure Mixed-SIgnal Neural Networks

Acronym: SeMSiNN

Principal Investigators:

• Maurits Ortmanns (U Ulm)
• Ilia Polian (U Stuttgart)

Project Staff:

• Devanshi Upadhyaya, University of Stuttgart
• Maël Gay, University of Stuttgart
• Simon Wilhelmstätter, University of Ulm

Available open position:

Attribution within the Priority Program:

Link to Project Website:

Artificial intelligence (AI) has revolutionized our lives. Many popular AI applications, especially machine learning (ML) based on neural networks (NNs), demand intensive computations and are preferably run on heavyweight servers. However, there is an increasing interest in Edge AI, where resource-restricted “edge devices” perform computations themselves, with limited or no communication with a remote server. Edge AI offers a number of advantages: it saves power needed to transmit huge amounts of raw data; avoids potential communication delays; eliminates possible reliability issues especially when wireless links are used; and it evades security vulnerabilities due to eavesdropping or manipulation of the transmitted data. At the same time, the transition to Edge AI shifts the overall system’s attack surface, because edge devices are usually designed to be exposed to their users, thus giving potential attackers physical access to components on which sensitive data are stored and processed.

To reduce the energy demands of edge devices running NN-based applications, one promising line of research uses mixed-signal (MS) circuits instead of the “classical” purely-digital circuits. Therein, analog quantities, such as current and charge, are used to perform the required calculations. This transition in the compute paradigm poses new challenges and opportunities for hardware security.

This project aims to methodically approach the security of quantized and pruned convolutional neural-networks (CNNs) for power-constrained MS edge applications by providing suitable models, simulation tools, and network improvements on all hierarchy levels to optimize not only considering cost vs. accuracy but also including security.