Upload
others
View
3
Download
0
Embed Size (px)
Citation preview
Boston University Slideshow Title Goes Here
Yunsi Fei, Professor Department of Electrical and Computer Engineering
Northeastern University Energy-efficient and
Secure System Lab (NUEESS)
Power-friendly Countermeasures Preventing Software Side-channel Attacks
NSF I/UCRC on Energy-smart Electronic Systems Planning
Boston University Slideshow Title Goes Here
Security vs. Energy Efficiency
2
Security Energy Efficiency
Boston University Slideshow Title Goes Here
Energy-efficiency Research Spanning processor computer architecture, embedded systems, sensor networks, and cyber-physical systems q Energy-efficient application-specific processor (ASIP) design (NSF 2006 – 2010)
Ø In-core accelerator – architecture and application co-generation
q Energy-efficient networking protocols for underwater sensor networks (ONR 2010 – 2015)
Ø Routing and MAC, machine-learning optimization and prediction q Management and optimization in cyber-physical systems: microgrids and PHEVs
Ø Co-management of energy demand, alternative energy generation, and storage
3
Boston University Slideshow Title Goes Here
Hardware Security Research & Development q Hardware-assisted security (NSF CAREER 2009-2014)
Ø Processor augmentation for software security – code and data integrity, and memory controller to mitigate denial-of-service (DoS) attack – availability
q Hardware-exacerbated security: side-channel leakage (NSF SaTC, SRC, ADI, 2009 - current) Ø Attack: analysis of power, timing, and fault Ø Countermeasures: automated software countermeasures Ø Metrics, modeling, and security evaluation Ø Testbed - TeSCASE
4
Boston University Slideshow Title Goes Here
Interaction: Security and Energy Efficiency q Notion 1: many existing techniques for performance
(energy efficiency) present challenges for security Ø E.g., unbalanced branches, GPU on-chip coalescing unit, multiple
banks for GPU shared memory
q Notion 2: security countermeasures have to be low-power and lightweight, especially for embedded systems, mobile systems, and IoT devices
5
Boston University Slideshow Title Goes Here
Resistance Against Side-channel Attacks on GPUs
q Multi-level Protection Ø Software obfuscation
Ø Power balancing threads in a warp
Ø Compiler-assisted modification Ø Register allocation for hiding power signals Ø Register preloading with random values Ø Temporary power hiding with random dummy instructions
Ø Hardware (microarchitecture) techniques to add side-channel noise Ø Temporal coalescing – randomizing the window size Ø Randomize warp dispatching
6
Boston University Slideshow Title Goes Here
Proposed Project q Lightweight hardware primitives for security at the edge of IoT Ø Power analysis attack resistant security engines for IoT
v Focus on power supply – voltage regulator v Low-power v Area efficient v Scalable
7
Boston University Slideshow Title Goes Here
Preliminary Results
8
Boston University Slideshow Title Goes Here
TeSCASE – Testbed for Side-Channel Analysis and Security Evaluation
9
TeSCASE Software
DUT Interface Control
Acquisition Library
Tools/Sim Interface Analysis Library
Control Board Interface to DUT
TeSCASE Hardware
Acquisition
System Specification:
Software cipher, HDL, Netlist, Layout
Device under Test
(DUT) User-supplied Equipment & System
q NSF Major Research Instrumentation (2013 - 2018)
http://tescase.coe.neu.edu
Boston University Slideshow Title Goes Here
Hardware Platform q Various target systems: FPGAs (SASEBO-GII board),
smart card (SASEBO-W board), DSP, GPUs q Lab equipment
Ø Riscure test set Ø High-speed oscilloscope
v LeCroy WaveRunner 640 Zi (4GHz, 40GS/s) v Agilent MSO 4104A (1GHz)
Ø Electro-magnetic probes
10
Boston University Slideshow Title Goes Here
NSF I/UCRC – Center for Hardware and Embedded Systems Security and Trust (CHEST)
Ø Partnership between NU, U. of Connecticut, University of Virginia, Wright State U., UT Dallas, and George Mason U.
Ø Fei is PI of the Northeastern I/UCRC site. Faculty members across ECE and CCIS – Kaeli, Kim, Noubir, Oprea, and Nita-Rotaru.
11
Boston University Slideshow Title Goes Here
Acknowledgments q Collaborators
Ø NU: Adam Ding, Dave Kaeli, Thomas Wahl, Aatmesh Shrivastava, Miriam Leeser
Ø WPI: Thomas Eisenbarth
12
Miriam LeeserECE
David KaeliECE
Adam DingMathematics
Thomas WahlCCIS
Thomas EisenbarthWPI ECE
Aatmesh Shrivastava
ECE
Boston University Slideshow Title Goes Here
Acknowledgments q Students
Ø PhD students: Konstantinos Athanasiou, Rasit Mete Esrefoglu, Ritesh Gupta, Zhen Hang Jiang, Chao Luo, Saoni Mukherjee, Majid Sabbagh, Ziyue Zhang
Ø Alumni: Qiasi Luo, Juan Carlos Martinez Santos, Pei Luo, Liwei Zhang, Bingnan Jiang, Yu Han, Xuan Guan, Hai Lin, Xin Fang
Ø Undergraduate students: Louie Liu, Neel Shah, Tushar Swamy, Harrison Dimmig
13
Boston University Slideshow Title Goes Here
Acknowledgments q Security Funding
1. NSF/SRC STARSS: Side-channel analysis and resilience targeting accelerators (2016 – 2019)
2. NSF SaTC TWC: Medium: Automating countermeasures and security evaluation against software side-channel attacks (2016 – 2019)
3. NSF SaTC TWC: Medium: A unified statistics-based framework for side-channel attack analysis and security evaluation of cryptosystems (2013 – 2017)
4. NSF MRI: Development of a testbed for side-channel analysis and security evaluation –TeSCASE (2013 – 2018)
5. NSF CAREER: Architectural enhancement and design methodology for secure processing (2009 – 2014)
6. Analog Devices: Embedded hardware-based security and side channel analysis (2014 – current)
14
Boston University Slideshow Title Goes Here
Acknowledgments q Energy-efficiency Funding
1. NSF CCF: A multi-level/multi-faceted framework for energy-efficient application specific instruction set professor synthesis (2006 – 2010)
2. ONR: ARTS: Adaptive, RobusT, and Sustainable networking for undersea distributed sensor systems (2010 – 2015)
15