CAD-base

An attack vector into the electronics supply chain

Kanad Basu, Samah Mohamed Saeed, Christian Pilato, Mohammed Ashraf, Mohammed Thari Nabeel, Krishnendu Chakrabarty, Ramesh Karri

Research output: Contribution to journalArticle

Abstract

Fabless semiconductor companies design system-on-chips (SoC) by using third-party intellectual property (IP) cores and fabricate them in offshore, potentially untrustworthy foundries. Owing to the globally distributed electronics supply chain, security has emerged as a serious concern. In this article, we explore electronics computer-aided design (CAD) software as a threat vector that can be exploited to introduce vulnerabilities into the SoC. We show that all electronics CAD tools-high-level synthesis, logic synthesis, physical design, verification, test, and post-silicon validation-are potential threat vectors to different degrees. We have demonstrated CAD-based attacks on several benchmarks, including the commercial ARM Cortex M0 processor [1].

Original languageEnglish (US)
Article number38
JournalACM Transactions on Design Automation of Electronic Systems
Volume24
Issue number4
DOIs
StatePublished - Jan 1 2019

Fingerprint

Supply chains
Computer aided design
Electronic equipment
Foundries
Semiconductor materials
Silicon
Industry
System-on-chip
High level synthesis
Intellectual property core
Logic Synthesis

Keywords

  • Computer-aided design
  • Electronic design automation
  • Hardware security

ASJC Scopus subject areas

  • Computer Science Applications
  • Computer Graphics and Computer-Aided Design
  • Electrical and Electronic Engineering

Cite this

CAD-base : An attack vector into the electronics supply chain. / Basu, Kanad; Saeed, Samah Mohamed; Pilato, Christian; Ashraf, Mohammed; Nabeel, Mohammed Thari; Chakrabarty, Krishnendu; Karri, Ramesh.

In: ACM Transactions on Design Automation of Electronic Systems, Vol. 24, No. 4, 38, 01.01.2019.

Research output: Contribution to journalArticle

Basu, Kanad ; Saeed, Samah Mohamed ; Pilato, Christian ; Ashraf, Mohammed ; Nabeel, Mohammed Thari ; Chakrabarty, Krishnendu ; Karri, Ramesh. / CAD-base : An attack vector into the electronics supply chain. In: ACM Transactions on Design Automation of Electronic Systems. 2019 ; Vol. 24, No. 4.
@article{17d75843fc4249e79efd75a28d4686d3,
title = "CAD-base: An attack vector into the electronics supply chain",
abstract = "Fabless semiconductor companies design system-on-chips (SoC) by using third-party intellectual property (IP) cores and fabricate them in offshore, potentially untrustworthy foundries. Owing to the globally distributed electronics supply chain, security has emerged as a serious concern. In this article, we explore electronics computer-aided design (CAD) software as a threat vector that can be exploited to introduce vulnerabilities into the SoC. We show that all electronics CAD tools-high-level synthesis, logic synthesis, physical design, verification, test, and post-silicon validation-are potential threat vectors to different degrees. We have demonstrated CAD-based attacks on several benchmarks, including the commercial ARM Cortex M0 processor [1].",
keywords = "Computer-aided design, Electronic design automation, Hardware security",
author = "Kanad Basu and Saeed, {Samah Mohamed} and Christian Pilato and Mohammed Ashraf and Nabeel, {Mohammed Thari} and Krishnendu Chakrabarty and Ramesh Karri",
year = "2019",
month = "1",
day = "1",
doi = "10.1145/3315574",
language = "English (US)",
volume = "24",
journal = "ACM Transactions on Design Automation of Electronic Systems",
issn = "1084-4309",
publisher = "Association for Computing Machinery (ACM)",
number = "4",

}

TY - JOUR

T1 - CAD-base

T2 - An attack vector into the electronics supply chain

AU - Basu, Kanad

AU - Saeed, Samah Mohamed

AU - Pilato, Christian

AU - Ashraf, Mohammed

AU - Nabeel, Mohammed Thari

AU - Chakrabarty, Krishnendu

AU - Karri, Ramesh

PY - 2019/1/1

Y1 - 2019/1/1

N2 - Fabless semiconductor companies design system-on-chips (SoC) by using third-party intellectual property (IP) cores and fabricate them in offshore, potentially untrustworthy foundries. Owing to the globally distributed electronics supply chain, security has emerged as a serious concern. In this article, we explore electronics computer-aided design (CAD) software as a threat vector that can be exploited to introduce vulnerabilities into the SoC. We show that all electronics CAD tools-high-level synthesis, logic synthesis, physical design, verification, test, and post-silicon validation-are potential threat vectors to different degrees. We have demonstrated CAD-based attacks on several benchmarks, including the commercial ARM Cortex M0 processor [1].

AB - Fabless semiconductor companies design system-on-chips (SoC) by using third-party intellectual property (IP) cores and fabricate them in offshore, potentially untrustworthy foundries. Owing to the globally distributed electronics supply chain, security has emerged as a serious concern. In this article, we explore electronics computer-aided design (CAD) software as a threat vector that can be exploited to introduce vulnerabilities into the SoC. We show that all electronics CAD tools-high-level synthesis, logic synthesis, physical design, verification, test, and post-silicon validation-are potential threat vectors to different degrees. We have demonstrated CAD-based attacks on several benchmarks, including the commercial ARM Cortex M0 processor [1].

KW - Computer-aided design

KW - Electronic design automation

KW - Hardware security

UR - http://www.scopus.com/inward/record.url?scp=85065613918&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85065613918&partnerID=8YFLogxK

U2 - 10.1145/3315574

DO - 10.1145/3315574

M3 - Article

VL - 24

JO - ACM Transactions on Design Automation of Electronic Systems

JF - ACM Transactions on Design Automation of Electronic Systems

SN - 1084-4309

IS - 4

M1 - 38

ER -