Education Class 10
Title: High-Level Approaches to Hardware Security
Instructor: Ramesh Karri, NYU
Abstract: Designers use third-party intellectual property (IP) cores and outsource various steps in the integrated circuit (IC) design and manufacturing flow. As a result, security vulnerabilities have been rising. This is forcing IC designers and end users to re-evaluate their trust in ICs. If attackers get hold of an unprotected IC, they can reverse engineer the IC and pirate the IP. Similarly, if attackers get hold of a design, they can insert malicious circuits and backdoors into the design. Unintended design bugs can also result in security weaknesses.
The first part of the class will outline High-Level Design for Trust techniques to prevent these and similar attacks: Locking/Obfuscation and Secure Sourcing of IPs for High-Level Integration. Locking/Obfuscation implements a built-in obfuscation mechanism in ICs to prevent reverse engineering. Secure sourcing can thwart Trojan insertion in 3rd party Intellectual Properties. The second part of the class will discuss hardware security bugs, focusing on the recent common weakness enumeration (CWE) list for hardware design. We will wrap up by pointing out why hardware security is an essential objective from economics, security, and safety aspects and offer a vision of the emerging directions in hardware cybersecurity.
Bio: Ramesh Karri is a Professor of Electrical and Computer Engineering at Tandon School of Engineering, New York University. He has a Ph.D. in Computer Science and Engineering, from the University of California at San Diego. His research and education activities span hardware cybersecurity including trustworthy ICs, processors and cyberphysical systems; security-aware computer aided design, test, verification, validation and reliability; nano meets security; metrics; benchmarks; hardware cybersecurity competitions; additive manufacturing security.
He has over 200 journal and conference publications including tutorials on Trustworthy Hardware in IEEE Computer (2) and Proceedings of the IEEE (5). His groups work on hardware cybersecurity was nominated for best paper awards (ICCD 2015 and DFTS 2015) and received awards at conferences (ITC 2014, CCS 2013, DFTS 2013 and VLSI Design 2012) and at competitions (ACM Student Research Competition at DAC 2012, ICCAD 2013, DAC 2014, ACM Grand Finals 2013, Kaspersky Challenge and Embedded Security Challenge).
He was the recipient of the Humboldt Fellowship and the National Science Foundation CAREER Award. He is the area director for cyber security of the NY State Center for Advanced Telecommunications Technologies at NYU-Poly; Co-founded the NYU Center for CyberSecurity -CCS (cyber.nyu.edu), co-founded the Trust-Hub (trust-hub.org/) and founded and organizes the Embedded Security Challenge, the annual red team blue team event at NYU, (www.nyu.edu/csaw2016/csaw-embedded).
He co-founded the IEEE/ACM Symposium on Nanoscale Architectures (NANOARCH). He served as program/general chair of conferences including IEEE International Conference on Computer Design (ICCD), IEEE Symposium on Hardware Oriented Security and Trust (HOST), IEEE Symposium on Defect and Fault Tolerant Nano VLSI Systems (DFTS) NANOARCH, RFIDSEC 2015 and WISEC 2015. He serves on several program committees (DAC, ICCAD, HOST, ITC, VTS, ETS, ICCD, DTIS, WIFS).
He was the Associate Editor of IEEE Transactions on Information Forensics and Security (2010-2014), IEEE Transactions on CAD (2014-present), ACM Journal of Emerging Computing Technologies (2007-present), ACM Transactions on Design Automation of Electronic Systems (2014-present), IEEE Access (2015-present), IEEE Transactions on Emerging Technologies in Computing (2015-present), IEEE Design and Test (2015-present) and IEEE Embedded Systems Letters (2016-present). He served as an IEEE Computer Society Distinguished Visitor (2013-2015). He is on the Executive Committee of IEEE/ACM Design Automation Conference initiating and leading the Security@DAC initiative (2014-2017). He has delivered invited keynotes, talks, and tutorials on Hardware Security and Trust (ESRF, DAC, DATE, VTS, ITC, ICCD, NATW, LATW, CROSSING etc).