Hardware Trojans in Wireless Networks

Abstract

The area of hardware security has received intense scrutiny in recent years due to outsourcing of semiconductor device manufacturing, use of third party Intellectual Properties (IPs) in the fabricated design, Electronic Design Automation (EDA) tools and software from different vendors, etc. Therefore, there is a general notion that the IC supply chain isn’t as secure as it used to be. This problem is further aggravated by the fact that the cost of having a fully trusted supply chain is too expensive. As a result, government entities, the semiconductor industry and academic groups have spent a lot of time and effort to secure the IC supply chain. Over the past decade, the area of hardware security has seen a lot of research activity, mainly focusing on the digital domain, addressing the design and development of secure microprocessors. However, little has been done in the Analog/RF design space including wireless networks. Therefore, in this research work, security vulnerabilities in wireless networks are explored, covering a broad design space spanning from the baseband to the Analog/RF front-end of a wireless device. The proposed approach is to first develop a metric to quantify the hardware Trojan threat in wireless devices. Next, the design space in a wireless device is explored to identify blocks that possess vulnerabilities that can be represented in terms of the defined metric. For each of the identified vulnerabilities, a theoretical analysis of the hardware Trojan threat is performed, followed by simulation and experimental evaluation of the Trojan’s impact on a user communication link. Accordingly, Trojan-agnostic defense techniques are developed to prevent these classes of hardware Trojan attacks and their effectiveness is evaluated under practical operating conditions.