ECE 459/559 Secure & Trustworthy Computer Hardware Design Nanoelectronics Meets Security

advertisement
ECE 459/559
Secure & Trustworthy
Computer Hardware Design
Nanoelectronics Meets Security
Garrett S. Rose
Spring 2016
Outline
●
A Nano Overview
●
Memristors and Memristive Systems
●
Hardware Security using Memristors
A Brick Wall for Scaling
●
●
●
CMOS scaling expected to hit “the red brick wall” within a decade...
so we've been told for decades
Scaling limits come as device feature size scales beyond 22nm (at
one point this slide said 90nm)
Some challenges: increased leakage, parameter variations,
dominant quantum effects and lithography limitations
CMOS = Complimentary Metal Oxide Semiconductor
A Brick Wall for Scaling
●
●
●
CMOS scaling expected to hit “the red brick wall” within a decade...
so we've been told for decades
Scaling limits come as device feature size scales beyond 22nm (at
one point this slide said 90nm)
Some challenges: increased leakage, parameter variations,
dominant quantum effects and lithography limitations
CMOS = Complimentary Metal Oxide Semiconductor
Must Uphold Moore's Law!
Processing power, measured in millions of instructions per second (MIPS), has
risen because of increased transistor counts.
Applications Drive Architecture
Source: J. Davis, “Exploring NanoComputing,” USC Nano Center Symposium, 2003
Beyond Faster Computers:
Novel Applications Emerge
●
●
Many novel nanotechnologies are emerging
--similar to the many species that emerged in Cambrian Era
We can expect one (or a few) technologies will prevail
Charles Lieber’s Nanosensors
“Buckyballs”
Medical Imaging
Drug Delivery
Lab-on-Chip
(STMicro)
Beyond Faster Computers:
Novel Applications Emerge
●
●
Many novel nanotechnologies are emerging
--similar to the many species that emerged in Cambrian Era
We can expect one (or a few) technologies will prevail
And if you like computers?
Charles Lieber’s Nanosensors
…
maybe novel forms of computing ...
“Buckyballs”
Medical Imaging
Drug Delivery
Lab-on-Chip
(STMicro)
A Nanoelectronic Device: Memristor
●
●
●
A “recently discovered device property”: memristance
A memristor (“memory resistor”) similar to variable resistor that
can be made to operate in one of many states
Many interesting applications: nanoscale digital logic, memory
(next-gen Flash), neuromorphic computing
Memristor Device Theory
●
●
●
Ex.: TiO2 based memristors consist of two regions:
– TiO2 or “undoped” region
– TiO2-x or “doped” region
Ions migrate between regions with applied E-field
– Moves the barrier at w
Typical model consists of two series resistors, Ron and Roff
M (w)=
w
w
R on +(1− ) Roff
D
D
Ref.: D. B. Strukov, et al., “The missing memristor found,” Nature, May 2008.
Memristor Device Theory
●
For simplicity, I-V characteristics assume linear drift diffusion
NOTE: Experimental results suggest drift velocity is non-linear*
R on
dw
v = =uE=u
i(t)
dt
D
●
Integrating above and substituting into M(w), memristance found
as a function of charge q:
uR on
M (q)=R on−(Roff −R on)⋅ 2 q (t)
D
*Ref.: D. B. Strukov, et al., “Exponential ionic drift,” Appl. Phys. A,2009.
†Ref.: Y. N. Joglekar et al., “The elusive memristor: prop. of basic elect. Circuits,” arXiv, 2009.
Memristors and Hardware Security
What do memristors have to do with hardware security?
Memristors and Hardware Security
●
●
Potential security advantages of memristors:
–
Low-power operation may mitigate power analysis attacks
–
Filament formation requirement could be useful for simple
tamper detection – was the device formed or not?
–
High degree of variability useful for unique signatures
Potential security concerns of memristors:
–
Depending of use, non-volatility of memristive memory may
reveal secrets
Potential Security Uses of Memristors
•
Anti-Tamper or Tamper Detection:
– Memristors require “burn-in” to function properly
– If a new circuit has memristors already functioning from fab, it is likely
the circuit has been tampered with
•
Unique Identifiers and PUFs:
– PUF (Physical Unclonable Function) is hardware that produces function
easy to evaluate but hard to predict
– High variability of nanoscale memristors can be leveraged for dense,
nanoscale PUF circuits
•
Side-Channel Attack Mitigation:
– Many nanoscale memristors exhibit low active power such that activity
can be obscured by standby power of CMOS
Potential Security Uses of Memristors
•
Anti-Tamper or Tamper Detection:
– Memristors require “burn-in” to function properly
– If a new circuit has memristors already functioning from fab, it is likely
the circuit has been tampered with
•
Unique Identifiers and PUFs:
– PUF (Physical Unclonable Function) is hardware that produces function
easy to evaluate but hard to predict
– High variability of nanoscale memristors can be leveraged for dense,
nanoscale PUF circuits
•
Side-Channel Attack Mitigation:
– Many nanoscale memristors exhibit low active power such that activity
can be obscured by standby power of CMOS
Tamper Detection with Memristors:
“Trust, But Verify”
•
•
Various forms of RRAM (including memristors) typically require
initialization or “burn-in” before they can switch
Consider a memristor with voltage Vappl applied across it
– Vappl > Vburn triggers burn-in, after it can switch
– Vappl > Vtog,p switches from high to low resistance
– Vappl < Vtog,n switches from low to high resistance
I
Before Burn-In:
+
Memristor
Vappl
-
memristor = resistor
(doesn’t switch)
Vtog,n
V
Vtog,p Vburn
Tamper Detection with Memristors:
“Trust, But Verify”
•
•
Various forms of RRAM (including memristors) typically require
initialization or “burn-in” before they can switch
Consider a memristor with voltage Vappl applied across it
– Vappl > Vburn triggers burn-in, after it can switch
– Vappl > Vtog,p switches from high to low resistance
– Vappl < Vtog,n switches from low to high resistance
I
Burn-In:
+
Memristor
Vappl
-
Onset of memristive
behavior
Vtog,n
Vtog,p Vburn
Tamper Detection with Memristors:
“Trust, But Verify”
•
•
Various forms of RRAM (including memristors) typically require
initialization or “burn-in” before they can switch
Consider a memristor with voltage Vappl applied across it
– Vappl > Vburn triggers burn-in, after it can switch
– Vappl > Vtog,p switches from high to low resistance
– Vappl < Vtog,n switches from low to high resistance
I
After Burn-In:
+
Memristor
Vappl
-
Memristor for life
Vtog,n
V
Vtog,p Vburn
A Tamper Detection Strategy
•
Write memristor(s) with known value A (e.g., all 0’s) by exceeding
Vtog,p or Vtog,n but not Vburn
•
•
Read value of memristor(s), store in temporary memory
Write memristor(s) with complementary known value not(A) (e.g.,
all 1’s)
Read value of memristor(s), store in temporary memory
Compare, probably XOR, results of two reads
•
•
•
If XOR comparison, a result other than 0 suggests the circuit has
been tampered with
Potential Security Uses of Memristors
•
Anti-Tamper or Tamper Detection:
– Memristors require “burn-in” to function properly
– If a new circuit has memristors already functioning from fab, it is likely
the circuit has been tampered with
•
Unique Identifiers and PUFs:
– PUF (Physical Unclonable Function) is hardware that produces function
easy to evaluate but hard to predict
– High variability of nanoscale memristors can be leveraged for dense,
nanoscale PUF circuits
•
Side-Channel Attack Mitigation:
– Many nanoscale memristors exhibit low active power such that activity
can be obscured by standby power of CMOS
N-bit Memristive PUF
●
●
●
●
●
N-bit PUF similar to arrayed
memory
Much of the selection circuitry is
shared
Performance estimated via
Monte Carlo simulations
M-PUF simulation based on 7.1
us write-time
Uniqueness, uniformity, & bitaliasing compared to results for
CMOS PUF circuits
G.S. Rose et al., “A Write-Time based Memristive PUF for HW Security,” ICCAD, 2013.
*Ref.: A. Maiti and P. Schaumont, “Improved Ring Oscillator PUF,” J. of Cryptology, 2011.
“Racing” Memristive Write-Time
●
●
●
●
Avoid response based on absolute
write-time
The write-times of pairs of
memristors compared
Arbiter used determines which
memristor written to first
Multiple pairs can “race” in
parallel to generate multiple
response bits
Determining Relative Write-Time for
Generating Responses
●
●
●
●
Fast clock nudges memristors
toward low resistance
Desire write-times that require
multiple cycles
Half-cycle write, other half used
to read and compare
Process stops when at least one
memristor in all pairs has reached
low resistance state
Crossbar-based Memristive PUF
●
●
●
●
Memristors in column
considered as unit
Challenge bits directly
involved in write process
Of N rows, N/2 rows write
while other hold steady
-- based on challenge
Response generated when
effective resistance of
column is reduced
G.S. Rose & C.A. Meade, “Performance of Memristive Crossbar PUF Design,” DAC 2015.
Security Performance
●
●
●
Security considered for different circuit parameters: write voltage,
read voltage and load resistance
Different memristor device threshold voltages also considered
Entropy, uniqueness and uniformity near ideal for different
conditions
G.S. Rose & C.A. Meade, “Performance of Memristive Crossbar PUF Design,” DAC 2015.
Fundamental Security Limits for
von Neumann Architectures?
•
•
•
von Neumann computer
architecture: unified memory for
instructions and data
Simplicity is key – practically all
modern computers based on this
Simplicity could also lead to
security vulnerabilities
Memory
Control Unit
Arithmetic
Logic Unit
Input
Output
Generic von Neumann Architecture
Unconventional, non-von Neumann architectures may provide improved
security due to increased functional complexity
Non-Traditional Approaches
•
•
Nanoelectronics expected enabler for novel computer architectures
Example: Neuromorphic Computing
– Memristors explored as synapses in dense, low-power neural networks
•
Another example: Chaos Computing
– Harness evolutionary nature of nanoscale devices to build chaotic
oscillators
– Use chaotic oscillators for chaotic architectures
•
Some non-von Neumann Architectures may be particularly well
suited for improved security
– Neuromorphic – naturally obscured operations
– Chaos Computing – chaotic side-channel signals
A “Nano-Enabled” Architecture:
Neuromorphic Computing
•
•
We have yet to completely decipher the functionality and data stored
in a human brain
Why is this?
– Training, not programming
– Simultaneous sensitivity
and tolerance to variations
– Data stored stochastically?
– Each brain is unique
•
Memristors are being explored
as potential nanoscale artificial
synapses for dense neural networks
J. Rajendran et al., “Memristor programmable threshold logic array,” NANOARCH 2010.
G. Rose et al., “Memristive Sys. in Constr. of Logic & Architectures,” Proc of IEEE, 2012.
Summary
●
Nanoelectronic devices (e.g. memristors) and circuits exhibit
several features that can leveraged in secure systems:
–
–
–
●
●
●
Low-power operation – mitigate side-channel attacks
Required burn-in – tamper detection
Variability – unique identifiers
Simple write-read-write-read strategies can be employed to use
memristive devices to detect tamper events
Memristive physical unclonable functions (PUFs) harness intrinsic
process variations to produce IC “fingerprint”
Emerging secure computing systems can be integrated with mix of
various CMOS-nano security strategies
Download