Malicious modifications to integrated circuits — called hardware trojans — can disrupt wireless communication and leak sensitive information, and the threat is expected to grow as wireless phones and other devices evolve.
Two University of Texas at Dallas engineers received a three-year, $1 million grant from the National Science Foundation (NSF) to investigate how to improve detection and removal of hardware trojans and how to make integrated circuits (IC) more resilient. Dr. Aria Nosratinia, the Erik Jonsson Distinguished Professor of electrical and computer engineering in the Erik Jonsson School of Engineering and Computer Science, is principal investigator for the grant, and Dr. Yiorgos Makris, professor of electrical and computer engineering, is co-principal investigator.
The grant is part of a $37 million NSF initiative called Resilient and Intelligent Next-Generation Systems (RINGS), a public-private partnership aimed at accelerating the translation of research findings into new technologies. The program includes other universities, government agencies and industry partners, including Apple Inc., Ericsson, Google, IBM Corp., Intel Corp., Microsoft Corp., Nokia Corp., Qualcomm Inc. and VMware Inc. Industry partners are not involved in the UT Dallas research but might collaborate in the future.
Hardware trojans, once considered improbable, have become a threat because of the fragmentation of the integrated circuit design and manufacturing supply chain, Nosratinia said. The design for integrated circuits typically is sent to overseas fabrication facilities where small, unauthorized changes could be inserted. For example, a hardware trojan could share information, such as credit card numbers, meant to be protected by a cryptographic key, he said.
“We are already seeing many inexpensive wireless-connected devices introduced into the market whose ICs may have come from any number of sources, and their security is difficult to verify or guarantee,” Nosratinia said. “We also are entrusting more and more of our data to wireless links. This creates an ecosystem where hardware vulnerabilities are rife to be exploited for various forms of harmful or illegal activity.”
Nosratinia and Makris were the first to demonstrate the threat of wireless hardware trojans in a 2017 study and received a first-place award for the research at the 2018 IEEE International Symposium on Hardware Oriented Security and Trust.
A global computer chip shortage that began during the COVID-19 pandemic has led to efforts to bring more semiconductor manufacturing back to the U.S., including incentives from the federal government contained in the CHIPS and Science Act of 2022. Plans are underway in North Texas to build two semiconductor facilities, which are expected to boost the region’s position in the industry.
While increasing U.S. chip manufacturing is an important step toward improving the supply chain as well as semiconductor security, Makris said domestic manufacturing cannot solve the problem completely.
“The reality remains that there are so many technology nodes and so many ICs in any communication product that it is essentially impossible to ensure security and trust through policy,” he said.
Makris is site director at UTD for the Center for Hardware and Embedded Systems Security and Trust (CHEST), an NSF Industry-University Cooperative Research Center, one of 23 nationwide focused on information, communication and computing.