Abstract
A printed circuit board (PCB) provides necessary mechanical support to an electronic system and acts as a platform for connecting electronic components. Counterfeiting and in-field tampering of PCBs have become significant security concerns in the semiconductor industry as a result of increasing untrusted entities in the supply chain. These counterfeit components may result in performance degradation, profit reduction, and reputation risk for the manufacturers. While Integrated Circuit (IC) level authentication using physical unclonable functions (PUFs) has been widely investigated, countermeasures at the PCB level are scarce. These approaches either suffer from significant overhead issues, or opportunistic counterfeiters can breach them like clockwork. Besides, they cannot be extended to system-level (both chip and PCB together), and their applications are also limited to a specific purpose (i.e., either counterfeiting or tampering). In this article, we introduce
- 2010. IPC PCB Executive Agent Task Force Optimistic About Efforts: Two Government Reports Recognize Vital Role of U.S. PCB Industry. SMTNet. https://smtnet.com/news/index.cfm?fuseaction=view_news&company_id=43114&news_id=8169.Google Scholar
- 2013. IEEE Standard for Test Access Port and Boundary-Scan Architecture. IEEE Standards Association. https://standards.ieee.org/standard/1149_1-2013.html.Google Scholar
- Yousra Alkabani and Farinaz Koushanfar. 2009. Consistency-based characterization for IC Trojan detection. In Proceedings of the International Conference on Computer-aided Design (ICCAD’09). ACM, New York, NY, 123–127. DOI:DOI:https://doi.org/10.1145/1687399.1687426 Google ScholarDigital Library
- N. Asadizanjani, M. Tehranipoor, and D. Forte. 2017. PCB reverse engineering using nondestructive x-ray tomography and advanced image processing. IEEE Trans. Compon., Packag. Manuf. Technol. 7, 2 (Feb. 2017), 292–299. DOI:DOI:https://doi.org/10.1109/TCPMT.2016.2642824Google Scholar
- ASSET InterTech., Inc.2017. Locks, Keys and Traps: Securing device JTAG interfaces. Retrieved from https://www.asset-intertech.com/resources/blog/2017/07/locks-keys-and-traps-securing-device-jtag-interfaces/.Google Scholar
- ASSET InterTech., Inc.2019. Securing the JTAG Interface. Retrieved from https://blog.asset-intertech.com/test_data_out/2019/07/securing-the-jtag-interface.html.Google Scholar
- A. Basak, F. Zhang, and S. Bhunia. 2015. PiRA: IC authentication utilizing intrinsic variations in pin resistance. In Proceedings of the IEEE International Test Conference (ITC’15). 1–8. DOI:DOI:https://doi.org/10.1109/TEST.2015.7342388Google Scholar
- Lawrence E. Bassham, III, Andrew L. Rukhin, Juan Soto, James R. Nechvatal, Miles E. Smid, Elaine B. Barker, Stefan D. Leigh, Mark Levenson, Mark Vangel, David L. Banks, Nathanael Alan Heckert, James F. Dray, and San Vo. 2010. SP 800-22 Rev. 1a. A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications. Technical Report. National Institute of Standards and Technology. Gaithersburg, MD. Google ScholarDigital Library
- Swarup Bhunia and Mark Tehranipoor. 2018. Hardware Security: A Hands-on Learning Approach (1st ed.). Morgan Kaufmann Publishers Inc., San Francisco, CA. Google ScholarDigital Library
- R. S. Chakraborty, S. Narasimhan, and S. Bhunia. 2009. Hardware Trojan: Threats and emerging solutions. In Proceedings of the IEEE International High Level Design Validation and Test Workshop. 166–171. DOI:DOI:https://doi.org/10.1109/HLDVT.2009.5340158Google Scholar
- Rodrick Cottrell and Dee C. Neuenschwander. 2017. System and apparatus for trusted and secure test ports of integrated circuit devices. US Patent 9,810,736.Google Scholar
- A. Das, Jean DaRolt, S. Ghosh, S. Seys, S. Dupuis, G. Natale, M. Flottes, B. Rouzeyre, and I. Verbauwhede. 2013. Secure JTAG implementation using schnorr protocol. J. Electron. Test. 29 (2013), 193–209. Google ScholarDigital Library
- Felix Domke. 2009. Blackbox JTAG reverse engineering. In Proceedings of the 26th Chaos Communication Congress (CCC’09). http://events.ccc.de/congress/2009/Fahrplan/attachments/1435_JTAG.pdf.Google Scholar
- European Commission Community Research and Development Information Service - CORDIS. 2013. Development of Novel X-ray Inspection System for Fast Automated Detection of Counterfeit PCB Components. Retrieved from https://cordis.europa.eu/result/rcn/58140_en.html.Google Scholar
- S. Ghosh, A. Basak, and S. Bhunia. 2015. How secure are printed circuit boards against trojan attacks?IEEE Des. Test 32, 2 (Apr. 2015), 7–16. DOI:DOI:https://doi.org/10.1109/MDAT.2014.2347918Google Scholar
- Joe Grand. 2005. Game Console Hacking: Have Fun While Voiding Your Warranty. Syngress. Google ScholarDigital Library
- Z. Guo, M. Tehranipoor, D. Forte, and J. Di. 2015. Investigation of obfuscation-based anti-reverse engineering for printed circuit boards. In Proceedings of the 52nd ACM/EDAC/IEEE Design Automation Conference (DAC’15). 1–6. DOI:DOI:https://doi.org/10.1145/2744769.2744862 Google ScholarDigital Library
- HackADay. 2008. Modchip. Retrieved from https://hackaday.com/2008/04/21/modchip-your-xbox-360-controller/Google Scholar
- J. R. Hamlet, M. T. Martin, and N. J. Edwards. 2017. Unique signatures from printed circuit board design patterns and surface mount passives. In Proceedings of the International Carnahan Conference on Security Technology (ICCST’17). 1–6. DOI:DOI:https://doi.org/10.1109/CCST.2017.8167796Google Scholar
- A. Hennessy, Y. Zheng, and S. Bhunia. 2016. JTAG-based robust PCB authentication for protection against counterfeiting attacks. In Proceedings of the 21st Asia and South Pacific Design Automation Conference (ASP-DAC’16). 56-61. DOI:DOI:https://doi.org/10.1109/ASPDAC.2016.7427989Google Scholar
- D. E. Holcomb, W. P. Burleson, and K. Fu. 2009. Power-Up SRAM state as an identifying fingerprint and source of true random numbers. IEEE Trans. Comput. 58, 9 (Sept. 2009), 1198–1210. DOI:DOI:https://doi.org/10.1109/TC.2008.212 Google ScholarDigital Library
- HuaLan Technology in China. [n.d.]. PCB Clone, PCB design, MCU Attack, PCB Manufacture, and PCB assembly. Retrieved from http://www.hualantech.com/pcb-clone.Google Scholar
- Intel Corp.1997. Embedded Pentium Processor Family - Developer’s Manual. Retrieved from http://datasheets.chipdb.org/Intel/x86/Pentium/Embedded%20Pentium%ae%20Processor/27320401.PDF/.Google Scholar
- Intel Corp.2021. Intel MAX 10 Clocking and PLL Overview. Retrieved from https://www.intel.com/content/www/us/en/programmable/documentation/mcn1395213337540.html.Google Scholar
- Taswar Iqbal and Kai-Dietrich Wolf. 2017. PCB surface fingerprints based counterfeit detection of electronic devices. Electron. Imag. 2017, 7 (2017), 144–149. DOI:DOI:https://doi.org/doi:10.2352/ISSN.2470-1173.2017.7.MWSF-338Google ScholarCross Ref
- Anirudh Iyengar and Swaroop Ghosh. 2018. Hardware Trojans and Piracy of PCBs. Springer International Publishing, Cham, 125–145. DOI:DOI:https://doi.org/10.1007/978-3-319-68511-3_6Google Scholar
- W. Jillek and W. K. C. Yung. 2005. Embedded components in printed circuit boards: A processing technology review. Int. J. Adv. Manuf. Technol. 25, 3 (01 Feb. 2005), 350–360. DOI:DOI:https://doi.org/10.1007/s00170-003-1872-yGoogle ScholarCross Ref
- J. Ju, R. Chakraborty, C. Lamech, and J. Plusquellic. 2013. Stability analysis of a physical unclonable function based on metal resistance variations. In Proceedings of the IEEE International Symposium on Hardware-Oriented Security and Trust (HOST’13). 143–150. DOI:DOI:https://doi.org/10.1109/HST.2013.6581580Google Scholar
- Abhranil Maiti, Vikash Gunreddy, and Patrick Schaumont. 2013. A Systematic Method to Evaluate and Compare the Performance of Physical Unclonable Functions. Springer New York, NY, 245–267. DOI:DOI:https://doi.org/10.1007/978-1-4614-1362-2_11Google Scholar
- A. Maiti and P. Schaumont. 2009. Improving the quality of a physical unclonable function using configurable ring oscillators. In Proceedings of the International Conference on Field Programmable Logic and Applications. Prague, Czech Republic, 703–707. DOI:DOI:https://doi.org/10.1109/FPL.2009.5272361Google Scholar
- University of Florida. 2016. HAHA SEP 1 User Manual. https://swarup.ece.ufl.edu/downloads/HAHA_User_Manual_10.pdf.Google Scholar
- Elif Ozkan, Nilay Elginoz, and Fatos Germirli Babuna. 2017. Life cycle assessment of a printed circuit board manufacturing plant in Turkey. Environ. Sci. Pollut. Res. 25, 27 (Sep. 2017), 26801–26808. DOI:DOI:https://doi.org/10.1007/s11356-017-0280-zGoogle Scholar
- S. Paley, T. Hoque, and S. Bhunia. 2016. Active protection against PCB physical tampering. In Proceedings of the 17th International Symposium on Quality Electronic Design (ISQED’16). 356–361. DOI:DOI:https://doi.org/10.1109/ISQED.2016.7479227Google Scholar
- Shahed Enamul Quadir and John A. Chandy. 2018. Low pass filter PUF: Authentication of printed circuit boards based on resistor and capacitor variations. Int. J. High Speed Electron. Syst. 27, 03n04 (2018), 1840021. DOI:DOI:https://doi.org/10.1142/S0129156418400219Google ScholarCross Ref
- Jan M. Rabaey. 1996. Digital Integrated Circuits: A Design Perspective. Prentice-Hall, Inc., Upper Saddle River, NJ. Google ScholarDigital Library
- K. Rosenfeld and R. Karri. 2010. Attacks and defenses for JTAG. IEEE Des. Test of Comput. 27, 1 (Jan. 2010), 36–47. DOI:DOI:https://doi.org/10.1109/MDT.2010.9 Google ScholarDigital Library
- H. Salmani, M. Tehranipoor, and J. Plusquellic. 2010. A layout-aware approach for improving localized switching to detect hardware Trojans in integrated circuits. In Proceedings of the IEEE International Workshop on Information Forensics and Security. 1–6. DOI:DOI:https://doi.org/10.1109/WIFS.2010.5711438Google Scholar
- Pranesh Santikellur, Aritra Bhattacharyay, and R. Chakraborty. 2019. Deep learning based model building attacks on arbiter PUF compositions. IACR Cryptol. ePrint Arch. (2019), 566.Google Scholar
- G. E. Suh and S. Devadas. 2007. Physical unclonable functions for device authentication and secret key generation. In Proceedings of the 44th ACM/IEEE Design Automation Conference. 9–14. Google ScholarDigital Library
- M. Tehranipoor and C. Wang. 2011. Introduction to Hardware Security and Trust. Springer New York, NY. 2011935539 Google ScholarDigital Library
- Tempo Automation. 2018. Avoiding Counterfeit Electronic Components on Your PCB. Retrieved from https://www.tempoautomation.com/blog/avoiding-counterfeit-electronic-components-on-your-pcb/.Google Scholar
- Gopal Vishwakarma and Wonjun Lee. 2018. Exploiting JTAG and its mitigation in IoT: A survey. Fut. Internet 10, 12 (2018), 121.Google ScholarCross Ref
- X. Wang, Y. Han, and M. Tehranipoor. 2019. System-level counterfeit detection using on-chip ring oscillator array. IEEE Trans. Very Large Scale Integ. Syst. 27, 12 (Dec. 2019), 2884–2896. DOI:DOI:https://doi.org/10.1109/TVLSI.2019.2930532Google Scholar
- L. Wei, C. Song, Y. Liu, J. Zhang, F. Yuan, and Q. Xu. 2015. BoardPUF: Physical unclonable functions for printed circuit board authentication. In Proceedings of the IEEE/ACM International Conference on Computer-Aided Design (ICCAD’15). 152–158. DOI:DOI:https://doi.org/10.1109/ICCAD.2015.7372563 Google ScholarDigital Library
- F. Zhang, A. Hennessy, and S. Bhunia. 2015. Robust counterfeit PCB detection exploiting intrinsic trace impedance variations. In Proceedings of the IEEE 33rd VLSI Test Symposium (VTS’15). 1–6. DOI:DOI:https://doi.org/10.1109/VTS.2015.7116294Google Scholar
- F. Zhang, S. D. Paul, P. Slpsk, A. R. Trivedi, and S. Bhunia. 2021. On database-free authentication of microelectronic components. IEEE Trans. Very Large Scale Integ. Syst. 29, 1 (2021), 149–161. DOI:DOI:https://doi.org/10.1109/TVLSI.2020.3039723Google ScholarCross Ref
- Y. Zheng, F. Zhang, and S. Bhunia. 2016. DScanPUF: A delay-based physical unclonable function built into scan chain. IEEE Trans. Very Large Scale Integ. Syst. 24, 3 (Mar. 2016), 1059–1070. DOI:DOI:https://doi.org/10.1109/TVLSI.2015.2421933 Google ScholarDigital Library
Index Terms
- SILVerIn: Systematic Integrity Verification of Printed Circuit Board Using JTAG Infrastructure
Recommendations
ScatterVerif: Verification of Electronic Boards Using Reflection Response of Power Distribution Network
The globalization of electronic systems’ fabrication has made some of our most critical systems vulnerable to supply chain attacks. Implanting spy chips on the printed circuit boards (PCBs) or replacing genuine components with counterfeit/recycled ones ...
JTAG Security System Based on Credentials
JTAG (Joint Test Access Group) is a powerful tool for the embedded system development environments. The features of JTAG, however, can be exploited by malicious users as a backdoor for launching attacks, an approach which now constitutes a major threat ...
Evaluation of delay PUFs on CMOS 65 nm technology: ASIC vs FPGA
HASP '13: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and PrivacyThis paper presents a comparative study of delay Physically Unclonable Functions (PUFs) designed in CMOS-65nm technology platforms: ASIC and FPGA (Xilinx Virtex-5). The performances are analyzed for two types of silicon PUFs, namely the arbiter and the ...
Comments