research-article

Hardware Security Risks and Threat Analyses in Advanced Manufacturing Industry

Authors:

Mohammad Monjur,

Joshua Calzadillas,

Qiaoyan YuAuthors Info & Claims

ACM Transactions on Design Automation of Electronic Systems, Volume 28, Issue 5

Article No.: 83, Pages 1 - 22

https://doi.org/10.1145/3603502

Published: 09 September 2023 Publication History

Abstract

The advanced manufacturing industry (AMI) faces many unique challenges from the cyber-physical domain. Security threats are originated from two integral parts: software and hardware. Over the past decade, software security has been addressed extensively, but hardware security has not received enough attention. This work analyzes the security vulnerabilities of typical electronic devices deployed to AMI and proposes three attack models for sensing nodes, local storage and processing edge devices, and wired/wireless communication interfaces, respectively. Practical security attacks on hardware are demonstrated in this work to inspire the development of feasible countermeasures against hardware Trojans, fault injection attacks, and external signal interference. Moreover, this work highlights the unique security challenges posed by advanced manufacturing applications. To mitigate those security attacks in AMI, this work suggests guidelines for the defense method design that can effectively protect the hardware in AMI.

References

[1]

Mujaheed Abdullahi, Yahia Baashar, Hitham Alhussian, Ayed Alwadain, Norshakirah Aziz, Luiz Fernando Capretz, and Said Jadid Abdulkadir. 2022. Detecting cybersecurity attacks in Internet of Things using artificial intelligence methods: A systematic literature review. Electronics 11, 2 (2022). DOI:

[2]

Angelos Antonopoulos, Christiana Kapatsori, and Yiorgos Makris. 2017. Security and trust in the analog/mixed-signal/RF domain: A survey and a perspective. In 2017 22nd IEEE European Test Symposium (ETS’17). 1–10. DOI:

[3]

Ons Aouedi, Kandaraj Piamrat, Guillaume Muller, and Kamal Singh. 2023. Federated semisupervised learning for attack detection in industrial Internet of Things. IEEE Transactions on Industrial Informatics 19, 1 (2023), 286–295. DOI:

[4]

Emekcan Aras, Nicolas Small, Gowri Sankar Ramachandran, Stéphane Delbruel, Wouter Joosen, and Danny Hughes. 2017. Selective jamming of LoRaWAN using commodity hardware. In Proceedings of the 14th EAI International Conference on Mobile and Ubiquitous Systems: Computing, Networking and Services. 363–372.

Digital Library

[5]

Daniel S. Berman, Anna L. Buczak, Jeffrey S. Chavis, and Cherita L. Corbett. 2019. A survey of deep learning methods for cyber security. Information 10, 4 (2019). DOI:

[6]

Christian Cavallo. 2022. What is Advanced Manufacturing? (2022). Retrieved Feb. 2022 from https://www.thomasnet.com/articles/services/what-is-advanced-manufacturing.

[7]

Doohwang Chang, Bertan Bakkaloglu, and Sule Ozev. 2015. Enabling unauthorized RF transmission below noise floor with no detectable impact on primary communication performance. In 2015 IEEE 33rd VLSI Test Symposium (VTS’15). 1–4. DOI:

[8]

Baotong Chen, Jiafu Wan, Lei Shu, Peng Li, Mithun Mukherjee, and Boxing Yin. 2018. Smart factory of industry 4.0: Key technologies, application case, and challenges. IEEE Access 6 (2018), 6505–6519.

[9]

Chang-Sic Choi, Jin-Doo Jeong, Il-Woo Lee, and Wan-Ki Park. 2018. LoRa based renewable energy monitoring system with open IoT platform. In 2018 Intl. Conf. on Electronics, Info., and Communication. 1–2.

[10]

Lucian Cojocar, Kaveh Razavi, Cristiano Giuffrida, and Herbert Bos. 2019. Exploiting correcting codes: On the effectiveness of ECC memory against rowhammer attacks. In 2019 IEEE Symposium on Security and Privacy (SP’19). 55–71. DOI:

[11]

Angelo Corallo, Mariangela Lazoi, Marianna Lezzi, and Pierpaolo Pontrandolfo. 2021. Cybersecurity challenges for manufacturing systems 4.0: Assessment of the business impact level. IEEE Transactions on Engineering Management (2021), 1–21. DOI:

[12]

Jonathan Cruz, Yuanwen Huang, Prabhat Mishra, and Swarup Bhunia. 2018. An automated configurable Trojan insertion framework for dynamic trust benchmarks. In 2018 Design, Automation & Test in Europe Conference & Exhibition (DATE’18). 1598–1603. DOI:

[13]

Antonio João Gonçalves de Azambuja, Christian Plesker, Klaus Schützer, Reiner Anderl, Benjamin Schleich, and Vilson Rosa Almeida. 2023. Artificial intelligence-based cyber security in the context of industry 4.0—A survey. Electronics 12, 8 (2023). DOI:

[14]

Chao Gao, Lan Luo, Yue Zhang, Bryan Pearson, and Xinwen Fu. 2019. Microcontroller based IoT system firmware security: Case studies. In 2019 IEEE International Conference on Industrial Internet (ICII’19). 200–209. DOI:

[15]

Andrew Ginter. 2018. The Top 20 Cyberattacks on Industrial Control Systems. Waterfall Security Solutions LTD.

[16]

Kento Hasegawa, Masaru Oya, Masao Yanagisawa, and Nozomu Togawa. 2016. Hardware Trojans classification for gate-level netlists based on machine learning. In 2016 IEEE 22nd International Symposium on On-Line Testing and Robust System Design (IOLTS’16). 203–206. DOI:

[17]

Kento Hasegawa, Youhua Shi, and Nozomu Togawa. 2018. Hardware Trojan detection utilizing machine learning approaches. In 2018 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/ 12th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE’18). 1891–1896. DOI:

[18]

Kento Hasegawa, Masao Yanagisawa, and Nozomu Togawa. 2017. Trojan-feature extraction at gate-level netlists and its application to hardware-Trojan detection using random forest classifier. In 2017 IEEE International Symposium on Circuits and Systems (ISCAS’17). 1–4. DOI:

[19]

Yumin Hou, Hu He, Kaveh Shamsi, Yier Jin, Dong Wu, and Huaqiang Wu. 2018. R2D2: Runtime reassurance and detection of A2 Trojan. In 2018 IEEE International Symposium on Hardware Oriented Security and Trust (HOST’18). 195–200. DOI:

[20]

Taifeng Hu, Liji Wu, Xiangmin Zhang, Yanzhao Yin, and Yijun Yang. 2019. Hardware Trojan detection combine with machine learning: An SVM-based detection approach. In 2019 IEEE 13th International Conference on Anti-counterfeiting, Security, and Identification (ASID’19). 202–206. DOI:

[21]

Margot J. Hutchins, Raunak Bhinge, Maxwell K. Micali, Stefanie L. Robinson, John W. Sutherland, and David Dornfeld. 2015. Framework for Identifying Cybersecurity Risks in Manufacturing. Procedia Manufacturing 1 (2015), 47–63.

[22]

Ayush Jain, Ujjwal Guin, M. Tanjidur Rahman, Navid Asadizanjani, Danielle Duvalsaint, and R. D. Shawn Blanton. 2020. Special session: Novel attacks on logic-locking. In 2020 IEEE 38th VLSI Test Symposium (VTS’20). 1–10. DOI:

[23]

Yier Jin and Yiorgos Makris. 2008. Hardware Trojan detection using path delay fingerprint. In 2008 IEEE International Workshop on Hardware-Oriented Security and Trust. 51–57. DOI:

Digital Library

[24]

CheeYee Tang, Timothy Zimmerman, Victoria Pillitteri, Suzanne Lightman, Keith Stouffer, and Michael Pease. April 26, 2022. Guide to Operational Technology (OT) Security. https://csrc.nist.gov/publications/detail/sp/800-82/rev-3/draft. (April 26, 2022).

[25]

Mohammad Nasim Imtiaz Khan, Karthikeyan Nagarajan, and Swaroop Ghosh. 2019. Hardware Trojans in emerging non-volatile memories. In 2019 Design, Automation & Test in Europe Conference & Exhibition (DATE’19). IEEE, 396–401.

[26]

Moonsoo Kim, Jungwoo Choi, Hyun Kim, and Hyuk-Jae Lee. 2019. An effective DRAM address remapping for mitigating rowhammer errors. IEEE Trans. Comput. 68, 10 (2019), 1428–1441. DOI:

[27]

Sangjun Kim, Yongsoon Eun, and Kyung-Joon Park. 2021. Stealthy sensor attack detection and real-time performance recovery for resilient CPS. IEEE Transactions on Industrial Informatics 17, 11 (2021), 7412–7422. DOI:

[28]

Shams Ul Arfeen Laghari, Selvakumar Manickam, Ayman Khallel Al-Ani, Shafiq Ul Rehman, and Shankar Karuppayah. 2021. SECS/GEMsec: A mechanism for detection and prevention of cyber-attacks on SECS/GEM communications in industry 4.0 landscape. IEEE Access 9 (2021), 154380–154394. DOI:

[29]

Dirk Lehmhus, Claus Aumund-Kopp, Frank Petzoldt, Dirk Godlinski, Arne Haberkorn, Volker Zöllmer, and Matthias Busse. 2016. Customized Smartness: A survey on links between additive manufacturing and sensor integration. Procedia Technology 26 (2016), 284–301.

[30]

Priyanka Mahesh, Akash Tiwari, Chenglu Jin, Panganamala R. Kumar, A. L. Narasimha Reddy, Satish T. S. Bukkapatanam, Nikhil Gupta, and Ramesh Karri. 2021. A survey of cybersecurity of digital manufacturing. Proc. IEEE 109, 4 (2021), 495–516. DOI:

[31]

Mohammad Monjur, Joshua Calzadillas, Mashrafi Kajol, and Qiaoyan Yu. 2022. Hardware security in advanced manufacturing. In Proceedings of the Great Lakes Symposium on VLSI 2022 (GLSVLSI’22). Association for Computing Machinery, New York, NY, USA, 469–474. DOI:

Digital Library

[32]

Mohammad Monjur, Joseph Heacock, Joshua Calzadillas, Rui Sun, and Qiaoyan Yu. 2022. Challenges of securing low-power LoRaWAN devices deployed in advanced manufacturing. In 2022 23rd International Symposium on Quality Electronic Design (ISQED’22). 1–1. DOI:

[33]

Mohammad Mezanur Rahman Monjur, Joseph Heacock, Joshua Calzadillas, MD Shaad Mahmud, John Roth, Kunal Mankodiya, Edward Sazonov, and Qiaoyan Yu. 2022. Hardware security in sensor and its networks. Frontiers in Sensors 3 (2022). DOI:

[34]

Mohammad Mezanur Rahman Monjur, Joseph Heacock, Rui Sun, and Qiaoyan Yu. 2021. An attack analysis framework for LoRaWAN applied advanced manufacturing. In 2021 IEEE International Symposium on Technologies for Homeland Security (HST’21). 1–7. DOI:

[35]

Mezanur Rahman Monjur, Sandeep Sunkavilli, and Qiaoyan Yu. 2020. ADobf: Obfuscated detection method against analog Trojans on I2C master-slave interface. In 2020 IEEE 63rd International Midwest Symposium on Circuits and Systems (MWSCAS’20). 1064–1067. DOI:

[36]

Seetharam Narasimhan, Dongdong Du, Rajat Subhra Chakraborty, Somnath Paul, Francis G. Wolff, Christos A. Papachristou, Kaushik Roy, and Swarup Bhunia. 2013. Hardware Trojan detection by multiple-parameter side-channel analysis. IEEE Trans. Comput. 62, 11 (2013), 2183–2195. DOI:

Digital Library

[37]

Nataliia Neshenko, Elias Bou-Harb, Jorge Crichigno, Georges Kaddoum, and Nasir Ghani. 2019. Demystifying IoT security: An exhaustive survey on IoT vulnerabilities and a first empirical look on internet-scale IoT exploitations. IEEE Communications Surveys & Tutorials 21, 3 (2019), 2702–2733. DOI:

[38]

Junkil Park, Radoslav Ivanov, James Weimer, Miroslav Pajic, and Insup Lee. 2015. Sensor attack detection in the presence of transient faults. In Proceedings of the ACM/IEEE Sixth International Conference on Cyber-Physical Systems (ICCPS’15). Association for Computing Machinery, New York, NY, USA, 1–10. DOI:

Digital Library

[39]

Antonios Pavlidis, Eric Faehn, Marie-Minerve Louërat, and Haralampos-G. Stratigopoulos. 2022. Run-time hardware Trojan detection in analog and mixed-signal ICs. In 2022 IEEE 40th VLSI Test Symposium (VTS’22). 1–8. DOI:

[40]

Vaibhav Venugopal Rao and Ioannis Savidis. 2017. Parameter biasing obfuscation for analog IP protection. In 2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST’17). 161–161. DOI:

[41]

Vaibhav Venugopal Rao and Ioannis Savidis. 2017. Protecting analog circuits with parameter biasing obfuscation. In 2017 18th IEEE Latin American Test Symposium (LATS’17). 1–6. DOI:

[42]

Jackson C. Rebane. 2011. The Stuxnet Computer Worm and Industrial Control System Security. Nova Science Publishers, Inc., USA.

Digital Library

[43]

NXP Semiconductors. 2018. IoT Device Secure Connection with LoRa. https://www.nxp.com/docs/en/nxp/application-notes/AN12257.pdf.

[44]

Bicky Shakya, Tony He, Hassan Salmani, Domenic Forte, Swarup Bhunia, and Mark Tehranipoor. 2017. Benchmarking of hardware Trojans and maliciously affected circuits. In Journal of Hardware and Systems Security 1 (2017), 1598–1603. DOI:

[45]

Yasser Shoukry, Paul Martin, Paulo Tabuada, and Mani Srivastava. 2013. Non-invasive spoofing attacks for anti-lock braking systems. In Cryptographic Hardware and Embedded Systems - CHES 2013, Guido Bertoni and Jean-Sébastien Coron (Eds.). Springer Berlin, Berlin, 55–72.

[46]

Deborah Stine. 2010. PCAST Launches Policy Forum on the Future of U.S. Advanced Manufacturing. Retrieved Feb. 2022 from https://obamawhitehouse.archives.gov/blog/2010/04/07/policy-forum-future-advanced-manufacturing-united-states.

[47]

Vincent Stoffer. 2013. Outdated Computers and Operating Systems. https://commons.lbl.gov/display/cpp/Outdated+Computers+and+Operating+Systems.

[48]

Reshmi Suragani, Emiliia Nazarenko, Nikolaos Athanasios Anagnostopoulos, Nico Mexis, and Elif Bilge Kavun. 2022. Identification and classification of corrupted PUF responses via machine learning. In 2022 IEEE International Symposium on Hardware Oriented Security and Trust (HOST’22). 137–140. DOI:

[49]

Jiafan Wang, Congyin Shi, Adriana Sanabria-Borbon, Edgar Sánchez-Sinencio, and Jiang Hu. 2017. Thwarting analog IC piracy via combinational locking. In 2017 IEEE International Test Conference (ITC’17). 1–10. DOI:

[50]

Ruize Wang, Huanyu Wang, and Elena Dubrova. 2020. Far field EM side-channel attack on AES using deep learning. In Proceedings of the 4th ACM Workshop on Attacks and Solutions in Hardware Security (ASHES’20). Association for Computing Machinery, New York, NY, USA, 35–44. DOI:

Digital Library

[51]

Yicheng Wang, Yang Liu, Peiyun Wu, and Zhao Zhang. 2019. Reinforce memory error protection by breaking DRAM disturbance correlation within ECC words. In 2019 IEEE 37th International Conference on Computer Design (ICCD’19). 672–675. DOI:

[52]

Dazhong Wu, Anqi Ren, Wenhui Zhang, Feifei Fan, Peng Liu, Xinwen Fu, and Janis Terpenny. 2018. Cybersecurity for digital manufacturing. Journal of Manufacturing Systems 48 (2018), 3–12. DOI:Special Issue on Smart Manufacturing.

[53]

Xin-Chuan Wu, Timothy Sherwood, Frederic T. Chong, and Yanjing Li. 2019. Protecting page tables from RowHammer attacks using monotonic pointers in DRAM true-cells. In Proceedings of the Twenty-Fourth International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS’19). Association for Computing Machinery, New York, NY, USA, 645–657. DOI:

Digital Library

[54]

Qi Xiong, Ying-Chang Liang, Kwok Hung Li, and Yi Gong. 2015. An energy-ratio-based approach for detecting pilot spoofing attack in multiple-antenna systems. IEEE Transactions on Information Forensics and Security 10, 5 (2015), 932–940. DOI:

Digital Library

[55]

Mengting Yan, Haoran Wei, and Marvin Onabajo. 2018. Modeling of thermal coupling and temperature sensor circuit design considerations for hardware Trojan detection. In 2018 IEEE 61st International Midwest Symposium on Circuits and Systems (MWSCAS’18). 857–860. DOI:

[56]

Kaiyuan Yang, Matthew Hicks, Qing Dong, Todd Austin, and Dennis Sylvester. 2016. A2: Analog malicious hardware. In 2016 IEEE Symposium on Security and Privacy (SP’16). 18–37.

[57]

Yuanyuan Zhang, Chen Dong, Yi Xu, Yinan Yao, and Chenxi Lyu. 2022. RLocHT: A hardware Trojans localization method utilizing deep learning at the gate-level. In 2022 IEEE 10th Joint International Information Technology and Artificial Intelligence Conference (ITAIC’22), Vol. 10. 2290–2294. DOI:

Cited By

Massaro A(2024)Artificial Intelligence Enabling Denoising in Passive Electronic Filtering Circuits for Industry 5.0 MachinesMachines10.3390/machines1208055112:8(551)Online publication date: 13-Aug-2024
https://doi.org/10.3390/machines12080551
Massaro A(2024)Artificial Intelligence Signal Control in Electronic Optocoupler Circuits Addressed on Industry 5.0 Digital TwinElectronics10.3390/electronics1322454313:22(4543)Online publication date: 19-Nov-2024
https://doi.org/10.3390/electronics13224543
Massaro A(2024)ANNs Predicting Noisy Signals in Electronic Circuits: A Model Predicting the Signal Trend in Amplification SystemsAI10.3390/ai50200275:2(533-549)Online publication date: 17-Apr-2024
https://doi.org/10.3390/ai5020027
Show More Cited By

Index Terms

Hardware Security Risks and Threat Analyses in Advanced Manufacturing Industry

Recommendations

Hardware Security in Advanced Manufacturing
GLSVLSI '22: Proceedings of the Great Lakes Symposium on VLSI 2022

More and more digitized techniques and network connectivity are deployed to advanced manufacturing to enable remote system monitoring and automated production; however, this trend also leads to the traditional assumption of security in manufacturing not ...
Security Threat Analyses and Attack Models for Approximate Computing Systems: From Hardware and Micro-architecture Perspectives
Survey Paper

Approximate computing (AC) represents a paradigm shift from conventional precise processing to inexact computation but still satisfying the system requirement on accuracy. The rapid progress on the development of diverse AC techniques allows us to apply ...
A New Dynamic Countermeasure to Strengthen Design Obfuscation in FPGAs
FPGAs are being challenged by various security threats, including reverse engineering attacks, hardware tampering, and side-channel analysis attacks. Although the existing static obfuscation methods can protect FPGA systems from IP piracy and hardware ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Design Automation of Electronic Systems

ACM Transactions on Design Automation of Electronic Systems Volume 28, Issue 5

September 2023

475 pages

ISSN:1084-4309

EISSN:1557-7309

DOI:10.1145/3623508

Editor:
X. Sharon Hu
University of Notre Dame, USA

Issue’s Table of Contents

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Journal Family

ACM Journals for the Design of Smart and Connected Systems

Publication History

Published: 09 September 2023

Online AM: 18 June 2023

Accepted: 14 May 2023

Revised: 11 May 2023

Received: 04 February 2023

Published in TODAES Volume 28, Issue 5

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

National Science Foundation Awards

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
545
Total Downloads

Downloads (Last 12 months)222
Downloads (Last 6 weeks)17

Reflects downloads up to 01 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Massaro A(2024)Artificial Intelligence Enabling Denoising in Passive Electronic Filtering Circuits for Industry 5.0 MachinesMachines10.3390/machines1208055112:8(551)Online publication date: 13-Aug-2024
https://doi.org/10.3390/machines12080551
Massaro A(2024)Artificial Intelligence Signal Control in Electronic Optocoupler Circuits Addressed on Industry 5.0 Digital TwinElectronics10.3390/electronics1322454313:22(4543)Online publication date: 19-Nov-2024
https://doi.org/10.3390/electronics13224543
Massaro A(2024)ANNs Predicting Noisy Signals in Electronic Circuits: A Model Predicting the Signal Trend in Amplification SystemsAI10.3390/ai50200275:2(533-549)Online publication date: 17-Apr-2024
https://doi.org/10.3390/ai5020027
Monjur MYu Q(2024)Advanced Continuous-Time Convolution Framework for Security Assurance in Wireless Sensor NetworksProceedings of the Great Lakes Symposium on VLSI 202410.1145/3649476.3658785(319-322)Online publication date: 12-Jun-2024
https://dl.acm.org/doi/10.1145/3649476.3658785
Monjur MYu Q(2024)CTC: Continuous-Time Convolution based Multi-Attack Detection for Sensor Networks2024 IEEE International Symposium on Circuits and Systems (ISCAS)10.1109/ISCAS58744.2024.10557885(1-5)Online publication date: 19-May-2024
https://doi.org/10.1109/ISCAS58744.2024.10557885
Massaro AEpicoco NLoseto GArdito C(2024)IIOT Cyberattacks in Industrial Field Control Systems: PID Attack and Hardware Trojan Effects2024 IEEE 20th International Conference on Automation Science and Engineering (CASE)10.1109/CASE59546.2024.10711839(1702-1707)Online publication date: 28-Aug-2024
https://doi.org/10.1109/CASE59546.2024.10711839

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Full Text

View this article in Full Text.

Figures

Tables

Media

View full text|Download PDF

View Issue’s Table of Contents