Info about hardware security
"If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle." --- Sun Tzu
If the peripheral device and firmware( e.g: Intel ME) is called "Ring -3", so let's call "Ring -4" refered as hardware level( naming is one of the hardest issue in CS, isn't it;-)). Those knowledge from offensive side will help us to know better where we are and how we react.
Bypassing Secure Boot using Fault Injection - 201708, a few low-cost hardwares( ChipWhisperer-Lite, RF - Passive, etc) can be utilized by the attacker.
The IP register can be modified by software at runtime in arhcitectures like armv7 which can be exploited by some FI methods. The critical mission should avoid to use such hardwares.
Software mitigation: Hardening the COREs.
Don't make compiler( volatile) become your enemy.
- Semi-invasive attacks - A new approach to hardware security analysis - 200504
- A Touch of Evil: High-Assurance Cryptographic Hardware from Untrusted Components - 201709, find more info on the website and the write-up.
- DARPA Rolls Out Electronics Resurgence Initiative - 2017
- System Security Integration Through Hardware and Firmware(https://www.darpa.mil/program/system-security-integration-through-hardware-and-firmware)
- ISA Semantics for ARMv8-A, RISC-V, and CHERI-MIPS
- Surprisingly Turing-Complete
- When a Patch is Not Enough - HardFails: Software-Exploitable Hardware Bugs
Secure processor, PUF/POK/FET
- AEGIS: A single-chip secure processor
- Trapdoor Computational Fuzzy Extractors and Stateless Cryptographically-Secure Physical Unclonable Functions - 2014
- PHYSICAL-LAYER SECURITY FOR THE INTERNET OF THINGS - 2017, another short write-up.
- Silencing Hardware Backdoors - 2011
- Stealthy Dopant-Level Hardware Trojans - 2013
- DeTrust: Defeating Hardware Trust Verification with Stealthy Implicitly-Triggered Hardware Trojans - 2014
- Interdiction in Practice – Hardware Trojan Against a High-Security USB Flash Drive - 2016
- A2: Analog Malicious Hardware - 2016
- Advancing the State-of-the-Art in Hardware Trojans Detection - 2016
- TrojanZero: Switching Activity-Aware Design of Undetectable Hardware Trojans with Zero Power and Area Footprint - 201811