Security challenge names three winners

6th March 2020

Alex Lynn

0 0

OneSpin Solutions has announced the three winners of its fourth annual holiday puzzle security challenge, held to highlight real-world problems of trust vulnerabilities in hardware designs and illuminate ways to avoid them. Competitors entered from over 40 organisations, including Xilinx, Intel, Fotonation, NXP, Nokia, AMD, Sensirion, and the OpenHW Groups.

Winners Nithin Kumar Guggilla of Xilinx, Tero Kuusijärvi of NOKIA, and Wayne Yun of AMD found the Trojans in two RTL designs sourced from TrustHub and contributed their ideas and opinions. They receive Bose SoundSport wireless headphones.

Hardware trust and security dilemma

The nature of today’s complex electronics makes them extremely vulnerable to unintended or malicious attacks. A hardware Trojan is engineered to cause major damage in response to a trigger known by the attacker. It could expose ‘secure’ data, cause serious product malfunction, or even destroy a chip. Modern, highly configurable hardware provides a favourable hiding place for backdoors, time bombs, performance degradation or kill switches.

And the threat of Trojans being inserted into third-party IPs or during pre-silicon design implementation steps is of increasing concern to the hardware community. Everything from connected autonomous vehicles, medical devices, smartphones, defence and aerospace systems, nuclear power plants, 5G networks, IoT devices, and cloud computing are at risk.

The hardware trust and security puzzle

The puzzle required participants to find Trojans in two RTL designs sourced from TrustHub and were allowed to use any tool available to them to reach a solution. Guidance was provided to them on how OneSpin solutions would allow the Trojans to be found in less than three minutes.

Participants were required to submit waveforms of the traces that activate these Trojans. This challenge has delivered an increased awareness of the vulnerability risks associated with Trojans and suggests a path to automatic detection of these types of IC supply chain attacks.

“This challenge has confirmed that more and more companies now understand the importance of protecting their hardware designs against trust and security risks,” commented Raik Brinkmann, President and CEO of OneSpin. “Leaving vulnerabilities in the design, whether unintentional or malicious, can have catastrophic consequences. Being able to exhaustively detect these ‘holes’ in the design is critical to delivering safe, trusted, and secure devices to the market. OneSpin is at the forefront of providing the technology assuring trust and security at the hardware level, as part of IC integrity.”