CYBERSECURITYDetecting Manipulations in Microchips
Attackers have the ability not only to manipulate software, but also to tamper with the hardware. A team from Bochum is devising methods to detect such tampering.
Attackers have the ability not only to manipulate software, but also to tamper with the hardware. A team from Bochum is devising methods to detect such tampering.
Security gaps exist not only in software, but also directly in hardware. Attackers might deliberately have them built in in order to attack technical applications on a large scale. Researchers at Ruhr University Bochum, Germany, and the Max Planck Institute for Security and Privacy (MPI-SP) in Bochum are exploring methods of detecting such so-called hardware Trojans. They compared construction plans for chips with electron microscope images of real chips and had an algorithm search for differences. This is how they detected deviations in 37 out of 40 cases.
The team at the CASA Cluster of Excellence (short for Cyber Security in the Age of Large-Scale Adversaries), headed by Dr. Steffen Becker, and the MPI-SP team headed by Endres Puschner, will present their findings at the IEEE Symposium on Security and Privacy, which will take place in San Francisco from 22 to 25 May 2023. The research was conducted in collaboration with Thorben Moos from the Université catholique de Louvain (Belgium) and the Federal Criminal Police Office in Germany.
The researchers released all images of the chips, the design data as well as the analysis algorithms online for free so that other research groups can use the data to conduct further studies.
Manufacturing Plants as a Gateway for Hardware Trojans
These days, electronic chips are integrated into countless objects. They are more often than not designed by companies that don’t operate their own production facilities. The construction plans are therefore sent to highly specialized chip factories for production. “It’s conceivable that tiny changes might be inserted into the designs in the factories shortly before production that could override the security of the chips,” explains Steffen Becker and gives an example for the possible consequences: “In extreme cases, such hardware Trojans could allow an attacker to paralyze parts of the telecommunications infrastructure at the push of a button.”
