Confidential computing services enable users to run or use applications in Trusted Execution Environments (TEEs) leveraging secure hardware, like Intel SGX or AMD SEV, and verify them by performing remote attestation. Typically this process is very rigid and not always aligned with the trust assumptions of the users regarding the hardware identities, stakeholders and software that are considered trusted. In our work, we enable the users to tailor their trust boundaries according to their security concerns and remotely attest the different TEEs specifically based on those.

Security still remains an afterthought in modern Electronic Design Automation (EDA) tools, which solely focus on enhancing performance and reducing the chip size. Typically, the security analysis is conducted by hand, leading to vulnerabilities in the design remaining unnoticed. Security-aware EDA tools assist the designer in the identification and removal of security threats while keeping performance and area in mind. Stateof-the-art approaches utilize information flow analysis to spot unintended information leakages in design structures. However, the classification of such threats is binary, resulting in negligible leakages being listed as well. A novel quantitative analysis allows the application of a metric to determine a numeric value for a leakage. Nonetheless, current approximations to quantify the leakage are still prone to overlooking leakages. The mathematical model 2D-QModel introduced in this work aims to overcome this shortcoming. Additionally, as previous work only includes a limited threat model, multiple threat models can be applied using the provided approach. Open-source benchmarks are used to show the capabilities of 2D-QModel to identify hardware Trojans in the design while ignoring insignificant leakages.

This paper highlights the progress toward securing teleoperating devices over the past ten years of active technology development. The relevance of this issue lies in the widespread development of teleoperating systems with a small number of systems allowed for operations. Anomalous behavior of the operating device, caused by a disruption in the normal functioning of the system modules, can be associated with remote attacks and exploitation of vulnerabilities, which can lead to fatal consequences. There are regulations and mandates from licensing agencies such as the US Food and Drug Administration (FDA) that place restrictions on the architecture and components of teleoperating systems. These requirements are also evolving to meet new cybersecurity threats. In particular, consumers and safety regulatory agencies are attracted by the threat of compromising hardware modules along with software insecurity. Recently, detailed security frameworks and protocols for teleoperating devices have appeared. However, a matter of intelligent autonomous controllers for analyzing anomalous and suspicious actions in the system remain unattended, as well as emergency protocols from the point of cybersecurity view. This work provides a new approach for the intraoperative cybersecurity of intelligent teleoperative surgical systems, taking into account modern requirements for implementing into the Surgical Remote Intelligent Robotic System LevshAI. The proposed principal security model allows a surgeon or autonomous agent to manage the operation process during various attacks.

Air-gapped workstations are separated from the Internet because they contain confidential or sensitive information. Studies have shown that attackers can leak data from air-gapped computers with covert ultrasonic signals produced by loudspeakers. To counteract the threat, speakers might not be permitted on highly sensitive computers or disabled altogether - a measure known as an ’audio gap.’ This paper presents an attack enabling adversaries to exfiltrate data over ultrasonic waves from air-gapped, audio-gapped computers without external speakers. The malware on the compromised computer uses its built-in buzzer to generate sonic and ultrasonic signals. This component is mounted on many systems, including PC workstations, embedded systems, and server motherboards. It allows software and firmware to provide error notifications to a user, such as memory and peripheral hardware failures. We examine the different types of internal buzzers and their hardware and software controls. Despite their limited technological capabilities, such as 1-bit sound, we show that sensitive data can be encoded in sonic and ultrasonic waves. This is done using pulse width modulation (PWM) techniques to maintain a carrier wave with a dynamic range. We also show that malware can evade detection by hiding in the frequency bands of other components (e.g., fans and power supplies). We implement the attack using a PC transmitter and smartphone app receiver. We discuss transmission protocols, modulation, encoding, and reception and present the evaluation of the covert channel as well. Based on our tests, sensitive data can be exfiltrated from air-gapped computers through its built- in buzzer. A smartphone can receive data from up to six meters away at 100 bits per second.

This paper presents AirKeyLogger - a novel radio frequency (RF) keylogging attack for air-gapped computers.Our keylogger exploits radio emissions from a computer’s power supply to exfiltrate real-time keystroke data to a remote attacker. Unlike hardware keylogging devices, our attack does not require physical hardware. Instead, it can be conducted via a software supply-chain attack and is solely based on software manipulations. Malware on a sensitive, air-gap computer can intercept keystroke logging by using global hooking techniques or injecting malicious code into a running process. To leak confidential data, the processor’s working frequencies are manipulated to generate a pattern of electromagnetic emissions from the power unit modulated by keystrokes. The keystroke information can be received at distances of several meters away via an RF receiver or a smartphone with a simple antenna. We provide related work, discuss keylogging methods and present multi-key modulation techniques. We evaluate our method at various typing speeds and on-screen keyboards as well. We show the design and implementation of transmitter and receiver components and present evaluation findings. Our tests show that malware can eavesdrop on keylogging data in real-time over radio signals several meters away and behind concrete walls from highly secure and air-gapped systems.

Spatial field digital modulation (SFDM) communication system is a special index modulation (IM) technique with low hardware complexity and physical layer security potential. However, the deployment of the SFDM system is always complicated and time-consuming. To solve the problems, an adaptive SFDM system without phase measurement is proposed and implemented in this paper. We design a system architecture fit for self-adjustment and propose the corresponding adaptive algorithm. The state isolation and the BER performance are measured under an indoor channel, which verifies its validity.

The goal of this project is to use hardware components built-in manufacturing faults as mobile phone IDs. We assessed the applicability of several I/O-related cell phone components, including sensors. Through this process, the focus was on creating hardware issue samples that could then be categorised using the device s speaker and microphone. In our technique, an audio sample was created by playing a known audio file via a mobile phone s speakers and then recording the sound using the same device. The impact of important variables on sample accuracy was examined using a variety of different sample groups. After collecting the samples, the frequency responses were extracted and classified. Data were categorised using a variety of classifiers, with certain label and sample group configurations achieving an accuracy of over 94.4\%. The conclusions of this article suggest that speaker and mike production faults may be exploited for device authentication.

Since criminality is rising in the 21st century, people want to secure their property and belongings. So, everyone in this situation needs a secure system with cutting-edge technology. Therefore, a person may go out without worries. This project aims to acquire a home security system that can apply a phone call to the client’s GSM (Global System for Mobile) cell phone device and send a message in the shortest amount of time. Our Home security system has been followed by the latest technology at a low cost. In this study, we used the PIR (Passive Infra-Red) movement sensor, the Arduino sensor as the core for movement identification, and the GSM module for dialing the system user, which was used to develop the hardware for this system. This framework uses the Arduino IDE for Arduino and Putty for participating in programming analysis in the GSM unit. The PIR sensor has a crucial function used in this system for the security of any unauthorized individuals and automatically generates calls when neighboring circles intrude and are detected by the PIR sensor. The Integrated Home Safety framework can promptly examine and sense a human’s movement.

An intrusion detection system (IDS) is a crucial software or hardware application that employs security mechanisms to identify suspicious activity in a system or network. According to the detection technique, IDS is divided into two, namely signature-based and anomaly-based. Signature-based is said to be incapable of handling zero-day attacks, while anomaly-based is able to handle it. Machine learning techniques play a vital role in the development of IDS. There are differences of opinion regarding the most optimal algorithm for IDS classification in several previous studies, such as Random Forest, J48, and AdaBoost. Therefore, this study aims to evaluate the performance of the three algorithm models, using the NSL-KDD and UNSW-NB15 datasets used in previous studies. Empirical results demonstrate that utilizing AdaBoost+J48 with NSL-KDD achieves an accuracy of 99.86\%, along with precision, recall, and f1-score rates of 99.9\%. These results surpass previous studies using AdaBoost+Random Tree, with an accuracy of 98.45\%. Furthermore, this research explores the effectiveness of anomaly-based systems in dealing with zero-day attacks. Remarkably, the results show that anomaly-based systems perform admirably in such scenarios. For instance, employing Random Forest with the UNSW-NB15 dataset yielded the highest performance, with an accuracy rating of 99.81\%.

Understanding the temperature dependence of acoustic and photoacoustic (PA) properties is important for the characterization of materials and measurements in various applications. Ultrasound methods have been developed to estimate these properties, but they require careful consideration of multiple variables and steps to obtain reliable results. This study aimed to develop an automated system for simultaneous characterization of acoustic and PA properties of materials. The system was designed to minimize operator errors, ensuring robust temperature control and reproducibility for acoustic measurements. This was made possible through the integration of a commercially available PA imaging system with a custom-built platform specifically tailored for ultrasound-based acoustic characterization. This platform consisted of both hardware and software modules. The system was evaluated with NaCl solutions at different concentrations and a gelatin/agar cubic phantom prepared with uniformly distributed magnetic nanoparticles serving as optical absorbers. Results obtained from the NaCl solution samples exhibited a high Lin s concordance coefficient (above 0.9) with previously reported studies. In the ultrasound/PA experiment, temperature dependences of the speed of sound and PA intensity revealed a strong Pearson s correlation coefficient (0.99), with both measurements exhibiting a monotonic increase as anticipated for water-based materials. These findings demonstrate the accuracy and stability of the developed system for acoustic property measurements.

Internet of Things (IoT) has become extremely prominent for industrial applications and stealthy modification deliberately done by insertion of Hardware Trojans has increased widely due to globalization of Integrated Circuit (IC) production. In the proposed work, Hardware Trojan is detected at the gate level by considering netlist of the desired circuits. To mitigate with golden model dependencies, proposed work is based on unsupervised detection of Hardware Trojans which automatically extracts useful features without providing clear desired outcomes. The relevant features from feature dataset are selected using eXtreme Gradient Boosting (XGBoost) algorithm. Average True Positive Rate (TPR) is improved about 30\% by using Clustering-based local outlier factor (CBLOF) algorithm when compared to local outlier factor algorithm. The simulation is employed on Trust-HUB circuits and achieves an average of 99.83\% True Negative Rate (TNR) and 99.72\% accuracy which shows the efficiency of the detection method even without labelling data.

Hardware Trojans (HT) are minuscule circuits embedded by an adversary for malicious purposes. Such circuits posses stealthy nature and can cause disruption upon activation. To detect the presence of such circuits, appropriate test vectors need to be applied. In this regard, the genetic algorithm (GA) seems to be the most promising technique due to its exploration capability. However, like most of the existing techniques, GA also suffers from exploring the huge search space. In this article a GA based methodology is proposed incorporating the information about potential inputs into it. Experimental results analysis signifies that the identification of the relevant inputs for GA provides an optimal solution. The significance of proposed methodology is endorsed by applying the proposed GA technique on different ISCAS ’85 benchmark circuits. A noteworthy improvement on run time is observed while simultaneously providing improved test set quality than the state-of-the art technique.

Recently, hardware Trojan has become a serious security concern in the integrated circuit (IC) industry. Due to the globalization of semiconductor design and fabrication processes, ICs are highly vulnerable to hardware Trojan insertion by malicious third-party vendors. Therefore, the development of effective hardware Trojan detection techniques is necessary. Testability measures have been proven to be efficient features for Trojan nets classification. However, most of the existing machine-learning-based techniques use supervised learning methods, which involve time-consuming training processes, need to deal with the class imbalance problem, and are not pragmatic in real-world situations. Furthermore, no works have explored the use of anomaly detection for hardware Trojan detection tasks. This paper proposes a semi-supervised hardware Trojan detection method at the gate level using anomaly detection. We ameliorate the existing computation of the Sandia Controllability/Observability Analysis Program (SCOAP) values by considering all types of D flip-flops and adopt semi-supervised anomaly detection techniques to detect Trojan nets. Finally, a novel topology-based location analysis is utilized to improve the detection performance. Testing on 17 Trust-Hub Trojan benchmarks, the proposed method achieves an overall 99.47\% true positive rate (TPR), 99.99\% true negative rate (TNR), and 99.99\% accuracy.

There have been reports of threats that cause electromagnetic information leakage by inserting Hardware Trojans (HT) into the signal traces around components on the printed circuit board (PCB). In this threat, the HT insertion is assumed not only at the manufacturing stage but also during the in-transit or in the field after shipment, and the threat may extend to devices that are not considered to be threatened by HT insertion implemented inside conventional ICs. This paper discusses the detection method for the HT insertion, which is implementable on a PCB without external measurement equipment. Additionally, we validate the method in more practical situations, detecting the HT on populated PCBs. The method employs an on-chip touch sensor to measure the changes in electrical characteristics caused by HT insertion. Specifically, HT insertion is detected by observing the change in capacitance and insulation resistance associated with HT insertion using the on-chip sensor, and detecting the difference from the measurement result when HT is not inserted to signal traces. In the experiment, we build an evaluation environment, which emulates a populated PCB, based on the HT insertion method reported in previous studies and observe the change in capacitance and insulation resistance on the connected signal trace using a microprocessor equipped with a constant current source and an analog-digital converter that constitute the onchip sensor. Then, we show that HT insertion on the signal trace can be detected from the output values of the on-chip sensor before and after HT insertion.

This work proposes a novel hardware Trojan detection method that leverages static structural features and behavioral characteristics in field programmable gate array (FPGA) netlists. Mapping of hardware design sources to look-up-table (LUT) networks makes these features explicit, allowing automated feature extraction and further effective Trojan detection through machine learning. Four-dimensional features are extracted for each signal and a random forest classifier is trained for Trojan net classification. Experiments using Trust-Hub benchmarks show promising Trojan detection results with accuracy, precision, and F1-measure of 99.986\%, 100\%, and 99.769\% respectively on average.

In recent years, with the globalization of semiconductor processing and manufacturing, integrated circuits have gradually become vulnerable to malicious attackers. In order to detect Hardware Trojans (HTs) hidden in integrated circuits, it has become one of the hottest issues in the field of hardware security. In this paper, we propose to apply Principal Component Analysis (PCA) and Support Vector Machine (SVM) to hardware Trojan detection, using PCA algorithm to extract features from small differences in side channel information, and then obtain the principal components. The SVM detection model is optimized by means of cross-validation and logarithmic interval. Finally, it is determined whether the original circuit contains a hardware Trojan. In the experiment, we use the SAKURA-G FPGA board, Agilent oscilloscope, and ISE simulation software to complete the experimental work. The test results of five different HTs show that the average True Positive Rate (TPR) of the proposed method for HTs can reach 99.48\%, along with an average True Negative Rate (TNR) of 99.2\%, and an average detection time of 9.66s.

In order to visually present all kinds of hardware Trojan horse detection methods and their relationship, a method is proposed to construct the knowledge graph of hardware Trojan horse detection technology. Firstly, the security-related knowledge of hardware Trojan horse is analyzed, then the entity recognition and relationship extraction are carried out by using BiLSTM-CRF model, and the construction of knowledge graph is completed. Finally, the knowledge is stored and displayed visually by using graph database neo4j. The combination of knowledge graph and hardware Trojan security field can summarize the existing detection technologies, provide a basis for the analysis of hardware Trojans, vigorously promote the energy Internet security construction, and steadily enhance the energy Internet active defense capability.

Outsourcing Integrated Circuits(ICs) pave the way for including malicious circuits commonly known as Hardware Trojans. Trojans can be divided into functional and parametric Trojans. Trojans of the first kind are made by adding or removing gates to or from the golden reference design. Trojans of the following type, the golden circuit is modified by decreasing connecting wire’s thickness, exposing the chip to radiation, etc. Hardware Trojan detection schemes can be broadly classified into dynamic and static detection schemes depending on whether or not the input stimulus is applied. The proposed method aims to detect functional Trojans using the static detection method. The work proposes a generic, scalable Trojan detection method. The defender does not have the luxury of knowing the type of Trojan the circuit is infected with, making it difficult for accurate detection. In addition, the proposed method does not require propagating the Trojan effect on the output, magnifying the Trojan effect, or any other voting or additional algorithms to accurately detect the Trojan as in previous literature. The proposed method analyses synthesis reports for Trojan detection. Game theory, in addition, aids the defender in optimal decisionmaking. The proposed method has been evaluated on ISCAS’85 and ISCAS’89 circuits. The proffered method detects various types of Trojans of varying complexities in less time and with 100\% accuracy.

The paper presents a Tbps-class anonymity router that supports both an anonymity protocol and IP by leveraging a programmable switch. The key design issue is to place both the compute-intensive header decryption function for anonymity protocol forwarding and the memory-intensive IP forwarding function on the processing pipes of a switch with satisfying its hardware requirements. A prototype router on a programmable switch achieves Tbps-scale forwarding.

Satellite technologies are used for both civil and military purposes in the modern world, and typical applications include Communication, Navigation and Surveillance (CNS) services, which have a direct impact several economic, social and environmental protection activity. The increasing reliance on satellite services for safety-of-life and mission-critical applications (e.g., transport, defense and public safety services) creates a severe, although often overlooked, security problem, particularly when it comes to cyber threats. Like other increasingly digitized services, satellites and space platforms are vulnerable to cyberattacks. Thus, the existence of cybersecurity flaws may pose major threats to space-based assets and associated key infrastructure on the ground. These dangers could obstruct global economic progress and, by implication, international security if they are not properly addressed. Mega-constellations make protecting space infrastructure from cyberattacks much more difficult. This emphasizes the importance of defensive cyber countermeasures to minimize interruptions and ensure efficient and reliable contributions to critical infrastructure operations. Very importantly, space systems are inherently complex Cyber-Physical System (CPS) architectures, where communication, control and computing processes are tightly interleaved, and associated hardware/software components are seamlessly integrated. This represents a new challenge as many known physical threats (e.g., conventional electronic warfare measures) can now manifest their effects in cyberspace and, vice-versa, some cyber-threats can have detrimental effects in the physical domain. The concept of cyberspace underlies nearly every aspect of modern society s critical activities and relies heavily on critical infrastructure for economic advancement, public safety and national security. Many governments have expressed the desire to make a substantial contribution to secure cyberspace and are focusing on different aspects of the evolving industrial ecosystem, largely under the impulse of digital transformation and sustainable development goals. The level of cybersecurity attained in this framework is the sum of all national and international activities implemented to protect all actions in the cyber-physical ecosystem. This paper focuses on cybersecurity threats and vulnerabilities in various segments of space CPS architectures. More specifically, the paper identifies the applicable cyber threat mechanisms, conceivable threat actors and the associated space business implications. It also presents metrics and strategies for countering cyber threats and facilitating space mission assurance.

With the increased commercialization of deep learning (DL) models, there is also a growing need to protect them from illicit usage. For cost- and ease of deployment reasons it is becoming increasingly common to run DL models on the hardware of third parties. Although there are some hardware mechanisms, such as Trusted Execution Environments (TEE), to protect sensitive data, their availability is still limited and not well suited to resource demanding tasks, like DL models, that benefit from hardware accelerators. In this work, we make model stealing more difficult, presenting a novel way to divide up a DL model, with the main part on normal infrastructure and a small part in a remote TEE, and train it using adversarial techniques. In initial experiments on image classification models for the Fashion MNIST and CIFAR 10 datasets, we observed that this obfuscation protection makes it significantly more difficult for an adversary to leverage the exposed model components.

Counteracting the most dangerous attacks –advanced persistent threats – is an actual problem of modern enterprises. Usually these threats aimed not only at information resources but also at software and hardware resources of automated systems of industrial plants. As a rule, attackers use a number of methods including social engineering methods. The article is devoted to development of the methods for timely prevention from advanced persistent threats based on analysis of attackers’ tactics. Special attention in the article is paid to methods for detection provocations of the modernization of protection systems, as well as methods for monitoring the state of resources of the main automated system. Technique of identification of suspicious changes in the resources is also considered in the article. The result of applying this set of methods will help to increase the protection level of automated systems’ resources.

Practical cryptographic systems rely on a true random number generator (TRNG), which is a necessary component in any hardware Root-of-Trust (RoT). Hardware trust anchors are also integrated into larger chips, for instance as hard-IP cores in FPGAs, where the remaining FPGA fabric is freely programmable. To provide security guarantees, proper operation of the TRNG is critical. By that, adversaries are interested to tamper with the ability of TRNGs to produce unpredictable random numbers. In this paper, we show that an FPGA on-chip attack can reduce the true randomness of a TRNG integrated as a hard-IP module in the FPGA. This module is considered to be an immutable security module, compliant with NIST SP 800193 Platform Firmware Resilience Guidelines (PFR), which is a well known guideline for system resilience, and it is also certified by the Cryptographic Algorithm Validation Program (CAVP). By performing an on-chip voltage drop-based fault attack with user-programmable FPGA logic, the random numbers produced by the IP core fail NIST SP 800-22 and BSI AIS31 tests, meaning they are not truly random anymore. By that, this paper shows that new attack vectors can break even verified IP cores, since on-chip attacks are usually not considered in the threat model, which can still affect highly integrated systems.

With the development of Internet of Things (IoT) technology, the digital pill has been employed as an IoT system for emerging remote health monitoring to detect the impact of medicine intake on patients’ biological index. The medical data is then used for model training with federated learning. An adversary can launch poisoning attacks by tampering with patients’ medical data, which will lead to misdiagnosis of the patients’ conditions. Lots of studies have been conducted to defend against poisoning attacks based on blockchain or hardware. However, 1) Blockchain-based schemes can only exploit on-chain data to deal with poisoning attacks due to the lack of off-chain trusted entities. 2) Typical hardware-based schemes have the bottleneck of single point of failure. To overcome these defects, we propose a defense scheme via multiple Trusted Platform Modules (TPMs) and blockchain oracle. Benefitting from multiple TPMs verification results, a distributed blockchain oracle is proposed to obtain off-chain verification results for smart contracts. Then, the smart contracts could utilize the off-chain verification result to identify poisoning attacks and store the unique identifiers of the non-threatening IoT device immutably on the blockchain as a whitelist of federated learning participants. Finally, we analyze the security features and evaluate the performance of our scheme, which shows the robustness and efficiency of the proposed work.

The continuously growing importance of today’s technology paradigms such as the Internet of Things (IoT) and the new 5G/6G standard open up unique features and opportunities for smart systems and communication devices. Famous examples are edge computing and network slicing. Generational technology upgrades provide unprecedented data rates and processing power. At the same time, these new platforms must address the growing security and privacy requirements of future smart systems. This poses two main challenges concerning the digital processing hardware. First, we need to provide integrated trustworthiness covering hardware, runtime, and the operating system. Whereas integrated means that the hardware must be the basis to support secure runtime and operating system needs under very strict latency constraints. Second, applications of smart systems cover a wide range of requirements where "one- chip-fits-all" cannot be the cost and energy effective way forward. Therefore, we need to be able to provide a scalable hardware solution to cover differing needs in terms of processing resource requirements.In this paper, we discuss our research on an integrated design of a secure and scalable hardware platform including a runtime and an operating system. The architecture is built out of composable and preferably simple components that are isolated by default. This allows for the integration of third-party hardware/software without compromising the trusted computing base. The platform approach improves system security and provides a viable basis for trustworthy communication devices.