Hardware Supply Chain Security


Book Description

This book presents a new threat modelling approach that specifically targets the hardware supply chain, covering security risks throughout the lifecycle of an electronic system. The authors present a case study on a new type of security attack, which combines two forms of attack mechanisms from two different stages of the IC supply chain. More specifically, this attack targets the newly developed, light cipher (Ascon) and demonstrates how it can be broken easily, when its implementation is compromised with a hardware Trojan. This book also discusses emerging countermeasures, including anti-counterfeit design techniques for resources constrained devices and anomaly detection methods for embedded systems.




Emerging Topics in Hardware Security


Book Description

This book provides an overview of emerging topics in the field of hardware security, such as artificial intelligence and quantum computing, and highlights how these technologies can be leveraged to secure hardware and assure electronics supply chains. The authors are experts in emerging technologies, traditional hardware design, and hardware security and trust. Readers will gain a comprehensive understanding of hardware security problems and how to overcome them through an efficient combination of conventional approaches and emerging technologies, enabling them to design secure, reliable, and trustworthy hardware.




Hardware Security


Book Description

Hardware Security: A Hands-On Learning Approach provides a broad, comprehensive and practical overview of hardware security that encompasses all levels of the electronic hardware infrastructure. It covers basic concepts like advanced attack techniques and countermeasures that are illustrated through theory, case studies and well-designed, hands-on laboratory exercises for each key concept. The book is ideal as a textbook for upper-level undergraduate students studying computer engineering, computer science, electrical engineering, and biomedical engineering, but is also a handy reference for graduate students, researchers and industry professionals. For academic courses, the book contains a robust suite of teaching ancillaries. Users will be able to access schematic, layout and design files for a printed circuit board for hardware hacking (i.e. the HaHa board) that can be used by instructors to fabricate boards, a suite of videos that demonstrate different hardware vulnerabilities, hardware attacks and countermeasures, and a detailed description and user manual for companion materials. - Provides a thorough overview of computer hardware, including the fundamentals of computer systems and the implications of security risks - Includes discussion of the liability, safety and privacy implications of hardware and software security and interaction - Gives insights on a wide range of security, trust issues and emerging attacks and protection mechanisms in the electronic hardware lifecycle, from design, fabrication, test, and distribution, straight through to supply chain and deployment in the field - A full range of instructor and student support materials can be found on the authors' own website for the book: http://hwsecuritybook.org




Introduction to Hardware Security and Trust


Book Description

This book provides the foundations for understanding hardware security and trust, which have become major concerns for national security over the past decade. Coverage includes security and trust issues in all types of electronic devices and systems such as ASICs, COTS, FPGAs, microprocessors/DSPs, and embedded systems. This serves as an invaluable reference to the state-of-the-art research that is of critical significance to the security of, and trust in, modern society’s microelectronic-supported infrastructures.




Cyber Warfare and Terrorism: Concepts, Methodologies, Tools, and Applications


Book Description

Through the rise of big data and the internet of things, terrorist organizations have been freed from geographic and logistical confines and now have more power than ever before to strike the average citizen directly at home. This, coupled with the inherently asymmetrical nature of cyberwarfare, which grants great advantage to the attacker, has created an unprecedented national security risk that both governments and their citizens are woefully ill-prepared to face. Examining cyber warfare and terrorism through a critical and academic perspective can lead to a better understanding of its foundations and implications. Cyber Warfare and Terrorism: Concepts, Methodologies, Tools, and Applications is an essential reference for the latest research on the utilization of online tools by terrorist organizations to communicate with and recruit potential extremists and examines effective countermeasures employed by law enforcement agencies to defend against such threats. Highlighting a range of topics such as cyber threats, digital intelligence, and counterterrorism, this multi-volume book is ideally designed for law enforcement, government officials, lawmakers, security analysts, IT specialists, software developers, intelligence and security practitioners, students, educators, and researchers.




Split Manufacturing of Integrated Circuits for Hardware Security and Trust


Book Description

Globalization of the integrated circuit (IC) supply chains led to many potential vulnerabilities. Several attack scenarios can exploit these vulnerabilities to reverse engineer IC designs or to insert malicious trojan circuits. Split manufacturing refers to the process of splitting an IC design into multiple parts and fabricating these parts at two or more foundries such that the design is secure even when some or all of those foundries are potentially untrusted. Realizing its security benefits, researchers have proposed split fabrication methods for 2D, 2.5D, and the emerging 3D ICs. Both attack methods against split designs and defense techniques to thwart those attacks while minimizing overheads have steadily progressed over the past decade. This book presents a comprehensive review of the state-of-the-art and emerging directions in design splitting for secure split fabrication, design recognition and recovery attacks against split designs, and design techniques to defend against those attacks. Readers will learn methodologies for secure and trusted IC design and fabrication using split design methods to protect against supply chain vulnerabilities.




Modeling and Design of Secure Internet of Things


Book Description

An essential guide to the modeling and design techniques for securing systems that utilize the Internet of Things Modeling and Design of Secure Internet of Things offers a guide to the underlying foundations of modeling secure Internet of Things' (IoT) techniques. The contributors—noted experts on the topic—also include information on practical design issues that are relevant for application in the commercial and military domains. They also present several attack surfaces in IoT and secure solutions that need to be developed to reach their full potential. The book offers material on security analysis to help with in understanding and quantifying the impact of the new attack surfaces introduced by IoT deployments. The authors explore a wide range of themes including: modeling techniques to secure IoT, game theoretic models, cyber deception models, moving target defense models, adversarial machine learning models in military and commercial domains, and empirical validation of IoT platforms. This important book: Presents information on game-theory analysis of cyber deception Includes cutting-edge research finding such as IoT in the battlefield, advanced persistent threats, and intelligent and rapid honeynet generation Contains contributions from an international panel of experts Addresses design issues in developing secure IoT including secure SDN-based network orchestration, networked device identity management, multi-domain battlefield settings, and smart cities Written for researchers and experts in computer science and engineering, Modeling and Design of Secure Internet of Things contains expert contributions to provide the most recent modeling and design techniques for securing systems that utilize Internet of Things.




Principles of Secure Processor Architecture Design


Book Description

With growing interest in computer security and the protection of the code and data which execute on commodity computers, the amount of hardware security features in today's processors has increased significantly over the recent years. No longer of just academic interest, security features inside processors have been embraced by industry as well, with a number of commercial secure processor architectures available today. This book aims to give readers insights into the principles behind the design of academic and commercial secure processor architectures. Secure processor architecture research is concerned with exploring and designing hardware features inside computer processors, features which can help protect confidentiality and integrity of the code and data executing on the processor. Unlike traditional processor architecture research that focuses on performance, efficiency, and energy as the first-order design objectives, secure processor architecture design has security as the first-order design objective (while still keeping the others as important design aspects that need to be considered). This book aims to present the different challenges of secure processor architecture design to graduate students interested in research on architecture and hardware security and computer architects working in industry interested in adding security features to their designs. It aims to educate readers about how the different challenges have been solved in the past and what are the best practices, i.e., the principles, for design of new secure processor architectures. Based on the careful review of past work by many computer architects and security researchers, readers also will come to know the five basic principles needed for secure processor architecture design. The book also presents existing research challenges and potential new research directions. Finally, this book presents numerous design suggestions, as well as discusses pitfalls and fallacies that designers should avoid.




Sandworm


Book Description

"With the nuance of a reporter and the pace of a thriller writer, Andy Greenberg gives us a glimpse of the cyberwars of the future while at the same time placing his story in the long arc of Russian and Ukrainian history." —Anne Applebaum, bestselling author of Twilight of Democracy The true story of the most devastating act of cyberwarfare in history and the desperate hunt to identify and track the elite Russian agents behind it: "[A] chilling account of a Kremlin-led cyberattack, a new front in global conflict" (Financial Times). In 2014, the world witnessed the start of a mysterious series of cyberattacks. Targeting American utility companies, NATO, and electric grids in Eastern Europe, the strikes grew ever more brazen. They culminated in the summer of 2017, when the malware known as NotPetya was unleashed, penetrating, disrupting, and paralyzing some of the world's largest businesses—from drug manufacturers to software developers to shipping companies. At the attack's epicenter in Ukraine, ATMs froze. The railway and postal systems shut down. Hospitals went dark. NotPetya spread around the world, inflicting an unprecedented ten billion dollars in damage—the largest, most destructive cyberattack the world had ever seen. The hackers behind these attacks are quickly gaining a reputation as the most dangerous team of cyberwarriors in history: a group known as Sandworm. Working in the service of Russia's military intelligence agency, they represent a persistent, highly skilled force, one whose talents are matched by their willingness to launch broad, unrestrained attacks on the most critical infrastructure of their adversaries. They target government and private sector, military and civilians alike. A chilling, globe-spanning detective story, Sandworm considers the danger this force poses to our national security and stability. As the Kremlin's role in foreign government manipulation comes into greater focus, Sandworm exposes the realities not just of Russia's global digital offensive, but of an era where warfare ceases to be waged on the battlefield. It reveals how the lines between digital and physical conflict, between wartime and peacetime, have begun to blur—with world-shaking implications.




Software Supply Chain Security


Book Description

Trillions of lines of code help us in our lives, companies, and organizations. But just a single software cybersecurity vulnerability can stop entire companies from doing business and cause billions of dollars in revenue loss and business recovery. Securing the creation and deployment of software, also known as software supply chain security, goes well beyond the software development process. This practical book gives you a comprehensive look at security risks and identifies the practical controls you need to incorporate into your end-to-end software supply chain. Author Cassie Crossley demonstrates how and why everyone involved in the supply chain needs to participate if your organization is to improve the security posture of its software, firmware, and hardware. With this book, you'll learn how to: Pinpoint the cybersecurity risks in each part of your organization's software supply chain Identify the roles that participate in the supply chain—including IT, development, operations, manufacturing, and procurement Design initiatives and controls for each part of the supply chain using existing frameworks and references Implement secure development lifecycle, source code security, software build management, and software transparency practices Evaluate third-party risk in your supply chain