PUF based FPGAs for Hardware Security and Trust

Hardware security threats have become a major issue in the technology sector and cyberspace. In 2011, more than 1300 counterfeit incidents were reported from around the world to the Electronic Resellers Association International (ERAI). The incidents reported in 2011 were more than double compared to the incidents reported in 2010 and 2008. The federal contract report states that counterfeiting of electronic parts has threatened the operability and reliability of the US weapons system. Electronic parts counterfeiting has become a very big business perpetrated by corrupt operators. Just like ASIC semiconductors, reconfigurable hardware is also prone to hardware security threats. The most commonly used reconfigurable hardware is the Field Programmable Gate Array (FPGA). Demand for FPGAs has increased as can be seen by the growth in FPGA companies such as Xilinx and Altera. Despite the increased demand and use of FPGAs in the market, there is a great concern that security is not currently a part of the FPGA hardware and software to the fullest extent. Design theft, and hardware tampering threats on FPGAs can be dealt using Ring Oscillator Physical Unclonable Function (ROPUF). A ROPUF takes advantage of the process variation on a silicon chip to generate a unique ID for the purpose of authentication. A ROPUF can be implemented on an FPGA chip to produce a unique ID for each FPGA chip. An adversary that tries to tamper with the ROPUF inadvertently changes the properties of the process variation in the silicon chip; thus any tampering attempt can be detected. In this research, ROPUF based hardware security for FPGAs is presented. A total of 50 Xilinx FPGAs are used in our investigation. Performance in terms of uniqueness and reliability is evaluated. The effects of temperature variation, voltage variation, and aging on these parameters are also studied. Our work shows that lower number of stages used in the Ring Oscillator (RO) offers better security feature. The lower number of stages used in ROs yield higher Challenge and Response Pairs (CRPs). The higher number of CRPs contributes to higher security. In addition, we have introduced a technique called Random Patch Mixer (RPM) to minimize the systematic variations effect on the frequency generated from ROPUFs on FPGA. The results obtained by using RPM technique are shown to be better than other techniques that have been proposed before. The responses generated from ROPUF after applying the RPM technique passed most of the NIST statistical test for randomness. Finally, we show how the ROPUF can be used for the security of a Smart Grid. The security of ROPUF system is also tested using support vector machine (SVM). The SVM is trained using a large data set of challenges to predict the response sets. Results obtained show that the SVM fails to predict ROPUF responses based on the challenges, thus enhancing the security offered by the proposed authentication system.