Robust secure design by increasing the resilience of Attack Protection Blocks

Abstract

The state of art secure digital computing systems heavily rely on secure hardware as the Trusted Computing Base to build upon the chain of trust for trusted computing. Attack Protection Blocks are added to the hardware to prevent an adversary from bypassing the security provided by hardware using various side channel, voltage, frequency, temperature, and other attacks. However, attackers can target the security protection features by designing experiments to understand the underlying power distribution network and its possible weaknesses. This can be used to temporarily turn off or damage the protection features by manipulation of the digital and analog voltage lines if over- and/or under- voltage protection for protection blocks is not present. Usually, in designs, the necessity of such protection has been overlooked just by the assumption that the probability of bypassing the protection without losing the functionality of the system is low. In this context, we present a robust system design approach which will enable the system to transition to a security safe (instead of unsafe) failure mode by increasing resilience of protection blocks against over- and under- voltage attacks. We show by probabilistic modeling why such attacks are possible and why our mitigation approach works.