The Pains of Hardware Security: An Assessment Model of Real-World Hardware Security Attacks

IF 5.2 Q1 ENGINEERING, ELECTRICAL & ELECTRONIC

IEEE Open Journal of the Industrial Electronics Society Pub Date : 2025-04-16 DOI:10.1109/OJIES.2025.3561675

Sofia Maragkou;Lukas Rappel;Hendrik Dettmer;Thilo Sauter;Axel Jantsch

{"title":"The Pains of Hardware Security: An Assessment Model of Real-World Hardware Security Attacks","authors":"Sofia Maragkou;Lukas Rappel;Hendrik Dettmer;Thilo Sauter;Axel Jantsch","doi":"10.1109/OJIES.2025.3561675","DOIUrl":null,"url":null,"abstract":"From military applications to everyday devices, hardware (HW) security is more relevant than ever before. The supply chain of integrated circuits is global and involves multiple actors, which facilitate the implementation of various attacks. Its complexity increases the attack surfaces, violating not only the privacy of the users or even national security but also endangering human life. We review some of the publicly known HW attacks that have occurred and propose an assessment scheme for the attacks and the defense on hardware. Using this scheme, we relate the costs of attacks and defense and provide a structured landscape of HW attacks. To illustrate the utility of our assessment scheme, we apply it to a number of real-world and synthetic research cases. We observe a gap between the research use cases and the real-world attacks and envision that the comprehensive assessment of the attacks will enable the development of more suitable countermeasures. In addition, we revised the security policies for HW devices, and we conclude that the complexity and obscurity of the supply chain are key parameters impacting HW security, providing attack surfaces. Finally, we identify the demystification of the supply chain as the main strategy to mitigate this problem.","PeriodicalId":52675,"journal":{"name":"IEEE Open Journal of the Industrial Electronics Society","volume":"6 ","pages":"603-617"},"PeriodicalIF":5.2000,"publicationDate":"2025-04-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10966222","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Open Journal of the Industrial Electronics Society","FirstCategoryId":"1085","ListUrlMain":"https://ieeexplore.ieee.org/document/10966222/","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"ENGINEERING, ELECTRICAL & ELECTRONIC","Score":null,"Total":0}

引用次数: 0

Abstract

From military applications to everyday devices, hardware (HW) security is more relevant than ever before. The supply chain of integrated circuits is global and involves multiple actors, which facilitate the implementation of various attacks. Its complexity increases the attack surfaces, violating not only the privacy of the users or even national security but also endangering human life. We review some of the publicly known HW attacks that have occurred and propose an assessment scheme for the attacks and the defense on hardware. Using this scheme, we relate the costs of attacks and defense and provide a structured landscape of HW attacks. To illustrate the utility of our assessment scheme, we apply it to a number of real-world and synthetic research cases. We observe a gap between the research use cases and the real-world attacks and envision that the comprehensive assessment of the attacks will enable the development of more suitable countermeasures. In addition, we revised the security policies for HW devices, and we conclude that the complexity and obscurity of the supply chain are key parameters impacting HW security, providing attack surfaces. Finally, we identify the demystification of the supply chain as the main strategy to mitigate this problem.

查看原文本刊更多论文

硬件安全的痛苦：现实世界硬件安全攻击的评估模型

从军事应用到日常设备，硬件（HW）安全比以往任何时候都更加重要。集成电路的供应链是全球性的，涉及多个参与者，这为各种攻击的实施提供了便利。它的复杂性增加了攻击面，不仅侵犯了用户隐私甚至国家安全，还危及生命安全。我们回顾了一些已经发生的公开已知的硬件攻击，并提出了攻击和硬件防御的评估方案。使用此方案，我们将攻击和防御的成本联系起来，并提供硬件攻击的结构化景观。为了说明我们的评估方案的效用，我们将其应用于许多现实世界和综合研究案例。我们观察到研究用例与真实攻击之间的差距，并设想对攻击的全面评估将使开发更合适的对策成为可能。此外，我们修改了硬件设备的安全策略，我们得出结论，供应链的复杂性和隐蔽性是影响硬件安全的关键参数，提供了攻击面。最后，我们确定供应链的去神秘化是缓解这一问题的主要策略。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

IEEE Open Journal of the Industrial Electronics Society ENGINEERING, ELECTRICAL & ELECTRONIC-

CiteScore

10.80

自引率

2.40%

发文量

审稿时长

12 weeks

期刊介绍： The IEEE Open Journal of the Industrial Electronics Society is dedicated to advancing information-intensive, knowledge-based automation, and digitalization, aiming to enhance various industrial and infrastructural ecosystems including energy, mobility, health, and home/building infrastructure. Encompassing a range of techniques leveraging data and information acquisition, analysis, manipulation, and distribution, the journal strives to achieve greater flexibility, efficiency, effectiveness, reliability, and security within digitalized and networked environments. Our scope provides a platform for discourse and dissemination of the latest developments in numerous research and innovation areas. These include electrical components and systems, smart grids, industrial cyber-physical systems, motion control, robotics and mechatronics, sensors and actuators, factory and building communication and automation, industrial digitalization, flexible and reconfigurable manufacturing, assistant systems, industrial applications of artificial intelligence and data science, as well as the implementation of machine learning, artificial neural networks, and fuzzy logic. Additionally, we explore human factors in digitalized and networked ecosystems. Join us in exploring and shaping the future of industrial electronics and digitalization.