With the increased outsourcing of the fabrication of digital
Integrated Circuits (ICs), security is seen as a concern. The threat
agent is someone at the foundry, perhaps in collusion with a designer or
a user, that maliciously modifies ICs during fabrication, for example,
by inserting a backdoor. In this talk, I will discuss two pieces of
on-going work in this context.

The first piece is the realization and validation of a non-deterministic
hardware timer that can be used to trigger a backdoor. Prior work has
considered deterministic timers, i.e., those that go off with
probability 1, and has left open issues regarding the effectiveness,
from the standpoint an attacker, of non-deterministic timers, i.e.,
those that have a random component. Our work addresses these open issues
and shows that such timers can be realized with powerful properties to
an attacker, in a manner that the bar on potential defence mechanisms is
raised considerably.

The second piece of work I will discuss is a defence-mechanism that
leverages 3D IC technology that splits a circuit into multiple tiers,
each of which may be fabricated separately, and then stacked vertically
and connected using Through-Silicon Vias (TSVs). Prior work has proposed
that such technology can be used to secure digital ICs, but provides no
technical insight or details on how this would work. I will discuss our
work that proposes a concrete way of leveraging such technology for
security. This includes a characterization of security, and the
computational complexity of the underlying problem. I will discuss also
an approach we have implemented and present empirical results on
benchmark circuits, and a case-study of a circuit for DES.

(This is joint work with Frank Imeson and Siddharth Garg of the
University of Waterloo.)

Bio: Mahesh Tripunitara is an assistant professor in the ECE department
at the University of Waterloo in Canada, where he had been since 2009.
He works mostly in information security, on problems in access control,
conditional payments, cryptographic key transport and more recently,
computer hardware. He has a PhD in computer science from Purdue
University, and about 9 years of industry-experience.