Systems and methods for detecting attacks against a digital circuit
First Claim
1. A system for detecting attacks against a hardware-implemented circuit, the hardware-implemented circuit comprising functional units, the system comprising:
- a micro-architectural target unit selected from among the functional units of the hardware-implemented circuit for monitoring;
a micro-architectural predictor unit, selected from among the functional units of the hardware-implemented circuit, configured to output predicted event messages representative of predicted micro-architectural output produced by the target unit in response to micro-architectural input provided by the predictor unit to the target unit;
a micro-architectural reactor unit selected from among the functional units of the hardware-implemented circuit arranged to receive actual micro-architectural output caused by the target unit in response to the micro-architectural input provided by the predictor unit to the target unit, the reactor unit further configured to output actual event messages representative of the actual micro-architectural output caused by the target unit in response to the micro-architectural input provided by the predictor unit to the target unit; and
a micro-architectural monitor unit arranged to receive the predicted event messages from the predictor unit and the actual event messages from the reactor unit;
wherein the monitor unit is configured to indicate an alarm based on a comparison of the predicted event messages received from the predictor unit and the actual event messages received from the reactor unit; and
wherein the predicted event messages each comprise one of;
i) a predicted event bit generated by the predictor unit for each micro-architectural transaction predicted to be caused by the target unit in response to the micro-architectural input provided by the predictor unit to the target unit, and wherein, when the predicted event messages each comprise a respective predicted event bit, the actual event messages each comprise an actual event bit generated by the reactor unit for each actual micro-architectural transaction caused by the target unit in response to the micro-architectural input provided by the predictor unit to the target unit, and wherein a bit total discrepancy between a predicted number of bits predicted by the predictor unit and an actual number of bits generated by the reactor unit is indicative of an emitter backdoor implementation in the target unit;
or ii) a predicted event value generated by the predictor unit representative of a predicted instruction type for a predicted instruction provided by the target unit to the reactor unit in response to the micro-architectural input provided by the predictor unit to the target unit, and wherein, when the predicted event message each comprise a respective predicted event value, the actual event messages each comprise an actual event value generated by the reactor unit representative of an actual instruction type for an actual instruction provided by the target unit to the reactor unit in response to the micro-architectural input provided by the predictor unit to the target unit, and wherein an instruction type value discrepancy between the predicted event value generated by the predictor unit and the actual event value generated by the reactor unit is indicative of a corruptor backdoor implementation in the target unit.
1 Assignment
0 Petitions
Accused Products
Abstract
Systems and methods for detecting design-level attacks against a digital circuit which includes various functional units. A target unit is selected from among the functional units for monitoring and a predictor unit is arranged to receive events before they reach the target unit. A reactor unit is selected from among the functional units of the digital circuit which are arranged to receive events after they pass through the target unit. A monitor unit is arranged to receive predicted event messages from the predictor unit and actual event messages from the reactor unit. The monitor unit is configured to indicate an alarm based on a comparison of the predicted event messages received from the predictor unit and the actual event messages received from the reactor unit.
20 Citations
28 Claims
-
1. A system for detecting attacks against a hardware-implemented circuit, the hardware-implemented circuit comprising functional units, the system comprising:
a micro-architectural target unit selected from among the functional units of the hardware-implemented circuit for monitoring;
a micro-architectural predictor unit, selected from among the functional units of the hardware-implemented circuit, configured to output predicted event messages representative of predicted micro-architectural output produced by the target unit in response to micro-architectural input provided by the predictor unit to the target unit;
a micro-architectural reactor unit selected from among the functional units of the hardware-implemented circuit arranged to receive actual micro-architectural output caused by the target unit in response to the micro-architectural input provided by the predictor unit to the target unit, the reactor unit further configured to output actual event messages representative of the actual micro-architectural output caused by the target unit in response to the micro-architectural input provided by the predictor unit to the target unit; and
a micro-architectural monitor unit arranged to receive the predicted event messages from the predictor unit and the actual event messages from the reactor unit;
wherein the monitor unit is configured to indicate an alarm based on a comparison of the predicted event messages received from the predictor unit and the actual event messages received from the reactor unit; and
wherein the predicted event messages each comprise one of;
i) a predicted event bit generated by the predictor unit for each micro-architectural transaction predicted to be caused by the target unit in response to the micro-architectural input provided by the predictor unit to the target unit, and wherein, when the predicted event messages each comprise a respective predicted event bit, the actual event messages each comprise an actual event bit generated by the reactor unit for each actual micro-architectural transaction caused by the target unit in response to the micro-architectural input provided by the predictor unit to the target unit, and wherein a bit total discrepancy between a predicted number of bits predicted by the predictor unit and an actual number of bits generated by the reactor unit is indicative of an emitter backdoor implementation in the target unit;
or ii) a predicted event value generated by the predictor unit representative of a predicted instruction type for a predicted instruction provided by the target unit to the reactor unit in response to the micro-architectural input provided by the predictor unit to the target unit, and wherein, when the predicted event message each comprise a respective predicted event value, the actual event messages each comprise an actual event value generated by the reactor unit representative of an actual instruction type for an actual instruction provided by the target unit to the reactor unit in response to the micro-architectural input provided by the predictor unit to the target unit, and wherein an instruction type value discrepancy between the predicted event value generated by the predictor unit and the actual event value generated by the reactor unit is indicative of a corruptor backdoor implementation in the target unit.- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 28)
-
24. A method of detecting attacks against a hardware-implemented circuit, the hardware-implemented circuit comprising functional units, the method comprising:
- selecting a micro-architectural target unit from among the functional units of the hardware-implemented circuit for monitoring;
providing a micro-architectural predictor unit, selected from among the functional units of the hardware-implemented circuit, configured to output predicted event messages representative of predicted micro-architectural output produced by the target unit in response to micro-architectural input provided by the predictor unit to the target unit;
selecting a micro-architectural reactor unit from among the functional units of the hardware-implemented circuit arranged to receive actual micro-architectural output caused by the target unit in response to the micro-architectural input provided by the predictor unit to the target unit, the reactor unit further configured to output actual event messages representative of the actual micro-architectural output caused by the target unit in response to the micro-architectural input provided by the predictor unit to the target unit; andproviding a micro-architectural monitor unit arranged to receive the predicted event messages from the predictor unit and the actual event messages from the reactor unit;
wherein the monitor unit is configured to indicate an alarm based on a comparison of the predicted event messages received from the predictor unit and the actual event messages received from the reactor unit; and
wherein the predicted event messages each comprise one of;
i) a predicted event bit generated by the predictor unit for each micro-architectural transaction predicted to be caused by the target unit in response to the micro-architectural input provided by the predictor unit to the target unit, and wherein, when the predicted event messages each comprise a respective predicted event bit, the actual event messages each comprise an actual event bit generated by the reactor unit for each actual micro-architectural transaction caused by the target unit in response to the micro-architectural input provided by the predictor unit to the target unit, and wherein a bit total discrepancy between a predicted number of bits predicted by the predictor unit and an actual number of bits generated by the reactor unit is indicative of an emitter backdoor implementation in the target unit;
or ii) a predicted event value generated by the predictor unit representative of a predicted instruction type for a predicted instruction provided by the target unit to the reactor unit in response to the micro-architectural input provided by the predictor unit to the target unit, and wherein, when the predicted event message each comprise a respective predicted event value, the actual event messages each comprise an actual event value generated by the reactor unit representative of an actual instruction type for an actual instruction provided by the target unit to the reactor unit in response to the micro-architectural input provided by the predictor unit to the target unit, and wherein an instruction type value discrepancy between the predicted event value generated by the predictor unit and the actual event value generated by the reactor unit is indicative of a corruptor backdoor implementation in the target unit. - View Dependent Claims (25, 26)
- selecting a micro-architectural target unit from among the functional units of the hardware-implemented circuit for monitoring;
-
27. A method of detecting attacks against a hardware-implemented circuit, the hardware-implemented circuit comprising functional units, the method comprising:
- receiving an event at a micro-architectural predictor unit selected from among the functional units of the hardware-implemented circuit;
outputting from the predictor unit a predicted event message representative of predicted micro-architectural output produced by a micro-architectural target unit in response to micro-architectural input, corresponding to the event, provided by the predictor unit to the target unit;
receiving the event at the target unit, selected from among the functional units of the hardware-implemented circuit, for monitoring;
receiving at a micro-architectural reactor unit, selected from among the functional units of the hardware-implemented circuit, actual micro-architectural output caused by the target unit in response to the micro-architectural input provided by the predictor unit to the target unit;
outputting from the reactor unit an actual event message representative of the actual micro-architectural output caused by the target unit in response to the micro-architectural input provided by the predictor unit to the target unit;
receiving at a micro-architectural monitor unit the predicted event message from the predictor unit and the actual event message from the reactor unit; and
determining, in the monitor unit, whether to produce an alarm indication based on a comparison of the predicted event message received from the predictor unit and the actual event message received from the reactor unit;
wherein the predicted event messages each comprise one of;
i) a predicted event bit generated by the predictor unit for each micro-architectural transaction predicted to be caused by the target unit in response to the micro-architectural input provided by the predictor unit to the target unit, and wherein, when the predicted event messages each comprise a respective predicted event bit, the actual event messages each comprise an actual event bit generated by the reactor unit for each actual micro-architectural transaction caused by the target unit in response to the micro-architectural input provided by the predictor unit to the target unit, and wherein determining, in the monitor unit, whether to produce the alarm indication comprises determining whether a bit total discrepancy between a predicted number of bits predicted by the predictor unit and an actual number of bits generated by the reactor unit, indicative of an emitter backdoor implementation in the target unit, exists;
or ii) a predicted event value generated by the predictor unit representative of a predicted instruction type for a predicted instruction provided by the target unit to the reactor unit in response to the micro-architectural input provided by the predictor unit to the target unit, and wherein, when the predicted event message each comprise a respective predicted event value, the actual event messages each comprise an actual event value generated by the reactor unit representative of an actual instruction type for an actual instruction provided by the target unit to the reactor unit in response to the micro-architectural input provided by the predictor unit to the target unit, and wherein determining, in the monitor unit, whether to produce the alarm indication comprises determining whether an instruction type value discrepancy between the predicted event value generated by the predictor unit and the actual event value generated by the reactor unit, indicative of a corruptor backdoor implementation in the target unit, exists.
- receiving an event at a micro-architectural predictor unit selected from among the functional units of the hardware-implemented circuit;
Specification