At-Scale Detection of Hardware Trojans on Chip Circuits
Navy SBIR 2020.1 - Topic N201-076
ONR - Ms. Lore-Anne Ponirakis - loreanne.ponirakis@navy.mil
Opens: January 14, 2020 - Closes: February 12, 2020 (8:00 PM ET)

N201-076

TITLE: At-Scale Detection of Hardware Trojans on Chip Circuits

 

TECHNOLOGY AREA(S): Electronics, Ground/Sea Vehicles, Information Systems

ACQUISITION PROGRAM: Innovative Naval Prototype (INP) - Total Platform Cyber Protection (TPCP), PMW-160, PMW-170

The technology within this topic is restricted under the International Traffic in Arms Regulation (ITAR), 22 CFR Parts 120-130, which controls the export and import of defense-related material and services, including export of sensitive technical data, or the Export Administration Regulation (EAR), 15 CFR Parts 730-774, which controls dual use items. Offerors must disclose any proposed use of foreign nationals (FNs), their country(ies) of origin, the type of visa or work permit possessed, and the statement of work (SOW) tasks intended for accomplishment by the FN(s) in accordance with section 3.5 of the Announcement. Offerors are advised foreign nationals proposed to perform on this topic may be restricted due to the technical data under US Export Control Laws.

OBJECTIVE: Develop a method to scan chips on devices at scale to detect malicious implants known as hardware trojans. The Office of Naval Research (ONR) is seeking approaches that are non-destructive, do not require chip removal, and can scan boards and several devices in a timely fashion.

DESCRIPTION: Within the Navy there is a push to improve cybersecurity at all levels from application down to hardware. Many chips are made in other countries and potential hardware trojans could either exfil information or disable critical Navy systems such as weapons, communications, navigation, etc.

The Federal Government and its civilian workforce purchase vast quantities of electronics technologies. Much of this technology is provided from other countries. Supply chain attacks are realistic events. The Navy, DoD, and Federal Government must defend against malicious implants in chip technology. Analyzing chips is a difficult, tedious, and time-consuming task. It quite often involves destructive testing on a sample amount, chip removal, and some amount of delayering. This approach is not realistic due to the quantities of chips on boards in devices that may be suspicious. ONR is requesting approaches that are non-destructive; do not require decapping/delayering/desoldering; and can be implemented by simply removing the cover and possibly the entire board from the inherent device and then scanned for potential threats, specifically malicious hardware implants. The desired capability should be able to identify chip technology on the boards and make associated references to any existing/provided designs and/or operational capabilities/specifications. Please keep in mind that total or complete knowledge about the chip may not be available to the Government and any capability developed by the small business performer will need to address that possibility to be successful.

PHASE I: Demonstrate through a physical proof-of-concept or a model/simulation that the proposed approach is sound and feasible. The end result should be convincing from a physics perspective and from an ability to conduct this operation at scale on many chips. Develop a Phase II plan.

PHASE II: Develop a working prototype that is capable of maneuvering across a circuit board to asses all the chips.

PHASE III DUAL USE APPLICATIONS: It is expected that with the assistance of ONR, the performer will work with an acquisition group such as PMW-160 or PMW-170 (or another since this SBIR topic applies to many groups) to develop a system that could be used by Navy personnel (civilian or military) to detect the presence of hardware trojans on chips. A commercial device would also be appealing to many U.S. manufacturers selling any number of technologies to both businesses and consumers. Some examples include communications equipment, computers, and Internet of Things (IoT) devices.

REFERENCES:

1. Vashistha, Nidish, Lu, Hangwei, Shi, Qihang, Rahman, Mir, Woodard, Damon L., Asadizanjani, Navid and Tehranipoor, Mark. “Trojan Scanner Detecting Hardware Trojans with Rapid SEM Imaging Combined with Image Processing and Machine Learning.” 44th International Symposium for Testing and Failure Analysis, Phoenix, Arizona,October 2018.
https://www.researchgate.net/publication/329427319_Trojan_Scanner_Detecting_Hardware_Trojans_with_Rapid_SEM_Imaging_Combined_with_Image_Processing_and_Machine_Learning

2. Skorobogatov, Sergei and Woods, Christopher. “Breakthrough Silicon Scanning Discovers Backdoor in Military Chip.” CHES 2012: Cryptographic Hardware and Embedded Systems – CHES 2012 pp 23-40.
https://link.springer.com/chapter/10.1007/978-3-642-33027-8_2

3. Piwnicki, Paul and Scherrer, Paul. “3-D X-ray imaging makes the finest details of a computer chip visible.” Paul Scherrer Institute, March 16, 2017.
https://phys.org/news/2017-03-d-x-ray-imaging-finest-chip.html

KEYWORDS: Reverse Engineering; Hardware Trojan; Chip Scanning; Cybersecurity; Supply Chain