Engineer Developing Methods to Detect Tampering in Computer Chips

Mohammad Tehranipoor, assistant professor of electrical and computer engineering. Photo by Christopher LaRosa

Mohammad Tehranipoor, assistant professor of electrical and computer engineering. Photo by Christopher LaRosa

Integrated circuits, or chips, provide the “brains” for virtually everything electronic, from cell phones, microwave ovens, and automobiles, to radar, computers, and fighter jets. Yet these circuits are extremely vulnerable to intentional tampering.

Armed with a new $400,000, five-year National Science Foundation CAREER Award, Mohammad Tehranipoor, an assistant professor of electrical and computer engineering in the School of Engineering, aims to develop techniques for identifying chips that have been deliberately compromised.

The funding will enable Tehranipoor to conduct research aimed at detecting and localizing so-called hardware “Trojans” in integrated circuits.

Named after the Trojan horse the ancient Greeks used to infiltrate and defeat the city of Troy, a hardware Trojan, says Tehranipoor, is a small piece of circuit designed to disable and/or destroy a system at some future time – often referred to as a “time bomb” – or to leak confidential information covertly to the enemy.

Tehranipoor says that, for economic reasons, most integrated circuits and microprocessors are designed, fabricated, and packaged overseas, rendering them more vulnerable to malicious activities, and raising serious concerns regarding possible threats to U.S. military systems, financial infrastructures, transportation security, and even household appliances.

The task of pre-testing chips is enormous, and although they typically undergo hundreds of millions of logic gate tests, not every chip and not every function is tested. Instead, tests focus on determining baseline metrics, such as how much power a chip consumes, what layout structures are inherent in the chip, and how well a chip performs the specific application functions needed. Maliciously hidden circuitry that produces no disruption in the chip’s normal functions will not necessarily be detected using these tests.

Verifying the trustworthiness of an integrated circuit, a process called IC authentication, is very complex, since there is no information about the type, size, and location of the Trojans.

Tehranipoor’s research centers on the types of cyber-assaults in which the attacker is assumed to maliciously alter the design before or during fabrication – a type of alteration that is extremely difficult to detect.

His efforts focus on developing methods to detect design- and fabrication-level malicious alterations, and methods that reveal deliberate tampering that affects the chip’s reliability, such as changing the chip’s functionality at critical times while it is operating.

Tehranipoor has developed a post-manufacturing step to confirm that the chip performs as it was originally intended.

He believes his IC authentication technique will be of significant interest to a broad array of users, including many semiconductor companies that outsource device fabrication and government agencies.

His authentication method will also offer the public greater confidence in the security of electronic healthcare records, defense weapons, and computing platforms for intelligence, weather forecasting, and transportation.

Tehranipoor, who joined UConn in 2006, received the 2008 IEEE Computer Society Meritorious Service Award for his contributions in planning a number of IEEE workshops and symposia in 2007 and 2008.

He has garnered a number of Best Paper awards, and is frequently invited to speak at academic conferences and to semiconductor companies.

Tehranipoor received his Ph.D. degree from the University of Texas-Dallas in 2004. He is one of 19 current engineering faculty members to hold a CAREER Award.