Device identification, as human identification has been, has become critical to mitigate growing security problems. In the era of ubiquitous computing, it is important to ensure universal device identities that are versatile in number of ways, for example, to enhance computer security or to enable large-scale data capture, management and analysis. For device identities, simple labeling works only if they are properly managed under a highly controlled environment. We can also impose hard-coded serial numbers into non-volatile memories but it is well known that this is expensive and vulnerable to security attacks. Hence, it is desirable to develop reliable and secure device identification methods using fingerprint-like characteristics of the electronic devices.
As technology scales, process variation has become the most critical barrier to overcome for modern chip development. Ironically, there are some research works to exploit the aggressive process variation for the identification of individual devices. They find measurable physical characteristics that are unique to each integrated circuit. Among them, device identification using initial power-up values of SRAM cells, called SRAM fingerprints, has been emphasized lately in part due to the abundant availability of SRAM cells in modern microprocessors. More importantly, since the cross-coupled inverter structure of each SRAM cell amplifies even the small mismatches between two inverter nodes, it is thus very sensitive to and maximizes the effect of random process variation, making SRAM fingerprints to acquire great features as a naturally inherent device ID.
Therefore, this work focuses on achieving reliable device identification using SRAM fingerprints. As of date, this dissertation shows the most comprehensive feature characterization of SRAM fingerprints based on the large datasets measured from the real devices under various environmental conditions. SRAM fingerprints in three different process technologies—IBM 32nm SOI technology, IBM 65nm bulk technology, and TSMC 90nm low-k dielectric technology—have been investigated across different temperatures or voltages. By using formal statistical tools, the required features for SRAM fingerprints necessary to be usable as device IDs—uniqueness, randomness, independence, reproducibility, etc.—have been empirically proven.
As some of the previous works mentioned, there is an inherent unreliability of the initial states of SRAM cells so that there is always some chance of errors during identification process. It is observed that, under environmental variations, the instability aggravates even more. Most of the previous work, however, ignores the temperature dependence of the SRAM power-up values, which turns out to be critical against our past speculations and becomes a real challenge in realizing a reliable SRAM-based device identification. Note that temperature variation will not be negligible in many situations, for example, authentication of widely distributed sensors.
We show that it is possible to achieve SRAM-based device identification system that reliably operates under a wide range of temperatures. The proposed system is composed of three major steps: enrollment, system evaluation, and matching. During the enrollment process, power-up samples of SRAM fingerprints are captured from each manufactured device and the feature information or characterization identifier (CID) is characterized to generate a representative fingerprint value associated with the product device. By collecting the samples and the CIDs, system database gets constructed before distributing devices to the field. During the matching process, we take a single sample fingerprint of a power-cycle experiment, the field identifier (FID), and perform a match against a repository of CID’s of all manufactured devices. There is an additional monitoring subsystem, called system evaluation, that estimates the system accuracy with the system database. It controls the system parameters while maintaining the system accuracy requirement.
This work delivers a total-package statistical framework that raises design issues of each step and provides systematic solutions to deal with these inter-related issues. We provide statistical methods to determine sample size for the enrollment of chip identities, to generate the representative fingerprint features with the limited number of test samples, and to estimate the system performance along with the proposed system parameter values and the confidence interval of the estimation. A novel matching scheme is proposed to improve the system accuracy and increase population coverage under environmental variations, especially temperature variation. Several advanced mechanisms to exploit the instability for our benefit is also discussed along with supporting state-of-the-art circuit technologies. All these pioneering theoretical frameworks have been validated by the comprehensive empirical analysis based on the real SRAM fingerprint datasets introduced earlier.
The main contribution here is that this work provides a comprehensive interdisciplinary framework to enable reliable SRAM fingerprinting, even if the fingerprint, depending on ambient conditions, exhibits nondeterministic behaviors. Furthermore, the interdisciplinary bases introduced in our work are expected to provide generic fundamental methodologies that apply to device fingerprints in general, not just to SRAM fingerprints. (Abstract shortened by UMI.)
|Advisor:||Abraham, Jacob A.|
|Commitee:||Banerjee, Sanjay, Gebara, Fadi H., Pan, David Z., Touba, Nur A.|
|School:||The University of Texas at Austin|
|Department:||Electrical and Computer Engineering|
|School Location:||United States -- Texas|
|Source:||DAI-B 74/12(E), Dissertation Abstracts International|
|Keywords:||Computer security, Device identification, SRAM fingerprinting, Statistic matching, Trusted computing|
Copyright in each Dissertation and Thesis is retained by the author. All Rights Reserved
The supplemental file or files you are about to download were provided to ProQuest by the author as part of a
dissertation or thesis. The supplemental files are provided "AS IS" without warranty. ProQuest is not responsible for the
content, format or impact on the supplemental file(s) on our system. in some cases, the file type may be unknown or
may be a .exe file. We recommend caution as you open such files.
Copyright of the original materials contained in the supplemental file is retained by the author and your access to the
supplemental files is subject to the ProQuest Terms and Conditions of use.
Depending on the size of the file(s) you are downloading, the system may take some time to download them. Please be