Digital Twin for Secure Semiconductor Lifecycle Management: Prospects and Applications

Hasan Al Shaikh, Mohammad Bin Monjil, Shigang Chen, Farimah Farahmandi, Navid Asadizanjani, Mark Tehranipoor, and Fahim Rahman

Abstract

The expansive globalization of the semiconductor supply chain has introduced numerous untrusted entities into different stages of a device’s lifecycle, enabling them to compromise its security. To make matters worse, the increasing complexity in the design as well as aggressive time-to-market requirements of the newer generation of integrated circuits can lead either designers to unintentionally introduce security vulnerabilities or verification engineers to fail in detecting them earlier in design lifecycle, often due to the limitation of traditional verification and testing methodologies. These overlooked or undetected vulnerabilities can be exploited by malicious entities in subsequent stages of the lifecycle through an ever-widening variety of hardware attacks. The ability to ascertain the provenance of these vulnerabilities, after they have been unearthed at a later stage, becomes a pressing issue when the security assurance across the whole lifecycle is required to be ensured and generationally improved to thwart emerging attacks. We posit that if there is a malicious or unintentional breach of security policies of a device, it will be reflected in the form of anomalies in the data collected through traditional design, verification, validation, and testing activities throughout the lifecycle. With that, a digital simulacrum of a device’s lifecycle, called a digital twin (DT), can be formed by the data gathered from different stages to secure the lifecycle of the device. The DT can analyze the collected data through its constituent AI and data analytics algorithms to trace the origin of a detected hardware attack or vulnerability to the associated stage of the lifecycle. We refer to this functionality of the DT as Backward Trust Analysis. We also introduce the notion of Forward Trust Analysis which refers to the scalability and adaptability of the DT to unforeseen threats as they emerge. In this paper, we put forward a realization of intertwined relationships of security vulnerabilities with data available from the silicon lifecycle and formulate different components of an AI driven DT framework. The proposed DT framework leverages these relationships to achieve aforementioned security objectives through causality analysis, and thus accomplish end-to-end security-aware management of the entire semiconductor lifecycle. We put a perspective on how the limitations of existing ad-hoc-style security solutions can be overcome by the data oriented analysis that underpins our approach. With several threat and attack scenarios, we demonstrate how advanced modeling techniques can perform relational learning to identify such attacks. Finally, we provide potential future research avenues and challenges for realization of the digital twin framework to enable secure semiconductor lifecycle management

Note: This paper is a part of Future Hardware Security Research series.

Available format(s)
Publication info
Preprint. MINOR revision.
Keywords
Digital twinHardware security & trustSemiconductor lifecycle managementArtificial intelligenceRoot cause analysisStatistical relational learningElectronic supply chain securityBackward & forward trust
Contact author(s)
hasanalshaikh @ ufl edu
fahimrahman @ ece ufl edu
History
2022-04-06: last of 2 revisions
See all versions
Short URL
https://ia.cr/2022/258

CC BY

BibTeX

@misc{cryptoeprint:2022/258,
author = {Hasan Al Shaikh and Mohammad Bin Monjil and Shigang Chen and Farimah Farahmandi and Navid Asadizanjani and Mark Tehranipoor and Fahim Rahman},
title = {Digital Twin for Secure Semiconductor Lifecycle Management: Prospects and Applications},
howpublished = {Cryptology ePrint Archive, Paper 2022/258},
year = {2022},
note = {\url{https://eprint.iacr.org/2022/258}},
url = {https://eprint.iacr.org/2022/258}
}

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.