|
|
DSTO Publications Online >
DSTO Publications Online Repository >
DSTO Formal Reports >
Please use this identifier to cite or link to this item:
http://hdl.handle.net/1947/9736
|
| Title: | Towards Countering the Rise of the Silicon Trojan. |
| Report number: | DSTO-TR-2220 |
| AR number: | AR-014-344 |
| Classification: | Unclassified |
| Report type: | Technical Report |
| Authors: | Anderson, M.S.
North, C.J.G.
Yiu, K.K. |
| Issue Date: | 2008-12 |
| Division: | Command, Control, Communication and Intelligence Division |
| Abbreviation: | C3ID |
| Release authority: | Chief, Command, Control, Communication and Intelligence Division |
| Task sponsor: | N/A |
| Task number: | N/A |
| File number: | - |
| Pages or format: | 22 |
| References: | 33 |
| DSTORL/DEFTEST terms: | Computer security |
| Other descriptors: | Silicon trojan
Annex
Computer network attack
Computer network exploitation
Implant |
| Abstract: | The Trojan Horse has a venerable if unwelcome history and it is still regarded by many as the primary component in Computer Network Attack. Trojans have been the direct cause of significant economic loss over the years, and a large industry has grown to counter this insidious threat. To date, Trojans have in the vast majority taken the form of malicious software. However, more recent times have seen the emergence of what has been dubbed by some as the “Silicon Trojan”; these trojans are embedded
at the hardware level and can be designed directly into chips and devices. The complexity of the design of the device or chip in which they are embedded, coupled with the severe difficulty of evaluating
increasingly dense, proprietary hardware designs, can make their discovery extremely difficult. This paper explores the possible effectiveness of a Silicon Trojan, whether they form a credible ongoing threat, and describes possible approaches which can be used as countermeasures. |
| Executive summary: | The Trojan Horse has a venerable if unwelcome history and it is still regarded by
many as the primary component in Computer Network Attack. Trojans have been the
direct cause of significant economic loss over the years, and a large industry has grown to counter this insidious threat. To date, Trojans have in the vast majority taken the form of malicious software. However, more recent times have seen the emergence of what has been dubbed by some as the “Silicon Trojan”; these trojans are embedded at the hardware level and can be designed directly into chips and devices. The complexity of the design of the device or chip in which they are embedded, coupled with the severe difficulty of evaluating increasingly dense, proprietary hardware designs, can make their discovery extremely difficult. This paper explores the possible effectiveness of a Silicon Trojan, whether they form a credible ongoing threat, and describes possible approaches which can be used as countermeasures. An overview of the basic operation of a Silicon Trojan is given and the methods by which an attacker may exploit them are explored. The basis of a potential countermeasure approach is outlined. Using these countermeasures a number of applications of the Silicon
Harness are touched upon. These span a range of security goals from a Silicon Harness
tightly integrated into a system design targetting high assurance applications, through to Commercial Off The Shelf (COTS) appliances retrofitted with Silicon Harness components for cost effective rapidly deployed trojan hardening. A central theme of the Silicon Harness is the provision of affordable security within a cost sensitive market. |
| Appears in Collections: | DSTO Formal Reports
|
Items in DSTO Publications Online are protected by copyright, with all rights reserved, unless otherwise indicated.
|
