The rapid growth of the Internet of Things (IoT) has brought about significant challenges in terms of device security, particularly in the areas of authentication and identification. One of the key risks associated with IoT devices is the potential substitution of legitimate devices with counterfeit ones that exhibit similar characteristics, making them difficult to identify. To address this issue, there is a need to provide a secure identity to these devices, with the ability to verify their authenticity and prevent the substitution of hardware with devices with 'similar' characteristics. In this context, Physically Unclonable Functions (PUFs) and Static Random Access Memory (SRAM) have emerged as potential solutions. By incorporating PUFs and SRAM-based techniques into IoT device security frameworks, our contribute is the development of more robust and reliable solutions for addressing the challenges associated with device au-thentication and identification in the IoT ecosystem. In summary, given an electronic device (e.g., a sensor) connected to a PUF-based identification tag (ID tag) via a hardwired interface, the primary goal of this work is to prevent hardware substitution attack consisting of replacing a different device to the same ID tag. To this end, we enable the verification of the original device's identity through the reading of its SRAM memory. By doing so, we establish a robust mechanism to ensure that the device is genuine and has not been replaced with a counterfeit one. In this work, we also introduce an 'enhanced helper' based on machine learning techniques, which demonstrates a remarkable ability to reconstruct SRAM readings, with greater accuracy and precision. This integration represents a significant leap forward in bolstering the security and trustworthiness of electronic systems, particularly in applications where device authenticity is paramount.
Security of IoT Devices with PUF-Based ID Tags: Preventing Hardware Substitution by Combining SRAM Cells Pattern Signature and ML Techniques
Felicetti C.
Conceptualization
;Rullo A.Methodology
;Sacca D.Conceptualization
2023-01-01
Abstract
The rapid growth of the Internet of Things (IoT) has brought about significant challenges in terms of device security, particularly in the areas of authentication and identification. One of the key risks associated with IoT devices is the potential substitution of legitimate devices with counterfeit ones that exhibit similar characteristics, making them difficult to identify. To address this issue, there is a need to provide a secure identity to these devices, with the ability to verify their authenticity and prevent the substitution of hardware with devices with 'similar' characteristics. In this context, Physically Unclonable Functions (PUFs) and Static Random Access Memory (SRAM) have emerged as potential solutions. By incorporating PUFs and SRAM-based techniques into IoT device security frameworks, our contribute is the development of more robust and reliable solutions for addressing the challenges associated with device au-thentication and identification in the IoT ecosystem. In summary, given an electronic device (e.g., a sensor) connected to a PUF-based identification tag (ID tag) via a hardwired interface, the primary goal of this work is to prevent hardware substitution attack consisting of replacing a different device to the same ID tag. To this end, we enable the verification of the original device's identity through the reading of its SRAM memory. By doing so, we establish a robust mechanism to ensure that the device is genuine and has not been replaced with a counterfeit one. In this work, we also introduce an 'enhanced helper' based on machine learning techniques, which demonstrates a remarkable ability to reconstruct SRAM readings, with greater accuracy and precision. This integration represents a significant leap forward in bolstering the security and trustworthiness of electronic systems, particularly in applications where device authenticity is paramount.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.