Distinguished Speaker Series
Speaker: Dr. Ken Plaks, Program Manager at Defense Advanced Research Projects Agency (DARPA)
Location: Reitz Union, Room 2355, University of Florida
Date and Time: Wednesday, 2/27 @ 2:30 pm
Title: Obfuscated Manufacturing for GPS – Using Hardware Obfuscation for Trusted-by-Design IC Manufacturing
Abstract: As integrated circuit manufacturing becomes increasingly global and the availability of domestically produced advanced transistor nodes shrinks, security vulnerabilities within the supply chain become a significant issue for IC defense applications. In this talk, we will present some of DARPA’s efforts towards creating an active community and tool library for circuit design obfuscation in an effort to achieve trusted-by-design IC manufacturing at international foundries. By using a combination of techniques, our goal is to make the placement and triggering of hardware Trojans more difficult and their detection easier, and to make reverse engineering intractable within the window of vulnerability. We will discuss the development of obfuscation assessment metrics and tradeoffs in power, area, and timing overhead, and the creation of an obfuscation technique library to help identify optimal obfuscation strategies in future IC design.
Speaker: Dr. Cynthia Sturton
Location: University of Florida, LAR 310
Date and Time: April 11, 2019 at 11:45 am
Title: Hardware is the New Software: Finding Exploitable Bugs in Hardware Designs
Abstract:Bugs in hardware designs can create vulnerabilities that open the machine to malicious exploit. Despite mature functional validation tools and new research in designing secure hardware, the question of how to find and recognize those bugs remains open. My students and I have developed two tools in response to this question. The first is a security specification miner; it semi-automatically identifies security-critical properties of a design specified at the register transfer level. The second tool, Coppelia, is a symbolic execution engine that explores a hardware design and generates complete exploits for the security bugs it finds. We use Coppelia and our set of generated security properties to find new bugs in the open-source RISC-V and OR1k CPU architectures.
Speaker: Dr. Soumyajit Mandal
Location: University of Florida, LAR 234
Date and Time: 2:00 pm EST, July 30, 2018
Title: Materials Authentication Using Nuclear Quaddruple Resonance Spectroscopy
Abstract:Counterfeit and substandard pharmaceuticals, dietary supplements, and food items containing extremely harmful contaminants have emerged as a major worldwide health problem. High-value items such as packaged medicines, which are often sold online through untrusted supply chains, are particularly prone to fraud. The trade in such illicit medicines is worth tens of billions of dollars annually, and these products now account for about 20% of all illegal goods seized at national borders. This talk describes novel low-cost materials authentication techniques that enable end users (including the general public) to easily and reliably verify the chemical composition of medicines and dietary supplements. The widespread adoption of the proposed authentication technology is expected to eventually have a major positive impact on public health both domestically and internationally by significantly enhancing the security of the supply chain for pharmaceuticals and food products.
The proposed authentication approach is based on comparing the Nuclear Quadrupole Resonance (NQR) spectra generated by the material under test with reference spectra stored in a secure database. About 50% of all the atoms in the periodic table contain so-called quadrupolar nuclei that generate NQR signals. We have focused on the spectra of nitrogen (14N), which is found in a large majority of pharmaceutical products. NQR spectra are highly sensitive to chemical composition and physical properties and thus act as unique “chemical fingerprints” that are difficult to emulate or falsify. Moreover, the technique is non-invasive, non-destructive, quantitative, and can be implemented using miniaturized low-cost instrumentation. The talk will describe a variety of measurement and data analysis techniques to improve the sensitivity and specificity of NQR-based chemical fingerprinting. The final goal is to incorporate these methods within an easy-to-use portable materials authentication device. Systematic surveys and field trials will be conducted using this device in order to verify the effectiveness of the proposed approach in detecting fraud substances; to quantify potential health benefits; and also to expand the size and quality of the reference database.
Speaker: Marilyn Wolf
Location: University of Florida, LAR 310
Date and Time: 11:45 am EST, April 25, 2018
Title: Safe and Secure Cyber-Physical and IoT Systems
Abstract: Cyber-physical and Internet-of-Things (IoT) systems operate in many important, safety-critical environments. Safety and security have traditionally been separate disciplines: safety from traditional engineering, security from computer science. The advent of cyber-physical systems that tightly couple computers and physical systems mean that we can no longer treat these topics as separate. The first part of this talk will discuss the interactions between safety and security in cyber-physical systems and IoT, including the combination of design constraints (long deployment life, low total-cost-of-ownership, low power) that influence design decisions.
The second part of this talk will concentrate on one approach to improve safety and security of cyber-physical and IoT systems. Service-oriented architectures are widely used in information processing and Web technologies to provide scalable access to resources in distributed systems and extensible applications. However, many traditional service-oriented architectures are designed for transaction processing. In contrast, cyber-physical systems used for real-time control require quality-of-service constraints and graceful handling of failures to provide requested services. Furthermore, given the long lives of cyber-physical systems, we must be able to guarantee QoS properties as we add new services after deployment. We will discuss a series of abstractions for cyber-physical systems that guarantee quality-of-service properties are maintained both for a single service and for a composition of services.
Speaker: Sanu Mathew, Senior Principal Engineer at Intel and IEEE Fellow
Location: University of Florida, LAR 234
Date and Time: 1 pm EST, April 20, 2018
Title: Ultra-lightweight All-digital Static/Dynamic Entropy Generator Circuits for Securing IoT Platforms
Abstract: High-entropy cryptographic-quality keys and IDs are the bedrock of security for lightweight IoT platforms. Static entropy generators are used to produce a device-specific ID, that is random in space, with each die on a wafer generating a unique time-stable value. Dynamic entropy generators on the other hand, generate uncorrelated time-variant random values to be used as encryption keys. This talk will cover design details of: (i) Delay-hardened hybrid Physically Unclonable Function (PUF) circuit to generate a 100% stable ID. (ii) All-digital True Random Number Generator (TRNG) circuit with ultra-lightweight entropy extraction. We will also discuss the effect of aging on these circuits and techniques to handle process-voltage-temperature induced variations over the lifetime of the die.
Speaker: Donna Dodson, Deputy Cyber Security Advisor at NIST
Location: University of Florida, NEB Room 100
Date and Time: 4 pm EST, December 1, 2015
Live Stream link: https://www.youtube.com/watch?v=z8vmpFtKLn8
Title: National Cybersecurity Challenges and NIST
Abstract: Today, we are dependent on information technology and the digital infrastructure in every aspect of our lives, in every aspect of the national economy and in every aspect of our national defense. We use digital information, information systems and the pervasive connectivity through vast networks like the Internet to help carry out important business activities. In order for the industry, government and academia to be successful in protecting their core missions and business operations, while at the same time protecting the security and privacy considerations of individuals, the information technology that is routinely deployed must be dependable. And in order for that technology to be dependable, it must be protected. The National Institute of Standards and Technology (NIST) plays a major role in research and development of technologies to provide protection for information and the communication infrastructure as well as the needed standards, tests and metrics for those technologies. This talk will provide an overview of NIST’s work and describe how people can partner with NIST in these areas.