Proposed Activities | Previous and Current Activities | Contact Us
Semiconductor-based hardware is the foundation of modern-day electronics. Electronics are ubiquitous in our daily lives: from smartphones, computers, and telecommunication to transportation and critical infrastructure like power grids and waterways. The semiconductor hardware supply chain is a complex network consisting of many companies that collectively provide intellectual property, create designs, provide raw materials, and manufacture, test, package, and distribute products. Coordination among these companies is required at different stages from inception to end user, as well as maintenance during use and eventually disposal or end of life. Securing semiconductors and hardware and their supply chains helps protect sensitive information, maintain integrity of systems, and ensure overall stability across the infrastructure and connected world.
NIST’s Hardware Security Program builds on NIST leadership, expertise, and experience in foundational and applied cybersecurity research, measurement, standards, and guidance development, with NIST working in collaboration with industry, academia, and other government agencies. The program is focused on identifying existing and emerging cybersecurity threats and developing mitigation techniques for semiconductors. This includes developing cybersecurity and supply chain standards, guidance, and recommended practices in collaboration with the community. The program emphasizes the use of automated cybersecurity tools and techniques throughout the development lifecycle of the semiconductor and components and maintaining the security of the development and manufacturing environments. Strong emphasis is placed on developing cybersecurity measurements and metrics in the form of reference data sets to support the testing, attestation, certification, and verification of the semiconductor and its components. A final objective is development of a skilled workforce with emphasis on cybersecurity to support the industry.
NIST's Hardware Security Program is planning on performing the following activities grouped by topic area: Hardware Development Lifecycle, Metrology, Hardware/Silicon Testing, Vulnerability Management, and Standards.
- Establish a Standardized Secure Development Framework for Semiconductors: Leverage the NIST Secure Software Development Framework (SSDF) in collaboration with the semiconductor industry to produce a holistic framework to secure the development of both software and hardware, in particular semiconductors, throughout their respective development life cycles, then demonstrate the new framework’s effectiveness via pilot implementations to increase trust in semiconductors.
- Holistic Risk-Based Security of Semiconductor Development and Manufacturing: Collaborate with the semiconductor industry to develop a NIST Cybersecurity Framework Profile tailored specifically for the semiconductor industry to manage cyber risk, taking into account the industry’s unique threats, environments, and technologies, and then demonstrate the Profile’s effectiveness via pilot implementations.
- Architecting Security in Modern-Day SoC (System On Chip): Architects of modern-day semiconductor designs have to incorporate hardware and software co-design considerations with considerations of heterogenous components packaged together. Based on currently established practices, this project will create principles, guidelines, and recommended practices to architect a modern-day SoC.
- Develop Metrics for Design-for-Trust Techniques: Design-for-trust techniques such as camouflaging/obfuscation, split manufacturing, logic locking, metering, and watermarking are used to mitigate threats related to IP piracy, reverse engineering, and hardware trojans. However, some of these techniques lack measurements and metrics to quantify their effectiveness to support design, manufacturing, and business decisions to instill trust in the silicon. This effort will research, analyze, and quantify the effectiveness of existing design-for-trust techniques. The resulting novel measurements and metrics will be documented, implemented, and validated for their robustness and effectiveness.
- Metrology for Holistic Assessment of Power Side-Channel Leakage Across the Development Life Cycle: Power side-channel leakage (PSCL) is becoming a critical consideration for chip design, particularly for those devices deployed in military, financial, and healthcare applications that demand a high level of security assurance and privacy protection. Today, accurate measurement of a design’s PSCL can only be done after manufacturing of the device by collecting millions of power traces. We intend to provide analysis tools and methodologies to estimate a chip design’s PSCL more accurately at each abstraction level in the design process. This will allow the designer to make critical design decisions to optimize PSCL in the manufactured device and reduce the probability of silicon re-spins.
- Metrology for Analog Signal Security: Studies have shown that analog circuits and analog intellectual property (IP) are the most commonly counterfeited products for two primary reasons: analog circuit products offer higher profit margins than other products, and there is a lack of effective IP protection methods in place. Analog circuits typically serve as actuators, sensors, and controllers in a wide range of products, spanning from home security systems to jet engines. The two objectives of this project are: 1) to conduct comprehensive research, analysis, development, and demonstration of innovative techniques aimed at enhancing the security of analog systems; and 2) to develop metrology for analog-enabled security, which will ensure the security and trustworthiness of the entire system. This includes the detection of malware, authentication mechanisms, and the establishment of product provenance, among other crucial security aspects.
- Combinatorial Methods for Circuit Evaluation and Failure Analysis: Combinatorial test and measurement methods have demonstrated 20% to 30% cost reductions and more effective testing for complex software. Detection of security vulnerabilities and ultra-rare defects is significantly better than conventional test methods. Combinatorial testing compresses all t-way combinations of parameter values into very small test arrays, so that it is in many ways comparable to exhaustive testing. As over half the cost for a new chip design is from functional verification, extending combinatorial testing to semiconductor design problems has the potential to reduce total cost for a new design by 10% to 20%.
- Develop a Secure Hardware Assurance Reference Dataset (SHARD): Create a publicly accessible SHARD of hardware weakness test cases that include key weaknesses, faulty chip designs, and designs with fixes in order to test security tools and techniques intended to find, prevent, and mitigate vulnerabilities in order to help chip designers and technology researchers identify and mitigate software weaknesses in the security tools and techniques.
- Analysis of Data Extraction Countermeasures and Improved Characterization for Routing Integrity: Fault analysis and characterization techniques are used to locate defects in integrated circuits (IC) but can also be used to extract information/data from ICs or identify routing integrity issues (possibly indicating a hardware trojan). As feature sizes shrink, improved resolution techniques using electron beam imaging and characterization are emerging. This effort will leverage electron beam imaging and analysis techniques to extract data from prototype integrated circuits in order to develop, document, and verify the effectiveness of proposed countermeasures. In addition, it will apply machine learning and computer vision techniques to improve the performance of electron beam probing characterization techniques to improve routing assurance on interposer layers of advanced packaging technologies.
- Develop Vulnerability Management Data Standardization to Support Hardware/Silicon Vulnerabilities: Build on the two areas of data standardization related to 1) the Common Vulnerabilities and Exposures (CVE) record format to publicly disclose vulnerability information, and 2) the Vulntology data format currently under development by NIST used to detail key characteristics of a vulnerability, to support greater automated, actionable analysis and vulnerability response.
- Enable a Layered Approach for Securing Semiconductor Chips: Threats and Countermeasures: Draw upon the numerous government, academic, and industry research programs and publications to capture a catalog of threats, attack vectors, and methods to exploit the vulnerabilities in semiconductors and supply chains; produce practical and actionable detection and mitigation techniques to reduce the risk of supply chain cyber attacks, and demonstrate their effectiveness via pilot implementations in collaboration with industry.
- Introduce an Ontology of Firmware Bugs and Weaknesses, and a Repository of Formally Described Firmware Security Vulnerabilities: Use the NIST Bugs Framework (BF) approach and methodology to create a formal classification system of firmware security bugs and weaknesses and a dataset of formally described firmware security vulnerabilities by creating AI-based tools for automated document curation and vulnerability description generation to improve bug fixing and mitigation at chip provisioning, integration into products, and post-deployment maintenance.
- Improving Engagement with Standards Developing Organizations (SDOs) for Hardware Security Issues: SDOs have greatly accelerated efforts in integrating cybersecurity standards into all aspects of manufacturing, technologies, and services. The migration from discrete technical solutions to holistic standards combining life cycle, risk management, operational management, and supply chain aspects into an integrated process has greatly changed the landscape. With the insertion of cybersecurity in these systems and software standards, it has become clear that system (hardware) and software processes are not the same, causing separate standards activity. By tracking cybersecurity areas of interest, better engagement with the hardware security community is possible. This effort is to formulate and define a system to identify pertinent standards and the people supporting them. In this way NIST can research current guidance, identify communities of interest, and better integrate our research findings into the community.
- Data Interoperability Guidelines and Standards: Research and introduce interoperable standards to share and exchange large volumes of data generated by numerous steps in the semiconductor supply chain among systems from suppliers, manufacturers, testers, etc. while maintaining the data’s confidentiality, integrity, availability, and provenance.
Back to Top
Previous and Current Activities
For over a decade, NIST's Hardware-Enabled Security program has been exploring security techniques and technologies that can improve platform security and data protection for cloud data centers, edge computing, and other use cases and environments. Publications resulting from this work include the following.
- Validating the Integrity of Computing Devices (NIST SP 1800-34): The NCCoE collaborated with technology vendors to develop a prototype implementation in harmony with the National Initiative for Improving Cybersecurity in Supply Chains (NIICS), which emphasizes tools, technologies, and guidance focused on the developers and providers of technology. NIICS’ mission is to help organizations build, evaluate, and assess the cybersecurity of products and services in their supply chains. This project aligns with that mission by demonstrating how organizations can verify that the internal components of the computing devices they acquire are genuine and have not been tampered with. This prototype relies on device vendors storing information within each device and organizations using a combination of commercial off-the-shelf and open-source tools that work together to validate the stored information. By doing this, organizations can reduce the risk of compromise to products within their supply chains.
- Trusted Cloud: Security Practice Guide for VMware Hybrid Cloud Infrastructure as a Service (IaaS) Environments (NIST SP 1800-19): Organizations need to be able to monitor, track, apply, and enforce their security and privacy policies on their cloud workloads based on business requirements in a consistent, repeatable, and automated way. Building on previous NIST work, the NCCoE developed a trusted cloud solution that demonstrates how trusted compute pools leveraging hardware roots of trust can provide the necessary security capabilities. These capabilities not only provide assurance that cloud workloads are running on trusted hardware and in a trusted geolocation or logical boundary, but also improve the protections for the data in the workloads and data flows between workloads.
Trusted Geolocation in the Cloud: Proof of Concept Implementation (NIST IR 7904): The initial publication on this topic, released in 2015, explains selected security challenges involving Infrastructure as a Service (IaaS) cloud computing technologies and geolocation. It then describes a proof-of-concept implementation that was designed to address those challenges. The publication provides sufficient details so that organizations can reproduce the proof of concept if desired.
Hardware-Enabled Security: Enabling a Layered Approach to Platform Security for Cloud and Edge Computing Use Cases (NIST IR 8320): This report examines hardware-enabled security techniques and technologies that can improve platform security and data protection for cloud data centers and edge computing. It replaces the draft cybersecurity white paper, Hardware-Enabled Security for Server Platforms, which was released in April 2020. It has been updated to include additional capabilities and examples of technology.
Hardware-Enabled Security: Container Platform Security Prototype (NIST IR 8320A): This report explains an approach based on hardware-enabled security techniques and technologies for safeguarding container deployments in multi-tenant cloud environments. It also describes a proof-of-concept implementation of the approach—a prototype—that is intended to be a blueprint or template for the general security community.
Hardware-Enabled Security: Policy-Based Governance in Trusted Container Platforms (NIST IR 8320B): This report explains an approach for safeguarding container deployments in multi-tenant cloud environments, as well as a prototype implementation of the approach. This approach builds on the one from NIST IR 8320A by adding container image encryption and data access policies using different technology components.
Hardware-Enabled Security: Machine Identity Management and Protection (NIST IR 8320C): This report presents an effective approach for overcoming security challenges associated with creating, managing, and protecting machine identities throughout their lifecycle. It describes a proof-of-concept implementation, a prototype, that addresses those challenges. The report is intended to be a blueprint or template that the general security community can use to validate and utilize the described implementation.
Hardware-Enabled Security: Hardware-Based Confidential Computing (NIST IR 8320D): This report presents an effective approach for overcoming security challenges associated with creating, managing, and protecting machine identities throughout their lifecycle. It describes a proof-of-concept implementation, a prototype, that addresses those challenges by using hardware-based confidential computing. The report is intended to be a blueprint or template that the general security community can use to validate and utilize the described implementation.
BIOS Protection Guidelines (NIST SP 800-147): This document provides guidelines for preventing the unauthorized modification of BIOS firmware on PC client systems. Unauthorized modification of BIOS firmware by malicious software constitutes a significant threat because of the BIOS’s unique and privileged position within the PC architecture. A malicious BIOS modification could be part of a sophisticated, targeted attack on an organization —either a permanent denial of service (if the BIOS is corrupted) or a persistent malware presence (if the BIOS is implanted with malware).
BIOS Protection Guidelines for Servers (NIST SP 800-147B): Modern computers rely on fundamental system firmware, commonly known as the BIOS, to facilitate the hardware initialization process and transition control to the hypervisor or operating system. The guidelines in this document include requirements on servers to mitigate the execution of malicious or corrupt BIOS code. They apply to BIOS firmware stored in the BIOS flash, including the BIOS code, the cryptographic keys that are part of the Root of Trust for Update, and static BIOS data. This guide is intended to provide server platform vendors with recommendations and guidelines for a secure BIOS update process.
BIOS Integrity Measurement Guidelines (NIST SP 800-155): This document outlines the security components and security guidelines needed to establish a secure BIOS integrity measurement and reporting chain. The guidelines in this document are intended to facilitate the development of products that can detect problems with the BIOS so that organizations can take appropriate remedial action to prevent or limit harm. The security controls and procedures specified in this document are oriented to desktops and laptops deployed in an enterprise environment.
Back to Top
Your comments and suggestions for the Hardware Security project are always welcome. Contact us at email@example.com.
Back to Top