Sheng Wei

University of California, Los Angeles, Los Angeles, California, United States

Are you Sheng Wei?

Claim your profile

Publications (20)5.69 Total impact

  • 06/2014;
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper addresses the energy attacks towards wireless systems, where energy is the most critical constraint to lifetime and reliability. We for the first time propose a hardware-based energy attack, namely energy hardware Trojans (HTs), which can be well hidden in the wireless systems and trigger ultra-high energy increases at runtime. Then, we develop a non-destructive HT detection approach to identify the energy attack by remotely sampling the power profiles of the system and characterizing the gate-level temperatures. Our evaluation results on ISCAS benchmarks indicate the effectiveness of the proposed energy attacks and defense techniques.
    Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks; 04/2013
  • [Show abstract] [Hide abstract]
    ABSTRACT: The impact of process variation (PV) in deep submicron CMOS technologies has raised major concerns for energy optimization efforts in FPGAs. We have developed a post-silicon leakage energy optimization scheme that raises the threshold voltage (by way of negative bias temperature instability (NBTI) aging) of the components that are either unused or not on the critical timing paths, thereby reducing the total leakage energy consumption. In order to obtain the input vectors for aging only the targeted transistors, we map the problem of minimizing leakage energy under timing constraints to an instance of the satisfiability (SAT) problem. We implemented low power designs targeting Xilinx Spartan6 FPGAs and analyzed the potential leakage power savings over a set of ITC99 and Opencores benchmarks. The analysis of the experimental results shows a substantial amount of potential leakage energy reduction with very small performance degradation.
    Proceedings of the ACM/SIGDA international symposium on Field programmable gate arrays; 02/2013
  • [Show abstract] [Hide abstract]
    ABSTRACT: Hardware metering, the extraction of unique and persistent identifiers (IDs), is a crucial process for numerous integrated circuit (IC) intellectual property protection tasks. The currently known hardware metering approaches, however, are subject to alternations due to device aging, since they employ unstable manifestational IC properties. We, on the other hand, have developed the first robust hardware metering approach by using physical-level gate proprieties for ID generation. By using effective channel length, which is resilient to aging, and threshold voltage, which is essentially independent across gates and suitable for calculating the uniqueness of the IDs, we overcome the limitations of the existing approaches. Also, despite the increase in threshold voltage that occurs with aging, the original threshold voltage value can be extracted through intentional IC aging. Our ID generation procedure first employs two types of side channels, namely switching power and leakage power, to extract metering results for each gate. Next, we show that localized delay measurements alone are sufficient for accurate characterization of large sets of gates. Finally, by using threshold voltage for ID creation, we are able to obtain low probabilities of coincidence between legitimate and pirated ICs. The application of the approach to a set of benchmarks quantitatively establishes the effectiveness of the new hardware metering approach.
    IEEE Transactions on Information Forensics and Security 01/2013; 8(11):1722-1730. · 1.90 Impact Factor
  • Sheng Wei, J.X. Zheng, M. Potkonjak
    [Show abstract] [Hide abstract]
    ABSTRACT: The presence of process variation (PV) in deep submicron technologies has become a major concern for energy optimization attempts on FPGAs. We develop a negative bias temperature instability (NBTI) aging-based post-silicon leakage energy optimization scheme that stresses the components that are not used or are off the critical paths to reduce the total leakage energy consumption. Furthermore, we obtain the input vectors for aging by formulating the aging objectives into a satisfiability (SAT) problem. We synthesize the low energy design on Xilinx Spartan6 FPGA and evaluate the leakage energy savings on a set of ITC99 and Opencores benchmarks.
    Field Programmable Logic and Applications (FPL), 2013 23rd International Conference on; 01/2013
  • [Show abstract] [Hide abstract]
    ABSTRACT: Near-Threshold Computing (NTC) shows potential to provide significant energy efficiency improvements as it alleviates the impact of leakage in modern deep sub-micron CMOS technology. As the gap between supply and threshold voltage shrink, however, the energy efficiency gains come at the cost of device performance variability. Thus, adopting near-threshold in modern CAD flows requires careful consideration when addressing commonly targeted objectives. We propose a process variation-aware near-threshold voltage (PV-Nvt) gate sizing framework for minimizing power subject to performance yield constraints. We evaluate our approach using an industrial-flow on a set of modern benchmarks. Our results show our method achieves significant improvement in leakage power, while meeting performance yield targets, over a state-of-the-art method that does not consider near-threshold computing.
    Power and Timing Modeling, Optimization and Simulation (PATMOS), 2013 23rd International Workshop on; 01/2013
  • Sheng Wei, Miodrag Potkonjak
    [Show abstract] [Hide abstract]
    ABSTRACT: We have developed an approach for automatic embedding of customizable hardware Trojan horses (HTHs) into an arbitrary finite state machine. The HTH can be used to facilitate a variety of security attacks and does not require any additional gates, because it is morphed into the specified design. Even after the HTH induces provable damage, one is not capable of proving that any malicious circuitry is embedded into the design. The main ramification of the developed HTH is that hardware and system techniques should move from HTH detection toward synthesis for trusted systems.
    Design Automation Conference (DAC), 2013 50th ACM / EDAC / IEEE; 01/2013
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper proposes Hardware Trojan (HT) placement techniques that yield challenging HT detection benchmarks. We develop three types of one-gate HT benchmarks based on switching power, leakage power, and delay measurements that are commonly used in HT detection. In particular, we employ an iterative searching algorithm to find rarely switching locations, an aging-based approach to create ultra-low power HT, and a backtracking-based reconvergence identification method to determine the non-observable delay paths. The simulation results indicate that our HT attack benchmarks provide the most challenging representative test cases for the evaluation of side-channel based HT detection techniques.
    01/2012;
  • [Show abstract] [Hide abstract]
    ABSTRACT: This paper proposes a novel minimal test point insertion methodology that provisions a provably complete detection of hardware Trojans by noninvasive timing characterization. The objective of test point insertion is to break the reconvergent paths so that target routes for Trojan delay testing are specifically observed. We create a satisfiability-based input vector selection for sensitizing and characterizing each single timing path. Evaluations on benchmark circuits demonstrate that the test point-based Trojan detection can cover all circuit locations and can detect Trojans accurately with less than 5% performance overhead.
    Computer-Aided Design (ICCAD), 2012 IEEE/ACM International Conference on; 01/2012
  • [Show abstract] [Hide abstract]
    ABSTRACT: This paper proposes a novel minimal test point insertion methodology that provisions a provably complete detection of hardware Trojans by noninvasive timing characterization. The objective of test point insertion is to break the reconvergent paths so that target routes for Trojan delay testing are specifically observed. We create a satisfiability-based input vector selection for sensitizing and characterizing each single timing path. Evaluations on benchmark circuits demonstrate that the test point-based Trojan detection can cover all circuit locations and can detect Trojans accurately with less than 5% performance overhead.
    Computer-Aided Design (ICCAD), 2012 IEEE/ACM International Conference on; 01/2012
  • Source
    Sheng Wei, Miodrag Potkonjak
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper addresses the hardware Trojan (HT) attacks that impose severe threats to the security and integrity of wireless networks and systems. We first develop HT attack models by embedding a single HT gate in the target design that triggers advanced malicious attacks. We place the one-gate HT trigger in such a way that it exhibits rare switching activities, consumes ultra-low leakage power, and hides from delay characterizations. Therefore, the HT attack models are capable of bypassing the widely used side channel-based HT detection schemes. Furthermore, based on the HT attack models, we investigate the potential on-line threat models during the system operation and develop an in-field trusted HT detection approach using physical unclonable functions (PUFs). We evaluate the effectiveness of the HT attack and defense models on a set of ISCAS'85, ISCAS'89, and ITC'99 benchmarks.
    01/2012;
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Modern hardware security has a very broad scope ranging from digital rights management to the detection of ghost circuitry. These and many other security tasks are greatly hindered by process variation, which makes each integrated circuit (IC) unique, and device aging, which evolves the IC throughout its lifetime. We have developed a singular value decomposition (SVD)-based procedure for gate-level characterization (GLC) that calculates changes in properties, such as delay and switching power of each gate of an IC, accounting for process variation and device aging. We employ our SVD-based GLC approach for the development of two security applications: hardware metering and ghost circuitry (GC) detection. We present the first robust and low-cost hardware metering scheme, using an overlapping IC partitioning approach that enables rapid and scalable treatment. We also map the GC detection problem into an equivalent task of GLC consistency checking using the same overlapping partitioning. The effectiveness of the approaches is evaluated using the ISCAS85, ISCAS89, and ITC99 benchmarks. In hardware metering, we are able to obtain probabilities of coincidence in the magnitude of 10$^{-8}$ or less, and we obtain zero false positives and zero false negatives in GC detection.
    IEEE Transactions on Information Forensics and Security 01/2012; 7(2):765-773. · 1.90 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: Current hardware metering techniques, which use manifestational properties of gates for ID extraction, are weakened by the non-uniform effects of aging in conjunction with variations in temperature and supply voltage. As an integrated circuit (IC) ages, the manifestational properties of the gates change, and thus the ID used for hardware metering can not be valid over time. Additionally, the previous approaches require large amounts of costly measurements and often are difficult to scale to large designs. We resolve the deleterious effects of aging by going to the physical level and primarily targeting the characterization of threshold voltage. Although threshold voltage is modified with aging, we can recover its original value for use as the IC identifier. Another key aspect of our approach involves using IC segmentation for gate-level characterization. This results in a cost effective approach by limiting measurements, and has a significant effect on the approach scalability. Finally, by using threshold voltage for ID creation, we are able to quantify the probability of coincidence between legitimate and pirated ICs, thus for the first time quantitatively and accurately demonstrating the effectiveness of a hardware metering approach.
    Proceedings of the International Conference on Computer-Aided Design; 11/2011
  • Source
    Sheng Wei, M. Potkonjak
    [Show abstract] [Hide abstract]
    ABSTRACT: Hardware Trojans (HTs) have become a major concern in modern IC industry, especially with the fast growth in IC outsourcing. HT detection and diagnosis are challenging due to the huge number of gates in modern IC designs and the high cost of testing. We propose a scalable and efficient HT detection and diagnosis scheme based on segmentation and consistency analysis of the gate-level properties. Furthermore, we develop a HT masking approach that prevents the HTs from functioning using selective device aging. We evaluate our HT detection and diagnosis schemes on a set of ISCAS and ITC benchmarks.
    Network and System Security (NSS), 2011 5th International Conference on; 10/2011
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Gate-level characterization (GLC) is the process of quantifying physical and manifestational properties for each gate of an integrated circuit (IC). It is a key step in many IC applications that target cryptography, security, digital rights management, low power, and yield optimization. However, GLC is a challenging task due to the size and structure of modern circuits and insufficient controllability of a subset of gates in the circuit. We have developed a new approach for GLC that employs thermal conditioning to calculate the scaling factors of all the gates by solving a system of linear equations using linear programming (LP). Therefore, the procedure captures the complete impact of process variation (PV). In order to resolve the correlations in the system of linear equations, we expose different gates to different temperatures and thus change their corresponding linear coefficients in the linear equations. We further improve the accuracy of GLC by applying statistical methods in the LP formulation as well as the post-processing steps. In order to enable non-destructive hardware Trojan horse (HTH) detection, we generalize our generic GLC procedure by manipulating the constraint of each linear equation. Furthermore, we ensure the scalability of the approaches for GLC and HTH detection using iterative IC segmentation. We evaluate our approach on a set of ISCAS and ITC benchmarks.
    IEEE Transactions on Information Forensics and Security 10/2011; · 1.90 Impact Factor
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Current hardware metering techniques, which use manifestational properties of gates for ID extraction, are weakened by the non-uniform effects of aging in conjunction with variations in temperature and supply voltage. As an integrated circuit (IC) ages, the manifestational properties of the gates change, and thus the ID used for hardware metering can not be valid over time. Additionally, the previous approaches require large amounts of costly measurements and often are difficult to scale to large designs. We resolve the deleterious effects of aging by going to the physical level and primarily targeting the characterization of threshold voltage. Although threshold voltage is modified with aging, we can recover its original value for use as the IC identifier. Another key aspect of our approach involves using IC segmentation for gate-level characterization. This results in a cost effective approach by limiting measurements, and has a significant effect on the approach scalability. Finally, by using threshold voltage for ID creation, we are able to quantify the probability of coincidence between legitimate and pirated ICs, thus for the first time quantitatively and accurately demonstrating the effectiveness of a hardware metering approach.
    2011 IEEE/ACM International Conference on Computer-Aided Design (ICCAD), San Jose, California, USA, November 7-10, 2011; 01/2011
  • Source
    Sheng Wei, Miodrag Potkonjak
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper addresses integrated circuit (IC) security issues by using supply voltage based gate-level characterization (GLC). Our GLC scheme is capable of characterizing both manifestation and physical level properties of an IC accurately using variable supply voltage. We demonstrate that the proposed scheme can detect three types of IC attacks with low false positives and false negatives.
    Proceedings of the 48th Design Automation Conference, DAC 2011, San Diego, California, USA, June 5-10, 2011; 01/2011
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: We have developed an ultra low power (well below 1 nanojoule per transaction), ultra high speed (less than 1 nanosecond), and low cost (a few hundred gates) public physically unclonable function (PPUF). We have also developed the first PPUF-based smart card (SC). We analyze and demonstrate the security of this new SC against several families of potential security attacks.
    Proceedings of the 48th Design Automation Conference, DAC 2011, San Diego, California, USA, June 5-10, 2011; 01/2011
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Digital rights management (DRM) of integrated circuits (ICs) is a crucially important task both economically and strategically. Several IC metering techniques have been proposed, but until now their effectiveness for royalty management has not been quantified. IC auditing is an important DRM step that goes beyond metering; it not only detects that a pirated IC has been produced but also determines the quantity of pirated ICs. Our strategic objective is to create a new intrinsic passive metering technique as well as the first IC auditing technique, and to maximize and quantify their effectiveness using statistical analysis and IC characterization techniques. Our main technical innovations include physical level gate characterization, a Bayesian approach for coincidence analysis, and an adaptation of animal counting techniques for IC production estimation. We evaluate the accuracy of the IC metering and auditing approach using simulations on a set of ISCAS benchmarks.
    01/2011;
  • Source
    Sheng Wei, M. Potkonjak
    [Show abstract] [Hide abstract]
    ABSTRACT: Hardware Trojans (HTs) pose a significant threat to the modern and pending integrated circuit (IC). Several approaches have been proposed to detect HTs, but they are either incapable of detecting HTs under the presence of process variation (PV) or unable to handle very large circuits in the modern IC industry. We develop a scalable HT detection and diagnosis scheme by using segmentation techniques and gate level characterization (GLC). In order to address the scalability issue, we propose a segmentation method which divides the large circuit into small sub-circuits by using input vector control. We propose a segment selection model in terms of properties of segments and their effects on GLC accuracy. The model parameters are calibrated by sampled data from the GLC process. Based on the selected segments we are able to detect and diagnose HTs correctly by tracing gate level leakage power. We evaluate our approach on several ISCAS85/ISCAS89/ITC99 benchmarks. The simulation results show that our approach is capable of detecting and diagnosing HTs accurately on large circuits.
    Computer-Aided Design (ICCAD), 2010 IEEE/ACM International Conference on; 12/2010