Yiorgos Makris

University of Texas at Dallas, Richardson, Texas, United States

Are you Yiorgos Makris?

Claim your profile

Publications (146)55.85 Total impact

  • Yier Jin · Dzmitry Maliuk · Yiorgos Makris
    [Show abstract] [Hide abstract]
    ABSTRACT: Globalization of semiconductor manufacturing has brought about increasing concerns regarding possible infiltration of the Integrated Circuit (IC) supply chain by skilled and resourceful adversaries, with the intention of introducing malicious modifications (a.k.a hardware Trojans) which can be exploited to cause incorrect results, steal sensitive data, or even incapacitate a chip. While numerous prevention and detection solutions have been introduced in the recent, past, the vast majority of these efforts target digital circuits. Analog/RF ICs, however, are equally vulnerable and potentially even more attractive as attack targets, due to their wireless communication capabilities. Accordingly, in this chapter, we review existing research efforts in hardware Trojan detection in Analog/RF ICs. Specifically, using a wireless cryptographic IC as an experimentation platform, we demonstrate the effectiveness of side-channel fingerprinting along with advanced statistical analysis and machine learning methods in detecting hardware Trojans both after its manufacturing and after its deployment in its field of operation.)
    No preview · Chapter · Jan 2016
  • [Show abstract] [Hide abstract]
    ABSTRACT: The notion of Architectural Vulnerability Factor (AVF) has been extensively used to evaluate various aspects of design robustness. While AVF has been a very popular way of assessing element resiliency, its calculation requires rigorous and extremely time-consuming experiments. Furthermore, recent radiation studies in 90 nm and 65 nm technology nodes demonstrate that up to 55 percent of Single Event Upsets (SEUs) result in Multiple Bit Upsets (MBUs), and thus the Single Bit Flip (SBF) model employed in computing AVF needs to be reassessed. In this paper, we present a method for calculating the vulnerability of modern microprocessors -using Statistical Fault Injection (SFI)- several orders of magnitude faster than traditional SFI techniques, while also using more realistic fault models which reflect the existence of MBUs. Our method partitions the design into various hierarchical levels and systematically performs incremental fault injections to generate vulnerability estimates. The presented method has been applied on an Intel microprocessor and an Alpha 21264 design, accelerating fault injection by 15×, on average, and reducing computational cost for investigating the effect of MBUs. Extensive experiments, focusing on the effect of MBUs in modern microprocessors, corroborate that the SBF model employed by current vulnerability estimation tools is not sufficient to accurately capture the increasing effect of MBUs in contemporary processes.
    No preview · Article · Sep 2015 · IEEE Transactions on Computers
  • M.-M. Bidmeshki · Y. Makris
    [Show abstract] [Hide abstract]
    ABSTRACT: The proof carrying hardware intellectual property (PCHIP) framework ensures trustworthiness by developing proofs for security properties designed to prevent introduction of malicious behaviors via third-party hardware IP. However, converting a design to a formal representation and developing proofs for the desired security properties is a cumbersome task for IP developers and requires extra knowledge of formal reasoning methods, proof development and proof checking. While security properties are generally specific to each design, information flow policies are a set of policies which ensure that no secret information is leaked through untrusted channels, and are mainly applicable to the designs which manipulate secret and sensitive data. In this work, we introduce the VeriCoq-IFT framework which aims to (i) automate the process of converting designs from HDL to the Coq formal language, (ii) generate security property theorems ensuring information flow policies, (iii) construct proofs for such theorems, and (iv) check their validity for the design, with minimal user intervention. We take advantage of Coq proof automation facilities in proving the generated theorems for enforcing these policies and we demonstrate the applicability of our automated framework on two DES encryption circuits. By providing essential information, the trustworthiness of these circuits in terms of information flow policies is verified automatically. Any alteration of the circuit description against information flow policies causes proofs to fail. Our methodology is the first but essential step in the adoption of PCHIP as a valuable method to authenticate the trustworthiness of third party hardware IP with minimal extra effort.
    No preview · Article · Jun 2015
  • Ke Huang · Yu Liu · Nenad Korolija · John M. Carulli · Yiorgos Makris
    [Show abstract] [Hide abstract]
    ABSTRACT: We introduce two statistical methods for identifying recycled integrated circuits (ICs) through the use of one-class classifiers and degradation curve sensitivity analysis. Both methods rely on statistically learning the parametric behavior of known new devices and using it as a reference point to determine whether a device under authentication has previously been used. The proposed methods are evaluated using actual measurements and simulation data from digital and analog devices, with experimental results confirming their effectiveness in distinguishing between new and aged ICs and their superiority over previously proposed methods.
    No preview · Article · Jun 2015 · IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
  • A. Ahmadi · K. Huang · A. Nahar · B. Orr · M. Pas · J.M. Carulli · Y. Makris
    [Show abstract] [Hide abstract]
    ABSTRACT: We investigate the utility of correlations between e-test and probe test measurements in predicting yield. Specifically, we first examine whether statistical methods can accurately predict parametric probe test yield as a function of e-test measurements within the same fab. Then, we investigate whether the e-test profile of a destination fab, in conjunction with the e-test and probe test profiles of a source fab, suffice for accurate yield prognosis during fab-to-fab product migration. Results using an industrial dataset of ∼3.5M devices from a 65nm Texas Instruments RF transceiver design fabricated in two different fabs reveal that (i) within-fab yield prediction error is in the range of a few tenths of a percentile point, and (ii) fab-to-fab yield prediction error is in the range of half a percentile point.
    No preview · Article · Jun 2015
  • [Show abstract] [Hide abstract]
    ABSTRACT: Creating backdoors in integrated circuits (ICs), stealing hardware intellectual property, counterfeiting electronic components, reverse engineering ICs, and injecting malware in ICs are no longer nation state acts requiring specialized, expensive, and unlimited resources. Democratization of IC design has created numerous opportunities for rogues throughout the IC supply chain to inflict these attacks with aplomb and for a variety of reasons: personal gain, economic harm, economic gain, bringing disrepute, and sheer fun among others.
    No preview · Article · Jun 2015 · IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
  • [Show abstract] [Hide abstract]
    ABSTRACT: This paper presents statistical methods to identify and take advantage of correlations in the test methods and wafer-level spatial correlations among devices. The result, shown for industrial designs, is a far more optimized test suite.
    No preview · Article · Feb 2015 · IEEE Design and Test
  • Michail Maniatakos · Maria K. Michael · Yiorgos Makris
    [Show abstract] [Hide abstract]
    ABSTRACT: We propose a technology-independent vulnerability-driven parity selection method for protecting modern microprocessor in-core memory arrays against multiple-bit upsets (MBUs). As MBUs constitute over 50% of the upsets in recent technologies, error correcting codes or physical interleaving are typically employed to effectively protect out-of-core memory structures, such as caches. Such methods, however, are not applicable to high performance in-core arrays, due to computational complexity, high delay, and area overhead. Therefore, we investigate vulnerability-based parity forest formation as an effective mechanism for detecting errors. Checkpointing and pipeline flushing can subsequently be used for correction. As the optimal parity tree construction for MBU detection is a computationally complex problem, an integer linear program formulation is introduced. In addition, vulnerability-based interleaving (VBI) is explored as a mechanism for further enhancing in-core array resiliency in constrained, single parity tree cases. VBI first physically disperses bitlines based on their vulnerability factor and then applies selective parity to these lines. Experimental results on Alpha 21264 and Intel P6 in-core memory arrays demonstrate that the proposed parity tree selection and VBI methods can achieve vulnerability reduction up to 86%, even when a small number of bits are added to the parity trees.
    No preview · Article · Nov 2014 · IEEE Transactions on Very Large Scale Integration (VLSI) Systems
  • Dzmitry Maliuk · Yiorgos Makris
    [Show abstract] [Hide abstract]
    ABSTRACT: We discuss the design of an experimentation platform intended for prototyping low-cost analog neural networks for on-chip integration with analog/RF circuits. The objective of such integration is to support various tasks, such as self-test, self-tuning, and trust/aging monitoring, which require classification of analog measurements obtained from on-chip sensors. Particular emphasis is given to cost-efficient implementation reflected in: 1) low energy and area budgets of circuits dedicated to neural networks; 2) robust learning in presence of analog inaccuracies; and 3) long-term retention of learned functionality. Our chip consists of a reconfigurable array of synapses and neurons operating below threshold and featuring sub- μW power consumption. The synapse circuits employ dual-mode weight storage: 1) a dynamic mode, for fast bidirectional weight updates during training and 2) a nonvolatile mode, for permanent storage of learned functionality. We discuss a robust learning strategy, and we evaluate the system performance on several benchmark problems, such as the XOR2-6 and two-spirals classification tasks.
    No preview · Article · Sep 2014 · IEEE transactions on neural networks and learning systems
  • Dzmitry Maliuk · Yiorgos Makris
    [Show abstract] [Hide abstract]
    ABSTRACT: This paper discusses the design of an experimentation platform intended for prototyping low-cost neural networks for on-chip integration, towards supporting built-in self-test, post-production self-calibration, and trust evaluation capabilities. Particular emphasis is given to cost-efficient implementation reflected in stringent area and power constraints of circuits dedicated to neural networks, which, however, should not compromise their learning ability and correct functionality throughout their lifecycle. Our chip consists of a reconfigurable array of synapses and neurons operating below threshold and featuring sub-μW power consumption. The synapse circuits employ dual-mode weight storage: (1) a dynamic mode, for fast bidirectional weight updates during training and (2) a non-volatile mode, for permanent storage of learned functionality. The chip architecture supports two learning models: a multilayer perceptron and an ontogenic neural network. The system performance and learning ability are evaluated on the XOR2 benchmark.
    No preview · Conference Paper · Aug 2014
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: As the electronic component supply chain grows more complex due to globalization, with parts coming from a diverse set of suppliers, counterfeit electronics have become a major challenge that calls for immediate solutions. Currently, there are a few standards and programs available that address the testing for such counterfeit parts. However, not enough research has yet addressed the detection and avoidance of all counterfeit parts—recycled, remarked, overproduced, cloned, out-of-spec/defective, and forged documentation—currently infiltrating the electronic component supply chain. Even if they work initially, all these parts may have reduced lifetime and pose reliability risks. In this tutorial, we will provide a review of some of the existing counterfeit detection and avoidance methods. We will also discuss the challenges ahead for implementing these methods, as well as the development of new detection and avoidance mechanisms.
    Full-text · Article · Aug 2014 · Proceedings of the IEEE
  • Yu Liu · Ke Huang · Yiorgos Makris
    [Show abstract] [Hide abstract]
    ABSTRACT: Statistical side channel fingerprinting is a popular hardware Trojan detection method, wherein a parametric signature of a chip is collected and compared to a trusted region in a multi-dimensional space. This trusted region is statistically established so that, despite the uncertainty incurred by process variations, the fingerprint of Trojan-free chips is expected to fall within this region while the fingerprint of Trojan-infested chips is expected to fall outside. Learning this trusted region, however, assumes availability of a small set of trusted (i.e. "golden") chips. Herein, we rescind this assumption and we demonstrate that an almost equally effective trusted region can be learned through a combination of a trusted simulation model, measurements from process control monitors (PCMs) which are typically present either on die or on wafer kerf, and advanced statistical tail modeling techniques. Effectiveness of this method is evaluated using silicon measurements from two hardware Trojan-infested versions of a wireless cryptographic integrated circuit.
    No preview · Article · Jun 2014
  • Dzmitry Maliuk · Yiorgos Makris
    [Show abstract] [Hide abstract]
    ABSTRACT: We introduce an analog non-volatile neural network chip which serves as an experimentation platform for prototyping custom classifiers for on-chip integration towards fully standalone built-in self-test (BIST) solutions for RF circuits. Our chip consists of a reconfigurable array of synapses and neurons operating below threshold and featuring sub-μW power consumption. The synapse circuits employ dynamic weight storage for fast bidirectional weight updates during training. The learned weights are then copied onto analog floating gate (FG) memory for permanent storage. The chip architecture supports two learning models: a multilayer perceptron and an ontogenic neural network. A benchmark XOR task is first employed to evaluate the overall learning capability of our chip. The BIST-related effectiveness is then evaluated on two case studies: the detection of parametric and catastrophic faults in an LNA and an RF front-end circuits, respectively.
    No preview · Conference Paper · Jan 2014
  • Yu Liu · Yier Jin · Yiorgos Makris
    [Show abstract] [Hide abstract]
    ABSTRACT: We present a silicon implementation of a hardware Trojan, which is capable of leaking the secret key of a wireless cryptographic integrated circuit (IC) consisting of an Advanced Encryption Standard (AES) core and an Ultra-Wide-Band (UWB) transmitter. With its impact carefully hidden in the transmission specification margins allowed for process variations, this hardware Trojan cannot be detected by production testing methods of either the digital or the analog part of the IC and does not violate the transmission protocol or any system-level specifications. Nevertheless, the informed adversary, who knows what to look for in the transmission power waveform, is capable of retrieving the 128-bit AES key, which is leaked with every 128-bit ciphertext block sent by the UWB transmitter. Using silicon measurements from 40 chips fabricated in TSMC's 0.35μm technology, we also assess the effectiveness of a side channel-based statistical analysis method in detecting this hardware Trojan.
    No preview · Conference Paper · Nov 2013
  • [Show abstract] [Hide abstract]
    ABSTRACT: We present a nonintrusive concurrent error detection (CED) method for protecting the control logic of a contemporary floating-point unit (FPU). The proposed method is based on the observation that control logic errors lead to extensive data path corruption and affect, with high probability, the exponent part of the IEEE-754 floating-point representation. Thus, exponent monitoring can be utilized to detect errors in the control logic of the FPU. Predicting the exponent involves relatively simple operations; therefore, our method incurs significantly lower overhead than the classical approach of duplicating the control logic of the FPU. Indeed, experimental results on the openSPARC T1 processor using SPEC2006FP benchmarks show that as compared to control logic duplication, which incurs an area overhead of 17.9 percent of the FPU size, our method incurs an area overhead of only 5.8 percent yet still achieves detection of over 93 percent of transient errors in the FPU control logic. Moreover, the proposed method offers the ancillary benefit of also detecting 98.1 percent of the data path errors that affect the exponent, which cannot be detected via duplication of control logic. Finally, when combined with a classical residue code-based method for the fraction, our method leads to a complete CED solution for the entire FPU which provides a coverage of 94.1 percent of all errors at an area cost of 16.32 percent of the FPU size.
    No preview · Article · Jul 2013 · IEEE Transactions on Computers
  • Yier Jin · Bo Yang · Yiorgos Makris
    [Show abstract] [Hide abstract]
    ABSTRACT: We propose a new information assurance model which can dynamically track the information flow in circuit designs and hence protect sensitive data from malicious leakage. Relying on the Coq proof assistant platform, the new model maps register transfer level (RTL) codes written in hardware description languages (HDLs) into structural Coq representatives by assigning all input, output, and internal signal sensitivity levels. The signal sensitivity levels can be dynamically adjusted after each clock cycle based on proposed signal sensitivity transition rules. The development of data secrecy properties and theorem generation functions makes the translation process from security properties to Coq theorems independent of target circuits and, for the first time, makes it possible to construct a property library, facilitating (semi) automation of the proof. The proposed cycle accurate information assurance scheme is successfully demonstrated on cryptographic circuits with various complexities from a small-scale DES encryption core to a state-of-the-art AES encryption design prohibiting the leakage of sensitive information caused by hardware Trojans inserted in RTL codes.
    No preview · Conference Paper · Jun 2013
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Modern microprocessors incorporate a variety of architectural features, such as branch prediction and speculative execution, which are not critical to the correctness of their operation yet are essential towards improving performance. Accordingly, while faults in the corresponding hardware may not necessarily affect functional correctness, they may, nevertheless, adversely impact performance. In this paper, we investigate quantitatively the performance impact of such faults using a superscalar, dynamically-scheduled, out-of-order, Alpha-like microprocessor, on which we execute SPEC2000 integer benchmarks. We provide extensive fault simulation-based experimental results that elucidate the various aspects of performance faults and we discuss how this information may guide the inclusion of additional hardware for performance loss recovery and yield enhancement.
    Full-text · Article · Jun 2013 · Journal of Electronic Testing
  • Ke Huang · Nathan Kupp · John M. Carulli · Yiorgos Makris
    [Show abstract] [Hide abstract]
    ABSTRACT: Statistical intra-die correlation has been extensively studied as a means for reducing test cost in analog/RF ICs. Generally known as alternate test, this approach seeks to predict the performances of an analog/RF chip based on low-cost measurements on the same chip and statistical models learned from a training set of chips. Recently, an orthogonal direction for leveraging statistical correlation towards reducing test cost of analog/RF ICs has also gained traction. Specifically, inter-die spatial correlation models learned from specification tests on a sparse subset of die on a wafer are used to predict performances on the unobserved die. In this work, we investigate the potential of combining these two statistical approaches, anticipating that the performance prediction accuracy of the joint correlation model will surpass the accuracy of its constituents. Experimental results on industrial semiconductor manufacturing data validate this conjecture and corroborate the utility of the combined performance prediction models.
    No preview · Conference Paper · May 2013
  • Y. Jin · D. Maliuk · Y. Makris
    [Show abstract] [Hide abstract]
    ABSTRACT: The use of side-channel parametric measurements along with statistical analysis methods for detecting hardware Trojans in fabricated integrated circuits has been studied extensively in recent years, initially for digital designs but recently also for their analog/RF counterparts. Such post-fabrication trust evaluation methods, however, are unable to detect dormant hardware Trojans which are activated after a circuit is deployed in its field of operation. For the latter, an on-chip trust evaluation method is required. To this end, we present a general architecture for post-deployment trust evaluation based on on-chip classifiers. Specifically, we discuss the design of an on-chip analog neural network which can be trained to distinguish trusted from untrusted circuit functionality based on simple measurements obtained via on-chip measurement acquisition sensors. The proposed method is demonstrated using a Trojan-free and two Trojan-infested variants of a wireless cryptographic IC design, as well as a fabricated programmable neural network experimentation chip. As corroborated by the obtained experimental results, two current measurements suffice for the on-chip classifier to effectively assess trustworthiness and, thereby, detect hardware Trojans that are activated after chip deployment.
    No preview · Conference Paper · Jan 2013
  • Yier Jin · Y. Makris
    [Show abstract] [Hide abstract]
    ABSTRACT: We introduce a proof-carrying based framework for assessing the trustworthiness of third-party hardware Intellectual Property (IP), particularly geared toward microprocessor cores. This framework enables definition of and formal reasoning on security properties, which, in turn, are used to certify the genuineness and trustworthiness of the instruction set and, by extension, are used to prevent insertion of malicious functionality in the Hardware Description Language (HDL) code of an acquired microprocessor core. Security properties and trustworthiness proofs are derived based on a new formal hardware description language (formal-HDL), which is developed as part of the framework along with conversion rules to/from other HDLs to enable general applicability to IP cores independent of coding language. The proposed framework, along with the ability of a sample set of pertinent security properties to detect malicious IP modifications, is demonstrated on an 8051 microprocessor core.
    No preview · Conference Paper · Jan 2013

Publication Stats

1k Citations
55.85 Total Impact Points

Institutions

  • 2011-2015
    • University of Texas at Dallas
      • Department of Electrical Engineering
      Richardson, Texas, United States
  • 2013
    • University of Central Florida
      Orlando, Florida, United States
  • 2002-2012
    • Yale University
      • Department of Electrical Engineering
      New Haven, Connecticut, United States
  • 2006
    • University of New Haven
      New Haven, Connecticut, United States
    • Yale-New Haven Hospital
      New Haven, Connecticut, United States
  • 1999-2000
    • California State University
      • College of Engineering & Computer Sciences
      Long Beach, California, United States
  • 1998-1999
    • University of California, San Diego
      • Department of Computer Science and Engineering (CSE)
      San Diego, California, United States