Hardware Trojan Threat to Robotic Control Systems
Published on : Friday 14-08-2020
Krishnendu Guha, Amlan Chakrabarti and Sangeet Saha on the risk hardware Trojan horses pose to robotic control systems in the post Fourth Industrial Revolution era.
Recent era has witnessed the engagement of autonomous agents (UAVs or robots) to satisfy the growing demands of society. These involve oil and gas pipeline monitoring, checking of structural integrity of bridges and roads or mobile highway traffic monitoring [Peel 2018]. Moreover, robotic control is significantly important in sites with extreme environmental conditions that are hazardous for humans like inspection of nuclear power plants and chemical plants [Wong 2017]. Such scenarios have created a demand to equip the agents with the ability to autonomously inspect extreme environments by determining their paths effectively and efficiently. Such environments can be divided into a set of regions and each agent has to reach each region to accomplish specific tasks. Hence, accuracy in control with respect to time and utilisation of energy budget in an appropriate manner are the two most important factors that need to be ensured for efficient functioning of an agent.
With the fourth industrial revolution or Industry 4.0, focus has been made by the design automation industry to provide reconfigurability in designs and products [Banjanovic 2019]. Reconfigurable system on chips (SoCs) or field programmable gate arrays (FPGAs) are presently being deployed not only in arenas like aviation and automobiles but is also being widely used in robotics [Martínez-Prado 2018]. As hardware is generally considered trustworthy, deployment of FPGAs in robotic infrastructures were welcomed with open arms by designers and focus was made on development of energy efficient scheduling strategies. Such strategies essentially focussed on timing control and energy savings but overlooked issues related to vulnerabilities of hardware.
But eradication of hardware root of trust has not only been demonstrated in recent literature [Bhunia 2014], but also experienced in several practical instances like spoofing in smart cards, hotel keycards, etc., [Brocious 2012]. Like other chips, development of FPGAs also involves outsourcing the various design phases across the globe in order to reduce design cost and meet marketing deadlines. Adversaries in less trustworthy foundries may implant malicious circuitry in the FPGA fabric during their fabrication. Moreover, the FPGA fabric needs to be configured by bitstreams or reconfigurable intellectual properties (RIPs) for task operations. Such RIPs are essentially procured from third party IP (3PIP) vendors. Possibility exists in the introduction of malicious codes in the RIPs. Such vulnerability is generally termed as hardware Trojan horses (HTHs).
HTHs comprise of a trigger and a payload. The trigger may be external or internal. External trigger captures signals via sensors or antenna, while internal trigger is pre-specified by adversaries and gets activated via a rare combination of internal node values. The trigger aids the HTH to remain dormant during testing and initial phases of operation. On satisfaction of the trigger, the payload module is activated, which comprises the malicious functionality. The malicious function varies with respect to the nature and extent of harm intended by the adversary. Recent works have revealed how HTHs in the FPGA fabric and the RIPs may jeopardise real time task schedules [Guha 2018] and even cause unnecessary power loss, which drains the energy budget of the system and ceases the system to operate far before its expiry time [Guha 2020]. Such attacks are of utmost concern for robotic systems. Hence, it is necessary, to analyse the issues and develop effective strategies to mitigate them.
In general, FPGA based robotic systems face reliability challenges when the robots are deployed in harsh environments, also known as extreme environments (EE), as they become susceptible to errors due to severe conditions, such as high radiation levels, high temperature, etc. The deployment of robots for the exploration and inspection of an abandoned nuclear power plant is an example scenario of a robot system in EE. In such environment, the operating FPGA inside the robotic systems might be affected by the charged radiation particles that strike the silicon of the FPGA and it may cause bit flips in the architectural registers or Single Event Upsets (SEUs) [Saha 2018].
However, differences exist between threats due to HTHs and that those that are caused due to EE. The former is intentional, while the latter is completely unintentional. Moreover, threats related to HTHs may arise at crucial junctions and become dormant after jeopardising the scenario to prevent detection. Such an issue will never arise in the latter case as an error generated due to EE will be permanent in nature and can be discovered during post mortem analysis.
Hence, some of the essential issues for future research in this direction are:
Analysis of Potential Threats: As an HTH does not comprise of a fixed architecture, hence, the library of possible threats is not finite. Thus, it is imperative to analyse new and potential threats that can affect robotic systems. Development of New Security Strategies for counteracting HTHs: Existing security strategies deployed to tackle errors arising due to EE may not be sufficient to control HTH threats. Hence, potential mechanisms must be developed that can secure the objectives related to robotic control.
Facilitating Self-Aware Security: Triple modular redundancy or duplication with compare mechanisms are generally deployed to mitigate errors. However, these induce a huge overhead in area and power and hence, are not suitable for systems with strict energy budgets. Thus, adhering to self-aware strategies is of utmost importance, which can detect and mitigate errors with negligible overhead.
Facilitating Decentralised Control and Security: For robotics, a team of autonomous agents are generally deployed. However, a centralised control will not be effective as a malware in the controller may jeopardise the entire system. Hence, it is important to facilitate decentralised control via agent to agent communication. Moreover, during emergencies, an agent on detecting anomaly in another, must take up the action of the other to secure the entire system from getting jeopardised.
References
1. [Peel 2018] Peel, H, S Luo, A G Cohn, and R Fuentes. Localisation of a mobile robot for bridge bearing inspection". Automation in Construction 94 (2018): 244-256.
2. [Wog 2017] Wong, Cuebong, et al. An overview of robotics and autonomous systems for harsh environments". 2017 23rd International Conference on Automation and Computing (ICAC). IEEE, 2017.
3. [Banjanovic 2019] Banjanovic-Mehmedovic, Lejla, et al. Hexapod Robot Navigation Using FPGA Based Controller". International Conference “New Technologies, Development and Applications”. Springer, Cham, 2019.
4. [Martínez-Prado 2018] Martínez-Prado, Miguel-Angel, et al. An FPGA-based open architecture industrial robot controller. IEEE Access 6 (2018): 13407-13417
5. [Bhunia 2014] S Bhunia, M S Hsiao, M Banga, and S Narasimhan. “Hardware Trojan Attacks: Threat Analysis and Countermeasures”. Proceedings of the IEEE, 102(8):1229{1247, 2014.
6. [Brocious 2012] C. Brocious. My Arduino can beat up your hotel room lock; Available Online:http://www.hakim.ws/BHUSA12/materials/Briefings/Brocious/ BH US 12 Brocious Hotel Key Slides.pdf, 2012
7. [Guha 2018]K Guha, S Saha and A Chakrabarti, “SHIRT (Self-Healing Intelligent Real Time) Scheduling for Secure Embedded Task Processing”. 2018 31th International Conference on VLSI Design and 2018 17th International Conference on Embedded Systems (VLSID
2018),Pune, 2018, pp.463-464
8. [Guha 2020] Guha, A Majumder, D Saha and A Chakrabarti, “Dynamic Power Aware Scheduling of Real Time Tasks for FPGA based Cyber Physical Systems against Power Draining Hardware Trojan Attacks”. Springer Journal of Supercomputing https://doi.org/10.1007/s11227- 020-03184-3
9. [Saha 2018] Saha, Sangeet, et al. Real-Time Application Processing for FPGA-Based Resilient Embedded Systems in Harsh Environments. 2018 NASA/ESA Conference on Adaptive Hardware and Systems (AHS). IEEE, 2018.
Krishnendu Guha is presently an INSPIRE PhD Fellow in A K Choudhury School of Information Technology (AKCSIT), University of Calcutta. He has completed his MTech from University of Calcutta in 2014, where he was the recipient of the University Gold Medal for securing the First Class First Rank. Other than receiving the prestigious INSPIRE Fellowship Award in 2016 from the Department of Science and Technology, Government of India for carrying out his doctoral studies, he has also received the Intel India Final Year PhD Research Award in 2019 from Intel Corporations, India. His present research arena encompasses embedded security, with a flavour of artificial intelligence and nature inspired strategies.
Sangeet Saha, Senior Research Officer with the Embedded and Intelligent Systems (EIS) Research Group, University of Essex, Colchester, UK. Prior to this, he received the B.Tech, MTech and the Ph.D degrees (as a TCS research fellow) from the University of Calcutta, Kolkata, in 2011, 2013, and 2018, respectively. He is presently associated with various UK government and industrial projects. His current research interests include real-time scheduling, scheduling for reconfigurable computers, real-time and fault-tolerant robotic embedded systems, and IoT-cloud computing.
Amlan Chakrabarti is presently Professor and Director of AKCSIT, University of Calcutta. Prior to this, he completed his post-doctoral research in Princeton University after completing his PhD from University of Calcutta in association with ISI, Kolkata. His present research interests include VLSI Design, Quantum Computing and Embedded System Design. He is the recipient of DST BOYSCAST fellowship award in Engineering Science in 2011, Indian National Science Academy (INSA) Visiting Faculty Fellowship in 2014, JSPS Invitation Research Award in 2016 and Erasmus Mundus Leaders Award from EU in 2017 and Hamied Visiting Fellowship from Cambridge University in 2018. He has been associated with reputed international and national institutes of repute as a Visiting Professor like University of Cambridge (UK), City University of London (UK), University of Oradea (Romania), SUNY Buffalo (USA), GSI Helmholtz Research Laboratory (Germany), University of Bremen (Germany), CERN (Geneva), Kyushu Institute of Technology (Japan).
