Towards Unclonable System Design for Resource-Constrained Application

Abstract

As we forge ahead to achieve the targeted connectivity among devices in this Internet of Things (IoT) era, reliability and security of individual device have become a matter of paramount importance. Cloned electronic devices are threats because they can lead to a major security breach in a system. Besides, these counterfeit devices can be unreliable as they might have been manufactured with subpar materials and may have defects due to lack of full-fledged testing. Protecting a device from being cloned is therefore undeniably important. In this thesis, we present a novel firmware obfuscation method that, in association with hardware assistance, can effectively prevent an electronic system from being cloned. The firmware is obfuscated by swapping a subset of instructions, and the instructions to be swapped are specifically chosen so that an attacker cannot discover their locations. The obfuscated firmware is dynamically reconstructed during execution by a small cache and PUF-generated ID. The cache contains swapped instructions and their relative addresses. An adversary cannot make a program work completely without knowing which instructions have been swapped, as the program will execute in a wrong sequence and produce incorrect results. That is, firmware cannot be reconstructed without the proper ID of the system because the correct execution flow is obfuscated. The scheme does not increase the size of the code and requires only a small cache in the processor which makes it an effective and practical solution for resource-constrained devices.