Everyone relies on integrated circuits in our laptops, desktops and mobile devices to communicate, access information and store data. But that all works if the circuits in your computer are on the up and up.
Jia Di, associate professor of computer science and computer engineering at the University of Arkansas, Fayetteville, said it would be very easy for hardware designers to insert malicious functionalities into their designs.
“With a few lines of code, they can put in additional functionalities,” said Di. “They could steal your information or modify the data you receive without you knowing.”
This type of code, called hardware descriptive language, or HDL, describes the design of a piece of hardware. Often, companies that make the hardware buy certain designs from third parties, and have no way of knowing if the HDL contains code that could present a security threat. “It would be exhaustively hard to test for these,” said Di.
In spite of this challenge, the Department of Defense is making hardware security a priority, and Di earned a $250,000 grant from the Defense Advanced Research Projects Agency to develop a way to test hardware designs for malicious elements.
Di and his students are now creating a tool that can look at HDL code and determine all the functionalities it is capable of performing. In the next phase of the project, they will find a way to figure out if any of those functionalities are malicious.