Farshad Khorrami

The researchers participating in this grant include Farshad Khorrami and Ramesh Karri, Professors of Electrical and Computer Engineering and member and director — respectively — of the NYU Center for Cybersecurity; and Research Scientist Prashanth Krishnamurthy.

A project to develop methods of securing the U.S. power grid from hackers, led by NYU Tandon researchers at the NYU Center for Cybersecurity, is one of six university teams receiving a portion of $12 million from the U.S. Department of Energy (DOE), supporting research, development, and demonstration (RD&D) of novel cybersecurity technologies to help the U.S. power grid survive and recover quickly from cyberattacks.

The Tandon team received $1.94 million for the project from the DOE fund, with matching support from NYU bringing the total to around $2.8 million, to develop Tracking Real-time Anomalies in Power Systems (TRAPS) to detect and localize anomalies in power grid cyber-physical systems. Collaborators include SRI International, the New York Power Authority, and Consolidated Edison. TRAPS will correlate time series measurements from electrical signals, embedded computing devices, and network communications to detect anomalies using semantic mismatches between measurements, allowing it to perform cross-domain real-time integrity verification.

Administered by the DOE's Office of Cybersecurity, Energy Security, and Emergency Response (CESER), the strategic project aims to advance anomaly detection, artificial intelligence and machine learning, and physics-based analytics to strengthen the security of next-generation energy systems. These systems include components placed in substations to detect cyber intrusions more quickly and automatically block access to control functions.   

The program aligns with the DOE’s larger goal of bolstering the security and resiliency of the power grid toward advancing President Biden’s goal of a 100% clean electrical grid by 2035 and net-zero carbon emissions by 2050.

This research project is led by Department of Electrical and Computer Engineering Professors Farshad Khorrami and Ramesh Karri, who is co-founder and co-chair of the NYU Center for Cybersecurity, and Prashanth Krishnamurthy, a research scientist at NYU Tandon; and Jörg Henkel and Hussam Amrouch of the Computer Science Department of the Karlsruhe Institute of Technology (KIT), Karlsruhe, Germany.

The project builds upon on-going research, funded by a $1.3 million grant from the Office of Naval Research, to create algorithms for detecting Trojans — deliberate flaws inserted into chips during fabrication — based on the short term aging phenomena in transistors. 

It will focus on this physical phenomenon of short-term aging as a route to detecting hardware Trojans. The efficacy of short-term aging-based hardware Trojan detection has been demonstrated through simulations on integrated circuits (ICs) with several types of hardware Trojans through stochastic perturbations injected into the simulation studies. This DURIP project seeks to demonstrate hardware Trojan detection in actual physical ICs.

Khorrami explained that the new $359,000 grant will support the design and fabrication of 28nm chips with and without built-in trojans 

"The supply chain in manufacturing chips is complex and most foundries are overseas. Once a chip is fabricated and returned to the customer, the question is if additional hardware has been included on the chip die for most likely malicious purposes," he said. 

For this purpose, this DURIP project is proposing a novel experimental testbed consisting of:

• A specifically designed IC that contains Trojan-free and Trojan-infected variants of multiple circuits (e.g., cryptographic accelerators and micrcontrollers). This IC will be used for evaluation of the efficacy and accuracy of the hardware short-term aging based Trojan detection methods. To validate the Trojan detection methodology the team will use 3mm×3mm ICs with both Trojan-free and Trojan-infected variants of multiple circuits.

• AnFPGA-based interface module to apply clock signal and inputs to the fabricated IC and collect outputs.

• A fast switching programmable power supply for precise application of supply voltage changes to the IC’s being tested. The unit will apply patterns of supply voltages to the test chips to induce controllable and repeatable levels of short-term aging.

• Finally, a data analysis software module on a host computer for machine learning based device evaluation and anomaly detection (i.e., detection of hardware Trojans).

This testbed, a vital resource in the physical validation of the proposed NYU-KIT hardware Trojan detection methodology will also be a valuable resource for evaluating and validating other hardware Trojan detection techniques developed by NYU and the hardware security researchers outside of NYU. The testbed will therefore be a unique experimental facility for the hardware security community by providing access to (i) physical ICs with Trojan- free and Trojan-infected variants of circuits ranging from moderate-sized cryptographic circuits to complex microprocessors plus (ii) a generic FPGA-based interface to interrogate and test these ICs for Trojans according to their detection method.