News and Events
Graf Research Corporation will be attending the HOST 2024 conference, scheduled for May 6 - 9, 2024, in Washington DC, USA. This premier event in hardware-oriented security and trust will feature leading industry and academic professionals discussing crucial advancements in hardware security. Our presence at this event highlights our commitment to enhancing security measures in the industry. For more details on HOST 2024, please visit their website.
Graf Research and Virginia Tech are presenting a poster at the IEEE International Conference on Machine Learning for Communication and Networking (IEEE ICMLCN) 2024 in Stockholm, Sweden. The paper, titled "Exploring Explainable AI Techniques for Radio Frequency Machine Learning," is featured in Interactive Session 9 on Learning Communication Signal Processing on Wednesday, May 9th, from 1:30pm to 2:30pm.
The presentation highlights the challenges and solutions in interpreting complex deep learning models used in wireless radio frequency communications. The focus is on explainable artificial intelligence (XAI) techniques to demystify model decisions, specifically using attribution methods to assess the influence of inputs on outputs across different data modalities. This collaboration emphasizes the importance of transparency in AI systems, enhancing trust and understanding in advanced machine learning applications.
For additional details about the conference, visit IEEE ICMLCN 2024.
IEEE ICMLCN 2024 Interactive Session 9: Learning Communication Signal Processing
May 9, 2024, 1:30-2:30pm
Exploring Explainable AI Techniques for Radio Frequency Machine Learning
Stephen Adams (Virginia Tech, USA); Mia Taylor, Cody Crofford, Scott Harper, and Whitney Batchelor (Graf Research Corporation, USA); William C Headley (Virginia Tech, USA)
Abstract: Deep learning models are increasingly being used to solve complex wireless radio frequency communications problems. These state-of-the-art machine learning models have demonstrated superior performance over traditional methods when signal and environmental parameters are unknown a priori. However, due to the complexity of the architecture and the number of parameters, deep learning models are difficult to interpret. This opacity can lead to difficulties during testing and a lack of trust by the user. Explainable artificial intelligence (XAI) techniques can provide estimates for the impact an input has on the output of a model. In this study, we apply a wide range of common attribution techniques, a subset of XAI that focuses on estimating the contribution of each input to an output of a model, to simple wireless communications problems over two different data modalities (raw IQ and spectrogram images) and show how estimates of attributions could be used for test and evaluation.
Siemens osmosis Aerospace and Defense 2024
Dr. Jonathan Graf will be presenting at Siemens osmosis A&D 2024 tomorrow, April 23, 2024, at 2:00pm EST. We are discussing the pairing of Enverite PV-Bit bitstream verification with Siemens Questa Apps to enhance FPGA build flow assurance. Join us at this virtual conference by registering here.
We are excited to announce that Graf Research will be demonstrating Enverite PV-Bit verification at the DoD Anti-Tamper Conference 2024. Make sure to stop by our booth to in Laurel, Maryland, from April 2-4, 2024.
Enverite EDA offers a comprehensive suite of tools designed to address the critical challenges facing FPGA designers in ensuring the security, integrity, and assurance within their designs. Attendees at DoD Anti-Tamper Conference 2024 will have the opportunity to see a demonstration of Enverite PV-Bit verification. Engage with our experts at the booth and discuss PV-Bit verification of bitstream integrity, or other Enverite features. The Enverite EDA suite also offers the Trace archiver for tamper-evident digital thread creation and the Retrace auditor for automated auditing and reproduction of traced builds.
FPGA designers seeking to enhance their design assurance process can acquire Enverite EDA and unlock its full potential to streamline workflows, mitigate risks, and deliver mission-critical FPGA designs with unmatched assurance.
Graf Research is also presenting “Automating Hardware Trojan Insertion for Producing a Trusted & Assured Microelectronics Benchmark Dataset,” by James Koiner, Kevin Paar, Michael Blacconiere, Margaret Winslow, Scott Harper, and Jonathan Graf at the DoD Anti-Tamper Conference.
We are excited to announce that Graf Research will be demonstrating Enverite PV-Bit verification at DATE 2024. Make sure to stop by our table to in Valencia, Spain, from March 25-27, 2024.
Enverite EDA offers a comprehensive suite of tools designed to address the critical challenges facing FPGA designers in ensuring the security, integrity, and assurance within their designs. Attendees at DATE 2024 will have the opportunity to see a demonstration of Enverite PV-Bit verification. Engage with our experts at the table and discuss PV-Bit verification of bitstream integrity, or other Enverite features. The Enverite EDA suite also offers the Trace archiver for tamper-evident digital thread creation and the Retrace auditor for automated auditing and reproduction of traced builds.
FPGA designers seeking to enhance their design assurance process can acquire Enverite EDA and unlock its full potential to streamline workflows, mitigate risks, and deliver mission-critical FPGA designs with unmatched assurance.
See Press Release for more information.
We are excited to announce that Graf Research will be demonstrating Enverite PV-Bit verification in booth 719 at GOMACTech 2024. Make sure to stop by our booth to in Charleston, South Carolina, from March 19-20, 2024.
Enverite EDA offers a comprehensive suite of tools designed to address the critical challenges facing FPGA designers in ensuring the security, integrity, and assurance within their designs. Attendees at GOMACTech 2024 will have the opportunity to see a demonstration of Enverite PV-Bit verification. Engage with our experts at the booth and discuss PV-Bit verification of bitstream integrity, or other Enverite features. The Enverite EDA suite also offers the Trace archiver for tamper-evident digital thread creation and the Retrace auditor for automated auditing and reproduction of traced builds.
FPGA designers seeking to enhance their design assurance process can acquire Enverite EDA and unlock its full potential to streamline workflows, mitigate risks, and deliver mission-critical FPGA designs with unmatched assurance.
See Press Release for more information.
We’re also presenting two papers at GOMACTech 2024 in March – a poster and a presentation. Our papers discuss our EnsofIC Attest platform for non-destructive evaluation of counterfeit FPGAs and the role of EDA, including our Enverite EDA suite, in accelerating the development of high assurance FPGAs.
GOMACTech 2024 Nontraditional Approaches to Trust Session
March 19, 2024, 1:30-3:10 PM
Non-Destructive Evaluation of Repackaged Counterfeit FPGAs via Machine Learning
Whitney Batchelor, James Koiner, Cody Crofford, Kevin Paar, Margaret Winslow, Mia Taylor, Scott Harper
Abstract: With ongoing microelectronic supply chain issues, the demand for genuine field-programmable gate arrays (FPGAs) is increasing – but so is the occurrence of counterfeit devices. Frequently, devices are used, salvaged from old systems, and repackaged as new. These recycled devices represent the largest class of counterfeit devices and are becoming more rampant. Therefore, it is often necessary to test whether a device is counterfeit before employing it in a new system. Current methods for evaluating the genuine nature of devices are frequently destructive, allowing for only small sample testing within lots. Other methods require complex external equipment and cannot be readily deployed throughout the supply chain. Graf Research Corporation has developed a methodology for using telemetry bitstreams to characterize an FPGA device and subsequently classify whether a device is a repackaged counterfeit via statistical and machine learning models. The new method utilizes minimal external equipment, is non-destructive, and can be employed at any point throughout the supply chain.
GOMACTech 2024 Poster Session
March 21, 2024, 10:30-12:00 PM
The Role of EDA in FPGA Assurance Best Practices
Margaret Winslow, Jonathan Graf, Whitney Batchelor, Scott Harper, Kevin Paar, Ali Asgar Sohanghpurwala
Abstract: Developing assured microelectronics requires coordination throughout the lifecycle of the device to ensure that necessary assurance policy, guidance, and/or best practices are met. Assurance practices recommended by the recently-published DoD Microelectronics: FPGA Level of Assurance 1 Best Practices and related guidance for higher levels of assurance (LoAs) can be categorized such that programs can delegate assurance tasks across personnel within a program. A significant portion of assurance practices remain dependent on the actions of the development team, however. This paper explores which of the assurance practices that fall to the development team are automatable using Electronic Design Automation (EDA) tools and which involve more manual interventions and practices, highlighting specific tools of interest to the FPGA assurance community. This work concludes that all assurance tasks left to the development team are accelerable with traditional and emerging EDA tools, making compliance with LoA best practices a tractable challenge.
Graf Research Corporation hosted its fifth annual All-Company Event. The whole team met at our headquarters in Blacksburg, VA, for thought provoking presentations and discussions, team-building activities, and delicious food and refreshments. After meeting hours, the team headed to the Black Hen restaurant for great food and conversations. We also had an event at McClain’s for appetizers, bowling, and games.
The whole team is excited to get back to work on product development and research fueled by the new ideas generated at our all-company meeting. We are so thankful for our team of innovative thinkers, and we eagerly anticipate another great year of unleashing innovation at Graf Research Corporation!
We have a poster presentation at IEEE PAINE 2023 in Huntsville, AL on October 24, 2023. Come learn about our Enforte™ Attest™ device verification tool!
—————
Attest: Non-Destructive Identification of Counterfeit FPGA Devices
Whitney Batchelor, James Koiner, Cody Crofford, Kevin Paar, Margaret Winslow, Mia Taylor, Scott Harper, Ph.D.
Abstract: With ongoing microelectronic supply chain issues, the demand for genuine field-programmable gate arrays (FPGAs) is increasing – but so is the occurrence of counterfeit devices. Frequently, devices are used, salvaged from old systems, and repackaged as new. These recycled devices represent the largest class of counterfeit devices and are becoming more rampant. Therefore, it is often necessary to test whether a device is counterfeit before employing it in a new system. Current methods for evaluating the genuine nature of devices are frequently destructive, allowing for only small sample testing within lots. Other methods require complex external equipment and cannot be readily deployed throughout the supply chain. Graf Research Corporation has developed a methodology for using telemetry bitstreams to characterize an FPGA device and subsequently classify whether a device is a repackaged counterfeit via statistical and machine learning models. The new method utilizes minimal external equipment, is non-destructive, and can be employed at any point throughout the supply chain.
We have a booth at Partner Night during all three AMD Xilinx Security Working Group 2023 events.
Come learn more about the Graf Research® Enverite® EDA Suite:
Longmont, CO on Tuesday, October 24, 2023, from 6:00 - 9:00 pm
Washington D.C. on Wednesday, November 8, 2023, from 5:30 - 8:00 pm
Munich, Germany on Tuesday, December 5, 2023, from 5:30 - 8:00 pm
DAC 2023 is in full swing! Come on out and see us to learn how Enverite PV-Bit and Trace can help assure your FPGA designs!
Our CEO, Jonathan Graf, is giving an invited visionary talk at IEEE HOST 2023 tomorrow morning. Come on out and hear what he has to say!
Topic Title: Verify the Bits that Fly
Topic Abstract: The bitstream is the only representation of an FPGA design that "flies" – that is deployed with the device – so why don't we verify them? Programmable and adaptive computing devices, including FPGAs and their complex modern MPSoC variants, present novel challenges to hardware-oriented security and trust. The function of FPGA hardware is not fully realized until programmed with a bitstream that implements a specific application at runtime. The verification of this bitstream is often overlooked, as it is too hardware-like for traditional software verification and too software-like for traditional hardware verification. As a result, substantially all EDA-driven FPGA verification takes place on RTL or netlist models of the design but not on the bitstream that gets deployed. Further non-technical difficulties arise from the legal challenges associated with the intellectual property embodied not only in the bitstream contents but also in the interpretation of bitstream formats. For 17 years, under both government and private funding, Dr. Jonathan Graf has led teams that have produced a variety of solutions to this challenge. In this visionary talk, Jon will tell the story of developing approaches to bitstream verification: the strategies, the dead ends, the hurdles, the policies, the industries with interest, and the current solution. The talk concludes with a discussion of two just-announced EDA software tools from Graf Research, entitled Enverite™ PV-Bit™ and Trace™. These interoperate with traditional EDA tools to provide security assurances for the FPGA bitstream, the “bits that fly.”
GOMAC is in session here in San Diego! Don’t forget, Graf Research is presenting:
Two posters on March 23 at 10:30am (P50-38 and P50-39).
A presentation of our paper residual risk on March 23 at 1:30pm (Session 38-5).
A booth during the ongoing Exhibits session where you can talk to our experts about how our tools can assist you in producing assured designs (Booth 713).
We look forward to seeing you there!
Come see our presentations, posters, and booth at GOMAC 2023! Click here for the full GOMAC 2023 program schedule.
Poster Session: The poster session is at 10:30am – 12:10pm, Thurs March 23. We hope to see you there!
Poster P50-38: “Generating Statistically Relevant Trojan Benchmarks for Microelectronics Quantifiable Assurance”
Poster P50-39: “Facilitating Assurance and Collaboration through Digital Threads in Microelectronics Experiments”
Presentation Session: We’re presenting our third paper in Session 38: Side-Channel Analysis, at 1:30 – 3:10pm, Thurs March 23.
Session 38-5: “Determining Residual Risk from Optimized Selection of Hardware Trojan Detection Strategies”
We will also be present in the ongoing Exhibits session at Booth 713 where you can talk to our experts about the software tools we offer, including Enverite design assurance solutions and our OpTrust service. We’ll be available at our booth all day on Tues March 21 and Wed March 22.
We’re presenting three papers at GOMAC 2023 in March – two posters and one presentation. Our papers discuss the quality of trojan benchmarks for microelectronics quantifiable assurance as well as a methodology for calculating the risk in hardware trojan detection strategies. We are also discussing our microelectronics lab experimentation platform, Benches, and how it can be used to capture digital threads of experiments. We will be demoing Benches at our booth, so definitely come check that out!
We’ll send out another update soon with information on our session numbers and dates. The team has put in significant effort, and we can’t wait for you to see it.
Poster
Generating Statistically Relevant Trojan Benchmarks for Microelectronics Quantifiable Assurance
Margaret Winslow, Whitney Bachelor, James Koiner, Kevin Paar, Scott Harper, Jonathan Graf
Abstract: Hardware trojan horse (HTH) detection metrics are used to quantify the value of trojan detection methods. These metrics, often in terms of probability of detection and probability of false alarm, can be used to help quantify the impact on design assurance when applying mitigations to a microelectronics circuit. A question arises, however, regarding how statistically sound the metric values must be to make reasonable trust and assurance decisions. Statistical relevance metrics have been used in many fields to justify confidence in claims, and benchmarks that can produce statistically relevant detection metrics are necessary to trust the quantification of microelectronics assurance. This work defines the requirements for generating statistically relevant detection metrics that are useful for quantifying microelectronics design assurance via testing with a strategically implemented circuit design benchmark set.
-----
Presentation
Determining Residual Risk from Optimized Selection of Hardware Trojan Detection Strategies
Zachary A. Collier, Whitney Batchelor, Margaret Winslow, Scott Harper, Jonathan Graf
Abstract: Game theory has been shown to have practical applications in the optimal selection of hardware trojan detection and prevention strategies for circuit design. Previous work has used quantitative metrics measuring performance and cost of a countermeasure to predict optimal defense strategy selections, while considering the goals and actions of an adversary. This was accomplished with a game theoretic model of the response of a defender and an attacker to possible design assurance strategy selections. To date, no concrete quantification of the changes in risk associated with the resulting design decisions has been presented. This work introduces a methodology for deriving and calculating the inherent risk, residual risk, and risk reduction that result from the game theoretic models of design decisions when evaluating hardware trojan detection and prevention strategies.
-----
Poster
Facilitating Assurance and Collaboration through Digital Threads in Microelectronics Experiments
Edward Carlisle IV, Scott Harper, Jonathan Graf
Abstract: Laboratory experimentation with circuits and systems can be a complex process. Exact repetition of processes such as radiation testing, second-party verification of conclusions drawn from side channel analysis, and preservation of experimental processes all require the full detail of an experiment to be captured when it is run. Capturing a digital thread of an experiment provides this capability but can be a complex process that is prone to human error if not fully automated. This paper presents an automated microelectronics lab experimentation platform called Benches. We describe how Benches automates the capture of the digital thread of a microelectronics experiment and how these digital threads facilitate assurance and collaboration.
This was the first in-person All-Company Event that Graf Research Corporation has hosted since 2019, and the fourth annual meeting overall. Several of our team members had never even met each other in person until now, and much of the team had never seen our Atlanta office. It was wonderful to get back in the rhythm of hosting this important annual meeting, and as usual everybody gave excellent presentations covering the company’s current research and products as well as ideas for our future business plan!
Outside of meeting hours, we ate a delicious dinner together at Wrecking Bar Brewpub, and some of us also went to the Georgia Aquarium and to Atlanta’s famous food hall, Ponce City Market. The fun and games were well-deserved!
After this all-company meeting, we’re all feeling energized and excited about continuing to transform our ideas into innovative research and products. That’s what makes these annual meetings so great—they get everybody’s minds together to focus on what we’re doing well and what new directions we can go in. Now we look forward to another great year of unleashing innovation at Graf Research Corporation!
We’re presenting two papers at the 2022 Anti-Tamper Conference in Laurel, Maryland.
-----
Anti-Tamper Implementation – An Irrefutable Logger in Microchip Polarfire Devices
Kevin Paar, Jonathan Graf, Scott Harper, Tim Dunham
Abstract: This paper discusses the implementation of a rich, irrefutable tamper logging solution for the Microchip Polarfire family of flash-based Field Programmable Gate Array (FPGA) ICs. Leveraging the unique capabilities of the Polarfire FPGA, the solution immediately journals incoming log entries into secure internal storage and later archives the log entries to an external non-volatile storage media. The solution utilizes rolling-key encryption, authentication, and chained hashing of the externally stored log entries to support verification and validation of log integrity. Implementing this system in Polarfire FPGAs requires a vastly different solution than similar logs implemented in Xilinx Kintex and Zynq UltraScale+ devices.
-----
Modernizing FPGA Design Assurance Software
Jonathan Graf, Scott Harper, Ali Asgar Sohanghpurwala, and Edward Carlisle IV
Abstract: We present five principles for modern FPGA design assurance tools: verification, auditing, quantification, automation, and interoperability. We claim these principles are mandatory for such tooling and explore three software tools in this context – DELV, Trace, and PV‐Bit. Our conclusion is that it is possible to create tools that follow the principles and that this approach quantifiably impacts FPGA design assurance.
Jonathan Graf will be giving a talk, “Synthesis Flow Integrity and Reproducibility via Trace,” to a meeting of USC, DoD, and DIB members of the FPGA community. The lecture will emphasize the importance and usefulness of our Trace product in EDA tools. Carlton Fraley, Steven Frederiksen, and Scott Harper have contributed to the lecture but will not be able to attend in person.
We’ve opened an office in Dayton, OH! This office is an important addition to the company because it puts us closer to our customers, including those at Wright-Patterson Airforce Base, making it easier for them to visit us for demos and meetings. Not only that, but we’re close to a number of great-looking restaurants as well as nature areas like Oakes Quarry Park and the Koogler Wetland/Prairie Reserve. We’re excited to get started here and to fill our desks with more smart people as we continue to grow!
The team has done it again! Last year we presented three papers at GOMAC, and this year, we’ll be presenting four! The whole team has put so much effort into this research, and we can’t wait to show off our achievements. GOMAC will be hosted in Miami, so the team hopes to thaw out a bit from winter in addition to giving great presentations on our latest work. Take a look below to learn more about what we’ll discuss. Come out and see us in our first in-person conference in 2 years!
-----
Modernizing FPGA Design Assurance Software
Jonathan Graf, Scott Harper, Ali Asgar Sohanghpurwala, Edward Carlisle IV
Abstract: This paper presents five key principles for modern FPGA design assurance tools: verification, auditing, quantification, automation, and interoperability. We claim these principals are mandatory for such tooling and explore three hardware design assurance software tools in this context – DELV, Trace, and PV-Bit. Our conclusion is that it is possible to create tools that follow the principles and that adherence to these principles quantifiably impacts design assurance.
-----
Advancing Strategy Selection for Hardware Trojan Detection with Subrational Behavior Models
Whitney Batchelor, Meg Winslow, Cody Crofford, Michael Blacconiere, Scott Harper, Jonathan Graf
Abstract: Game theory has been shown to have practical applications in the optimization of hardware Trojan detection and prevention strategy selection in circuit design. In previous work, metrics measuring the performance and cost of a countermeasure when considering the action of an adversary given their goals are quantified to predict optimal defense strategy selections. Those models assume an encounter between two rational players and build upon a security economic approach in the context of empirically derived countermeasure efficacy metrics. That is, both offensive and defensive players act in a rational manner, choosing the action resulting in their greatest financial gain (or lowest loss) when considering the likely action of their opponent. The assumption of rational players allows for a baseline analysis when optimizing detection strategy selection but does not consider human behaviors that may drive a sub-optimal decision. These behaviors may result from having risk adverse/seeking players, carrying bias towards certain methods, understanding the results from prior attacks and defensive mechanisms, and/or additional motivations. In this paper, we extend the rational game theoretic model previously evaluated in the quantitative assurance space with the concept of subrationality; that is, when the players have the option of making an informed but less optimal choice due to some definable bias. This work introduces three subrational models that simulate risk adverse and risk seeking players, knowledge of prior play, and random error with application to the previously developed models pertaining to the optimal selection of hardware Trojan detection strategies.
-----
Trace: Towards a Traceable Microelectronics Implementation Flow
Ali Asgar Sohanghpurwala, Carlton Fraley, Jonathan Graf, Scott Harper
Abstract: Microelectronics design processes often include implementation flows that perform incremental steps to convert human-readable source code or schematics into a binary executable or hardware circuit that can be deployed on the desired Microprocessor, FPGA, PCB, or ASIC technology. Available tools help users partially verify the output of these implementation flows, but a gap exists in assuring and preserving the integrity of those output products along with the source code and implementation settings that were used to produce them. Ideally, a security auditor should be able to prove or disprove the trustworthiness of specific design implementations deployed in the face of an advanced adversary. What is proposed here is progression towards a fully traceable and reproducible implementation flow that uses proven cryptographic principles to enable a tamper-resistant audit trail for Microelectronic design implementation along with companion tools for auditing and precisely reproducing the implementation process.
-----
Automated Analysis of a Thermally Triggered FPGA Hardware Trojan
Edward Carlisle IV, Scott Harper, James Koiner, Kevin Paar, Michael Capone, and Jonathan Graf
Abstract: This paper presents a remote hardware-in-the-loop Hardware Trojan Horse (HTH) analysis approach that automates the process of examining HTH effects and characterizing detection/mitigation effectiveness. We frame the discussion around a novel HTH that is triggered by variations in temperature and is implemented in the fabric of a Field Programmable Gate Array device. We demonstrate the characterization and activation of the HTH using a fully automated web-based lab bench platform.
With the covid-19 pandemic, Graf Research Corporation was regrettably unable to host its annual All-Company Event in 2020. However, this year we were thrilled to bring it back! In order to take precautions, the event went virtual this time around, so things were a little different. Despite this, we still had another excellent set of presentations from everyone at the company covering topics such as our current research and technologies as well as company culture, history, and values. These presentations are essential to getting everyone on the same page and familiarized with one another’s work.
The company event was split this year between the 20th and the 27th, and we held a casual evening gathering after each day. The Blacksburg folks hung out at Eastern Divide and Rising Silo Brewery, and the Atlanta people chatted over beers and roasted cauliflower at Wild Heaven and Best End Brewing Company.
Despite the fact that we couldn’t be together entirely in person, we’re pumped about all the new ideas and research the team is producing. Every team member plays a valuable part in the company, and we’re excited for what we’ve got planned this coming year.
