Is there an industry term for IC “drop-in” circuits used for malicious or clandestine purposes?
$begingroup$
There is a vocabulary for code used for malicious or clandestine purposes. Terms include malware, virus, trojan-horse...
In a large IC with millions of transistors, it is feasible to produce a version with an additional small drop-in that can be exploited without any special software included in the host machine. These tiny additions are particularly difficult to detect without destructive deconstruction and mapping via electron or X-ray microscopy.
Is there are term for this class of hardware exploit?
I'm looking for something beyond "Fake IC" or "counterfeit IC", those presumably deceive the customer for reasons of profit, but wouldn't necessarily contain extra circuit layout for malicious or clandestine purposes.
terminology ic-layout
$endgroup$
|
show 4 more comments
$begingroup$
There is a vocabulary for code used for malicious or clandestine purposes. Terms include malware, virus, trojan-horse...
In a large IC with millions of transistors, it is feasible to produce a version with an additional small drop-in that can be exploited without any special software included in the host machine. These tiny additions are particularly difficult to detect without destructive deconstruction and mapping via electron or X-ray microscopy.
Is there are term for this class of hardware exploit?
I'm looking for something beyond "Fake IC" or "counterfeit IC", those presumably deceive the customer for reasons of profit, but wouldn't necessarily contain extra circuit layout for malicious or clandestine purposes.
terminology ic-layout
$endgroup$
1
$begingroup$
In the video game community, something similar to this is called a modchip, though it's not usually a modified version of an existing chip.
$endgroup$
– Hearth
3 hours ago
$begingroup$
@Hearth Thanks!! if there's a supporting link, that might be a reasonable answer to post.
$endgroup$
– uhoh
3 hours ago
2
$begingroup$
@ElliotAlderson you don't need to make something in order to refer to it with a term. The software industry doesn't make malware, but it does refer to it quite a bit!
$endgroup$
– uhoh
3 hours ago
1
$begingroup$
@Passerby It hasn't been definitively shown to be a hoax, but every single company implicated -- as well as the DHS -- has categorically denied it, and one of Bloomberg's key sources has stated that he suggested that exact mechanism as an example of how an implant could theoretically be hidden. So it all looks really fishy.
$endgroup$
– duskwuff
3 hours ago
1
$begingroup$
@uhoh The reason I didn't put this as an answer is that modchips are not actually what you're referring to, but a somewhat similar thing. Specifically, modchips are ICs added to an existing circuit board in order to bypass some form of protection on the board, for example to make the system accept copied game discs. They are not sold as something other than what they are.
$endgroup$
– Hearth
3 hours ago
|
show 4 more comments
$begingroup$
There is a vocabulary for code used for malicious or clandestine purposes. Terms include malware, virus, trojan-horse...
In a large IC with millions of transistors, it is feasible to produce a version with an additional small drop-in that can be exploited without any special software included in the host machine. These tiny additions are particularly difficult to detect without destructive deconstruction and mapping via electron or X-ray microscopy.
Is there are term for this class of hardware exploit?
I'm looking for something beyond "Fake IC" or "counterfeit IC", those presumably deceive the customer for reasons of profit, but wouldn't necessarily contain extra circuit layout for malicious or clandestine purposes.
terminology ic-layout
$endgroup$
There is a vocabulary for code used for malicious or clandestine purposes. Terms include malware, virus, trojan-horse...
In a large IC with millions of transistors, it is feasible to produce a version with an additional small drop-in that can be exploited without any special software included in the host machine. These tiny additions are particularly difficult to detect without destructive deconstruction and mapping via electron or X-ray microscopy.
Is there are term for this class of hardware exploit?
I'm looking for something beyond "Fake IC" or "counterfeit IC", those presumably deceive the customer for reasons of profit, but wouldn't necessarily contain extra circuit layout for malicious or clandestine purposes.
terminology ic-layout
terminology ic-layout
edited 3 hours ago
uhoh
asked 4 hours ago
uhohuhoh
935533
935533
1
$begingroup$
In the video game community, something similar to this is called a modchip, though it's not usually a modified version of an existing chip.
$endgroup$
– Hearth
3 hours ago
$begingroup$
@Hearth Thanks!! if there's a supporting link, that might be a reasonable answer to post.
$endgroup$
– uhoh
3 hours ago
2
$begingroup$
@ElliotAlderson you don't need to make something in order to refer to it with a term. The software industry doesn't make malware, but it does refer to it quite a bit!
$endgroup$
– uhoh
3 hours ago
1
$begingroup$
@Passerby It hasn't been definitively shown to be a hoax, but every single company implicated -- as well as the DHS -- has categorically denied it, and one of Bloomberg's key sources has stated that he suggested that exact mechanism as an example of how an implant could theoretically be hidden. So it all looks really fishy.
$endgroup$
– duskwuff
3 hours ago
1
$begingroup$
@uhoh The reason I didn't put this as an answer is that modchips are not actually what you're referring to, but a somewhat similar thing. Specifically, modchips are ICs added to an existing circuit board in order to bypass some form of protection on the board, for example to make the system accept copied game discs. They are not sold as something other than what they are.
$endgroup$
– Hearth
3 hours ago
|
show 4 more comments
1
$begingroup$
In the video game community, something similar to this is called a modchip, though it's not usually a modified version of an existing chip.
$endgroup$
– Hearth
3 hours ago
$begingroup$
@Hearth Thanks!! if there's a supporting link, that might be a reasonable answer to post.
$endgroup$
– uhoh
3 hours ago
2
$begingroup$
@ElliotAlderson you don't need to make something in order to refer to it with a term. The software industry doesn't make malware, but it does refer to it quite a bit!
$endgroup$
– uhoh
3 hours ago
1
$begingroup$
@Passerby It hasn't been definitively shown to be a hoax, but every single company implicated -- as well as the DHS -- has categorically denied it, and one of Bloomberg's key sources has stated that he suggested that exact mechanism as an example of how an implant could theoretically be hidden. So it all looks really fishy.
$endgroup$
– duskwuff
3 hours ago
1
$begingroup$
@uhoh The reason I didn't put this as an answer is that modchips are not actually what you're referring to, but a somewhat similar thing. Specifically, modchips are ICs added to an existing circuit board in order to bypass some form of protection on the board, for example to make the system accept copied game discs. They are not sold as something other than what they are.
$endgroup$
– Hearth
3 hours ago
1
1
$begingroup$
In the video game community, something similar to this is called a modchip, though it's not usually a modified version of an existing chip.
$endgroup$
– Hearth
3 hours ago
$begingroup$
In the video game community, something similar to this is called a modchip, though it's not usually a modified version of an existing chip.
$endgroup$
– Hearth
3 hours ago
$begingroup$
@Hearth Thanks!! if there's a supporting link, that might be a reasonable answer to post.
$endgroup$
– uhoh
3 hours ago
$begingroup$
@Hearth Thanks!! if there's a supporting link, that might be a reasonable answer to post.
$endgroup$
– uhoh
3 hours ago
2
2
$begingroup$
@ElliotAlderson you don't need to make something in order to refer to it with a term. The software industry doesn't make malware, but it does refer to it quite a bit!
$endgroup$
– uhoh
3 hours ago
$begingroup$
@ElliotAlderson you don't need to make something in order to refer to it with a term. The software industry doesn't make malware, but it does refer to it quite a bit!
$endgroup$
– uhoh
3 hours ago
1
1
$begingroup$
@Passerby It hasn't been definitively shown to be a hoax, but every single company implicated -- as well as the DHS -- has categorically denied it, and one of Bloomberg's key sources has stated that he suggested that exact mechanism as an example of how an implant could theoretically be hidden. So it all looks really fishy.
$endgroup$
– duskwuff
3 hours ago
$begingroup$
@Passerby It hasn't been definitively shown to be a hoax, but every single company implicated -- as well as the DHS -- has categorically denied it, and one of Bloomberg's key sources has stated that he suggested that exact mechanism as an example of how an implant could theoretically be hidden. So it all looks really fishy.
$endgroup$
– duskwuff
3 hours ago
1
1
$begingroup$
@uhoh The reason I didn't put this as an answer is that modchips are not actually what you're referring to, but a somewhat similar thing. Specifically, modchips are ICs added to an existing circuit board in order to bypass some form of protection on the board, for example to make the system accept copied game discs. They are not sold as something other than what they are.
$endgroup$
– Hearth
3 hours ago
$begingroup$
@uhoh The reason I didn't put this as an answer is that modchips are not actually what you're referring to, but a somewhat similar thing. Specifically, modchips are ICs added to an existing circuit board in order to bypass some form of protection on the board, for example to make the system accept copied game discs. They are not sold as something other than what they are.
$endgroup$
– Hearth
3 hours ago
|
show 4 more comments
1 Answer
1
active
oldest
votes
$begingroup$
Trojan is the term. Specifically Hardware Trojan. This term is generic as it applies to any hardware that produces this unwanted security hole, including MITM hardware, equipment with circuit boards replaced, firmware replacement, add on hardware like mod-chips not disclosed to the end user etc. Not specifically just wafer level changes to an IC, but that's included.
See https://www.sbir.gov/sbirsearch/detail/1319177 for the Design Tools for Hardware Trojan Detection and Mitigation article provided to the Department of Defense.
$endgroup$
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
return StackExchange.using("mathjaxEditing", function () {
StackExchange.MarkdownEditor.creationCallbacks.add(function (editor, postfix) {
StackExchange.mathjaxEditing.prepareWmdForMathJax(editor, postfix, [["\$", "\$"]]);
});
});
}, "mathjax-editing");
StackExchange.ifUsing("editor", function () {
return StackExchange.using("schematics", function () {
StackExchange.schematics.init();
});
}, "cicuitlab");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "135"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2felectronics.stackexchange.com%2fquestions%2f420242%2fis-there-an-industry-term-for-ic-drop-in-circuits-used-for-malicious-or-clande%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
$begingroup$
Trojan is the term. Specifically Hardware Trojan. This term is generic as it applies to any hardware that produces this unwanted security hole, including MITM hardware, equipment with circuit boards replaced, firmware replacement, add on hardware like mod-chips not disclosed to the end user etc. Not specifically just wafer level changes to an IC, but that's included.
See https://www.sbir.gov/sbirsearch/detail/1319177 for the Design Tools for Hardware Trojan Detection and Mitigation article provided to the Department of Defense.
$endgroup$
add a comment |
$begingroup$
Trojan is the term. Specifically Hardware Trojan. This term is generic as it applies to any hardware that produces this unwanted security hole, including MITM hardware, equipment with circuit boards replaced, firmware replacement, add on hardware like mod-chips not disclosed to the end user etc. Not specifically just wafer level changes to an IC, but that's included.
See https://www.sbir.gov/sbirsearch/detail/1319177 for the Design Tools for Hardware Trojan Detection and Mitigation article provided to the Department of Defense.
$endgroup$
add a comment |
$begingroup$
Trojan is the term. Specifically Hardware Trojan. This term is generic as it applies to any hardware that produces this unwanted security hole, including MITM hardware, equipment with circuit boards replaced, firmware replacement, add on hardware like mod-chips not disclosed to the end user etc. Not specifically just wafer level changes to an IC, but that's included.
See https://www.sbir.gov/sbirsearch/detail/1319177 for the Design Tools for Hardware Trojan Detection and Mitigation article provided to the Department of Defense.
$endgroup$
Trojan is the term. Specifically Hardware Trojan. This term is generic as it applies to any hardware that produces this unwanted security hole, including MITM hardware, equipment with circuit boards replaced, firmware replacement, add on hardware like mod-chips not disclosed to the end user etc. Not specifically just wafer level changes to an IC, but that's included.
See https://www.sbir.gov/sbirsearch/detail/1319177 for the Design Tools for Hardware Trojan Detection and Mitigation article provided to the Department of Defense.
edited 3 hours ago
answered 3 hours ago
PasserbyPasserby
57.1k453149
57.1k453149
add a comment |
add a comment |
Thanks for contributing an answer to Electrical Engineering Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
Use MathJax to format equations. MathJax reference.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2felectronics.stackexchange.com%2fquestions%2f420242%2fis-there-an-industry-term-for-ic-drop-in-circuits-used-for-malicious-or-clande%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
$begingroup$
In the video game community, something similar to this is called a modchip, though it's not usually a modified version of an existing chip.
$endgroup$
– Hearth
3 hours ago
$begingroup$
@Hearth Thanks!! if there's a supporting link, that might be a reasonable answer to post.
$endgroup$
– uhoh
3 hours ago
2
$begingroup$
@ElliotAlderson you don't need to make something in order to refer to it with a term. The software industry doesn't make malware, but it does refer to it quite a bit!
$endgroup$
– uhoh
3 hours ago
1
$begingroup$
@Passerby It hasn't been definitively shown to be a hoax, but every single company implicated -- as well as the DHS -- has categorically denied it, and one of Bloomberg's key sources has stated that he suggested that exact mechanism as an example of how an implant could theoretically be hidden. So it all looks really fishy.
$endgroup$
– duskwuff
3 hours ago
1
$begingroup$
@uhoh The reason I didn't put this as an answer is that modchips are not actually what you're referring to, but a somewhat similar thing. Specifically, modchips are ICs added to an existing circuit board in order to bypass some form of protection on the board, for example to make the system accept copied game discs. They are not sold as something other than what they are.
$endgroup$
– Hearth
3 hours ago