PowerScout: Security-Oriented Power Delivery Network Modeling for Side-Channel Vulnerability Analysis

The growing complexity of modern electronic systems leads to the design of more sophisticated power delivery networks (PDNs). Similar to other system-level shared hardware resources, the on-board PDN unintentionally introduces side channels across design layers and voltage domains which are not explicitly specified in the functional specification. Recent works have demonstrated that the exploitation of the side channel can compromise the system security such as information leakage and fault injection. In this work, we systematically investigate the PDN-based side channel as well as potential countermeasures. To facilitate this goal, we develop PowerScout, a security-oriented PDN simulation framework that unifies the modeling of different PDN-based side-channel attacks. PowerScout performs a fast nodal analysis of complex PDNs at the system level to quantitatively evaluate the severity of side-channel vulnerabilities. With the support of PowerScout, for the first time, we validate PDN side-channel attacks in the literature via simulation. Furthermore, we are able to quantitatively measure the security impact of PDN parameters and configurations. For example, towards information leakage, removing near-chip capacitors can increase intra-chip information leakage by a maximum of 23.23 dB at mid-frequency range and inter-chip leakage by an average of 31.68 dB at mid- and high-frequency range. Similarly, the optimal toggling frequency and duty cycle are derived to achieve fault injection attacks with higher success rate and more precise control. In addition, the vulnerabilities are evaluated when hiding-based countermeasures are implemented. Based on the evaluation, we can understand the optimal defense configuration and explore the trade-off between information leakage mitigation and power supply stability.