Due to the enhanced capability of adversaries, electronic systems are now increasingly vulnerable to counterfeiting and piracy. The majority of counterfeit systems today are of cloned type, which have been on the rise in the recent years. Ensuring the security of such systems is of great concern as an adversary can create a backdoor or insert a malware to bypass security modules. The reliability of such systems could also be questionable as the components used in these systems may be counterfeit and/or of inferior quality. It is of prime importance to develop solutions that can prevent an adversary from creating these non-authentic systems. In this paper, we present a novel system-level mutual authentication approach for both the hardware and firmware. The hardware authenticates the firmware by verifying the checksum during the power-up. On the other hand, firmware verifies the identity of the hardware and cannot produce correct results unless it receives a unique hardware fingerprint, which we call as system ID. We propose two secure protocols, TIDP and TIDS, to construct the system ID and authenticate the system by using this unique ID. We show that our approach is resistant to various known attacks.
