Hardware Trojan

About: Hardware Trojan is a research topic. Over the lifetime, 1210 publications have been published within this topic receiving 19494 citations.

MERO: A Statistical Approach for Hardware Trojan Detection

Abstract: In order to ensure trusted in---field operation of integrated circuits, it is important to develop efficient low---cost techniques to detect malicious tampering (also referred to as Hardware Trojan ) that causes undesired change in functional behavior Conventional post--- manufacturing testing, test generation algorithms and test coverage metrics cannot be readily extended to hardware Trojan detection In this paper, we propose a test pattern generation technique based on multiple excitation of rare logic conditions at internal nodes Such a statistical approach maximizes the probability of inserted Trojans getting triggered and detected by logic testing, while drastically reducing the number of vectors compared to a weighted random pattern based test generation Moreover, the proposed test generation approach can be effective towards increasing the sensitivity of Trojan detection in existing side---channel approaches that monitor the impact of a Trojan circuit on power or current signature Simulation results for a set of ISCAS benchmarks show that the proposed test generation approach can achieve comparable or better Trojan detection coverage with about 85% reduction in test length on average over random patterns

Hardware Trojan: Threats and emerging solutions

Abstract: Malicious modification of hardware during design or fabrication has emerged as a major security concern. Such tampering (also referred to as Hardware Trojan) causes an integrated circuit (IC) to have altered functional behavior, potentially with disastrous consequences in safety-critical applications. Conventional design-time verification and post-manufacturing testing cannot be readily extended to detect hardware Trojans due to their stealthy nature, inordinately large number of possible instances and large variety in structure and operating mode. In this paper, we analyze the threat posed by hardware Trojans and the methods of deterring them. We present a Trojan taxonomy, models of Trojan operations and a review of the state-of-the-art Trojan prevention and detection techniques. Next, we discuss the major challenges associated with this security concern and future research needs to address them.

FANCI: identification of stealthy malicious logic using boolean functional analysis

Abstract: Hardware design today bears similarities to software design. Often vendors buy and integrate code acquired from third-party organizations into their designs, especially in embedded/system-on-chip designs. Currently, there is no way to determine if third-party designs have built-in backdoors that can compromise security after deployment.The key observation we use to approach this problem is that hardware backdoors incorporate logic that is nearly-unused, i.e. stealthy. The wires used in stealthy backdoor circuits almost never influence the outputs of those circuits. Typically, they do so only when triggered using external inputs from an attacker. In this paper, we present FANCI, a tool that flags suspicious wires, in a design, which have the potential to be malicious. FANCI uses scalable, approximate, boolean functional analysis to detect these wires.Our examination of the TrustHub hardware backdoor benchmark suite shows that FANCI is able to flag all suspicious paths in the benchmarks that are associated with backdoors. Unlike prior work in the area, FANCI is not hindered by incomplete test suite coverage and thus is able to operate in practice without false negatives. Furthermore, FANCI reports low false positive rates: less than 1% of wires are reported as suspicious in most cases. All TrustHub designs were analyzed in a day or less. We also analyze a backdoor-free out-of-order microprocessor core to demonstrate applicability beyond benchmarks.

Detecting malicious inclusions in secure hardware: Challenges and solutions

Abstract: This paper addresses a new threat to the security of integrated circuits (ICs) used in safety critical, security and military systems. The migration of IC fabrication to low-cost foundries has made ICs vulnerable to malicious alterations, that could, under specific conditions, result in functional changes and/or catastrophic failure of the system in which they are embedded. We refer to such malicious alternations and inclusions as Hardware Trojans. The modification(s) introduced by the Trojan depends on the application, with some designed to disable the system or degrade signal integrity, while others are designed to defeat hardware security and encryption to leak plain text information. This paper explores the wide range of malicious alternations of ICs that are possible and proposes a general framework for their classification. The taxonomy is essential for properly evaluating the effectiveness of methods designed to detect Trojans. The latter portion of the paper explores several Trojan detection strategies and the classes of Trojans each is most likely to detect.

At-speed delay characterization for IC authentication and Trojan Horse detection

Abstract: New attacker scenarios involving integrated circuits (ICs) are emerging that pose a tremendous threat to national security. Concerns about overseas fabrication facilities and the protection of deployed ICs have given rise to methods for IC authentication (ensuring that an IC being used in a system has not been altered, replaced, or spoofed) and hardware Trojan Horse (HTH) detection (ensuring that an IC fabricated in a nonsecure facility contains the desired functionality and nothing more), but significant additional work is required to quell these treats. This paper discusses how a technique for precisely measuring the combinational delay of an arbitrarily large number of register-to-register paths internal to the functional portion of the IC can be used to provide the desired authentication and design alteration (including HTH implantation) detection. This low-cost delay measurement technique does not affect the main IC functionality and can be performed at-speed at both test-time and run-time.