Abstract
Detection of hardware Trojans is vital to ensure the security and trustworthiness of System-on-Chip (SoC) designs. Side-channel analysis is effective for Trojan detection by analyzing various side-channel signatures such as power, current, and delay. In this article, we propose an efficient test generation technique to facilitate side-channel analysis utilizing dynamic current. While early work on current-aware test generation has proposed several promising ideas, there are two major challenges in applying it on large designs: (i) The test generation time grows exponentially with the design complexity, and (ii) it is infeasible to detect Trojans, since the side-channel sensitivity is marginal compared to the noise and process variations. Our proposed work addresses both challenges by effectively exploiting the affinity between the inputs and rare (suspicious) nodes. The basic idea is to quickly find the profitable ordered pairs of test vectors that can maximize side-channel sensitivity. This article makes two important contributions: (i) It proposed an efficient test generation algorithm that can produce the first patterns in the test vectors to maximize activation of suspicious nodes using an SMT solver, and (ii) it developed a genetic-algorithm based test generation technique to produce the second patterns in the test vectors to maximize the switching in the suspicious regions while minimizing the switching in the rest of the design. Our experimental results demonstrate that we can drastically improve both the side-channel sensitivity (62× on average) and time complexity (13× on average) compared to the state-of-the-art test generation techniques.
- [n.d.]. ISCAS85 Combinational Benchmark Circuits. Retrieved on May 2020 from https://filebox.ece.vt.edu/~mhsiao/iscas85.html.Google Scholar
- [n.d.]. ISCAS89 Sequential Benchmark Circuits. Retrieved from https://filebox.ece.vt.edu/~mhsiao/iscas89.html.Google Scholar
- [n.d.]. OpenCores. Retrieved from https://www.opencores.org/.Google Scholar
- [n.d.]. TrustHub. Retrieved from https://www.trust-hub.org/.Google Scholar
- I. H. Abbassi, F. Khalid, O. Hasan, A. M. Kamboh, and M. Shafique. 2018. McSeVIC: A model checking based framework for security vulnerability analysis of integrated circuits. IEEE Access 6 (2018), 32240--32257. DOI:https://doi.org/10.1109/ACCESS.2018.2846583Google ScholarCross Ref
- D. Agrawal, S. Baktir, D. Karakoyunlu, P. Rohatgi, and B. Sunar. 2007. Trojan detection using IC fingerprinting. In Proceedings of the IEEE Symposium on Security and Privacy (SP’07). 296--310. DOI:https://doi.org/10.1109/SP.2007.36Google Scholar
- Alif Ahmed, Farimah Farahmandi, Yousef Iskander, and Prabhat Mishra. 2018. Scalable hardware Trojan activation by interleaving concrete simulation and symbolic execution. In Proceedings of the IEEE International Test Conference (ITC’18).Google ScholarCross Ref
- M. E. Amyeen, S. Venkataraman, A. Ojha, and Sangbong Lee. 2004. Evaluation of the quality of N-detect scan ATPG patterns on a processor. In Proceedings of the International Conference on Test. 669--678.Google ScholarCross Ref
- Bharathan Balaji, John McCullough, Rajesh K. Gupta, and Yuvraj Agarwal. 2012. Accurate characterization of the variability in power consumption in modern mobile processors. In Proceedings of the Workshop on Power-aware Computing and Systems. USENIX. Retrieved from https://www.usenix.org/conference/hotpower12/workshop-program/presentation/Balaji.Google Scholar
- Mainak Banga, Maheshwar Chandrasekar, Lei Fang, and Michael S. Hsiao. 2008. Guided test generation for isolation and detection of embedded trojans in ICs. In Proceedings of the 18th ACM Great Lakes Symposium on VLSI (GLSVLSI’08). ACM, New York, NY, 363--366. DOI:https://doi.org/10.1145/1366110.1366196Google Scholar
- C. Bao, D. Forte, and A. Srivastava. 2015. Temperature tracking: Toward robust run-time detection of hardware Trojans. IEEE Trans. Comput.-aided Des. Integ. Circ. Syst. 34, 10 (Oct. 2015), 1577--1585. DOI:https://doi.org/10.1109/TCAD.2015.2424929Google ScholarDigital Library
- Amin Bazzazi, Mohammad Taghi Manzuri Shalmani, and Ali Mohammad Hemmatyar. 2017. Hardware Trojan detection based on logical testing. J. Electron. Test. 33, 4 (Aug. 2017), 381--395. DOI:https://doi.org/10.1007/s10836-017-5670-0Google ScholarDigital Library
- S. Bhunia, M. S. Hsiao, M. Banga, and S. Narasimhan. 2014. Hardware Trojan attacks: Threat analysis and countermeasures. Proc. IEEE 102, 8 (Aug. 2014), 1229--1247. DOI:https://doi.org/10.1109/JPROC.2014.2334493Google ScholarCross Ref
- Rajat Subhra Chakraborty, Francis Wolff, Somnath Paul, Christos Papachristou, and Swarup Bhunia. 2009. MERO: A Statistical Approach for Hardware Trojan Detection. Springer Berlin, 396--410.Google Scholar
- Mingsong Chen, Xiaoke Qin, Heon-Mo Koo, and Prabhat Mishra. 2012. System-level Validation: High-level Modeling and Directed Test Generation Techniques. Springer Publishing Company, Incorporated.Google ScholarDigital Library
- X. Chen, L. Wang, Y. Wang, Y. Liu, and H. Yang. 2017. A general framework for hardware Trojan detection in digital circuits by statistical learning algorithms. IEEE Trans. Comput.-aided Des. Integ. Circ. Syst. 36, 10 (Oct. 2017), 1633--1646. DOI:https://doi.org/10.1109/TCAD.2016.2638442Google ScholarDigital Library
- F. Courbon, P. Loubet-Moundi, J. J. A. Fournier, and A. Tria. 2015. A high efficiency hardware Trojan detection technique based on fast SEM imaging. In Proceedings of the Design, Automation Test in Europe Conference Exhibition (DATE’15). 788--793. DOI:https://doi.org/10.7873/DATE.2015.1104Google Scholar
- J. Cruz, F. Farahmandi, A. Ahmed, and P. Mishra. 2018. Hardware Trojan detection using ATPG and model checking. In Proceedings of the 31st International Conference on VLSI Design and the 17th International Conference on Embedded Systems (VLSID’18). 91--96. DOI:https://doi.org/10.1109/VLSID.2018.43Google Scholar
- Leonardo De Moura and Nikolaj Bjørner. 2008. Z3: An efficient SMT solver. In Proceedings of the International Conference on Tools and Algorithms for the Construction and Analysis of Systems. 337--340.Google ScholarDigital Library
- F. Farahmandi, Y. Huang, and P. Mishra. 2017. Trojan localization using symbolic algebra. In Proceedings of the 22nd Asia and South Pacific Design Automation Conference (ASP-DAC’17). 591--597. DOI:https://doi.org/10.1109/ASPDAC.2017.7858388Google Scholar
- Farimah Farahmandi, Yuanwen Huang, and Prabhat Mishra. 2019. System-on-Chip Security: Validation and Verification. Springer Nature.Google Scholar
- S. Ghosh, A. Basak, and S. Bhunia. 2015. How secure are printed circuit boards against Trojan attacks? IEEE Des. Test 32, 2 (Apr. 2015), 7--16. DOI:https://doi.org/10.1109/MDAT.2014.2347918Google ScholarCross Ref
- Yuanwen Huang, Swarup Bhunia, and Prabhat Mishra. 2016. MERS: Statistical test generation for side-channel analysis based Trojan detection. In Proceedings of the ACM SIGSAC Conference on Computer and Communications Security (CCS’16). ACM, New York, NY, 130--141. DOI:https://doi.org/10.1145/2976749.2978396Google ScholarDigital Library
- Y. Huang, S. Bhunia, and P. Mishra. 2018. Scalable test generation for Trojan detection using side channel analysis. IEEE Trans. Inf. Forens. Secur. 13, 11 (Nov. 2018), 2746--2760. DOI:https://doi.org/10.1109/TIFS.2018.2833059Google ScholarCross Ref
- Charalambos Ioannides and Kerstin I. Eder. 2012. Coverage-directed test generation automated by machine learning—A review. ACM Trans. Des. Autom. Electron. Syst. 17, 1 (Jan. 2012). DOI:https://doi.org/10.1145/2071356.2071363Google ScholarDigital Library
- D. Ismari, J. Plusquellic, C. Lamech, S. Bhunia, and F. Saqib. 2016. On detecting delay anomalies introduced by hardware Trojans. In Proceedings of the IEEE/ACM International Conference on Computer-aided Design (ICCAD’16). 1--7. DOI:https://doi.org/10.1145/2966986.2967061Google Scholar
- N. Jacob, D. Merli, J. Heyszl, and G. Sigl. 2014. Hardware Trojans: Current challenges and approaches. IET Comput. Dig. Tech. 8, 6 (2014), 264--273. DOI:https://doi.org/10.1049/iet-cdt.2014.0039Google ScholarCross Ref
- Yier Jin and Y. Makris. 2008. Hardware Trojan detection using path delay fingerprint. In Proceedings of the IEEE International Workshop on Hardware-oriented Security and Trust. 51--57. DOI:https://doi.org/10.1109/HST.2008.4559049Google Scholar
- Yangdi Lyu and Prabhat Mishra. 2018. A survey of side-channel attacks on caches and countermeasures. J. Hardw. Syst. Secur. 2, 1 (01 Mar. 2018), 33--50. DOI:https://doi.org/10.1007/s41635-017-0025-yGoogle ScholarCross Ref
- Yangdi Lyu and Prabhat Mishra. 2019. Efficient test generation for Trojan detection using side channel analysis. In Proceedings of the Design Automation and Test in Europe Conference (DATE’19).Google ScholarCross Ref
- Yangdi Lyu and Prabhat Mishra. 2020. Automated test generation for activation of assertions in RTL models. In Proceedings of the Asia and South Pacific Design Automation Conference (ASPDAC’20).Google ScholarDigital Library
- Yangdi Lyu and Prabhat Mishra. 2020. Automated test generation for Trojan detection using delay-based side channel analysis. In Proceedings of the Design Automation and Test in Europe Conference (DATE’20).Google ScholarCross Ref
- Yangdi Lyu and Prabhat Mishra. 2020. Scalable activation of rare triggers in hardware Trojans by repeated maximal clique sampling. IEEE Trans. Comput.-aided Des. Integ. Circ. Syst. (2020). DOI:https://doi.org/10.1109/TCAD.2020.3019984Google ScholarCross Ref
- Yangdi Lyu and Prabhat Mishra. 2020. Scalable concolic testing of RTL models. IEEE Trans. Comput. (2020). DOI:https://doi.org/10.1109/TC.2020.2997644Google ScholarCross Ref
- Prabhat Mishra, Swarup Bhunia, and Mark Tehranipoor. 2017. Hardware IP Security and Trust (1st ed.). Springer Publishing Company, Incorporated.Google Scholar
- Melanie Mitchell. 1996. An Introduction to Genetic Algorithms. The MIT Press, Cambridge, MA.Google Scholar
- S. Narasimhan, D. Du, R. S. Chakraborty, S. Paul, F. G. Wolff, C. A. Papachristou, K. Roy, and S. Bhunia. 2013. Hardware Trojan detection by multiple-parameter side-channel analysis. IEEE Trans. Comput. 62, 11 (Nov. 2013), 2183--2195. DOI:https://doi.org/10.1109/TC.2012.200Google ScholarDigital Library
- A. N. Nowroz, K. Hu, F. Koushanfar, and S. Reda. 2014. Novel techniques for high-sensitivity hardware Trojan detection using thermal and power maps. IEEE Trans. Comput.-aided Des. Integ. Circ. Syst. 33, 12 (2014), 1792--1805.Google ScholarCross Ref
- Zhixin Pan and Prabhat Mishra. 2021. Automated test generation for hardware Trojan detection using reinforcement learning. In Proceedings of the Asia and South Pacific Design Automation Conference (ASPDAC’21).Google ScholarDigital Library
- Zhixin Pan, Jennifer Sheldon, and Prabhat Mishra. 2020. Test generation using reinforcement learning for delay-based side-channel analysis. In Proceedings of the IEEE/ACM International Conference on Computer-aided Design (ICCAD’20).Google ScholarDigital Library
- Jim Plusquellic and Fareena Saqib. 2018. Detecting Hardware Trojans Using Delay Analysis. Springer International Publishing, Cham, 219--267. DOI:https://doi.org/10.1007/978-3-319-68511-3_10Google Scholar
- I. Pomeranz and S. M. Reddy. 2004. A measure of quality for n-detection test sets. IEEE Trans. Comput. 53, 11 (Nov. 2004), 1497--1503.Google ScholarDigital Library
- R. Rad, J. Plusquellic, and M. Tehranipoor. 2010. A sensitivity analysis of power signal methods for detecting hardware Trojans under real process and environmental conditions. IEEE Trans. Very Large Scale Integ. (VLSI) Syst. 18, 12 (Dec. 2010), 1735--1744.Google ScholarDigital Library
- S. K. Rao, D. Krishnankutty, R. Robucci, N. Banerjee, and C. Patel. 2015. Post-layout estimation of side-channel power supply signatures. In Proceedings of the IEEE International Symposium on Hardware Oriented Security and Trust (HOST’15). 92--95. DOI:https://doi.org/10.1109/HST.2015.7140244Google ScholarCross Ref
- E. M. Rudnick, J. H. Patel, G. S. Greenstein, and T. M. Niermann. 1997. A genetic algorithm framework for test generation. IEEE Trans. Comput.-aided Des. Integ. Circ. Syst. 16, 9 (Sep. 1997), 1034--1044. DOI:https://doi.org/10.1109/43.658571Google ScholarDigital Library
- Sayandeep Saha, Rajat Subhra Chakraborty, Srinivasa Shashank Nuthakki, Anshul, and Debdeep Mukhopadhyay. 2015. Improved Test Pattern Generation for Hardware Trojan Detection Using Genetic Algorithm and Boolean Satisfiability. Springer Berlin, 577--596.Google Scholar
- H. Salmani, M. Tehranipoor, and J. Plusquellic. 2012. A novel technique for improving hardware Trojan detection and reducing Trojan activation time. IEEE Trans. Very Large Scale Integ. (VLSI) Syst. 20, 1 (Jan. 2012), 112--125. DOI:https://doi.org/10.1109/TVLSI.2010.2093547Google ScholarDigital Library
- M. Tehranipoor and F. Koushanfar. 2010. A survey of hardware Trojan taxonomy and detection. IEEE Des. Test Comput. 27, 1 (Jan. 2010), 10--25. DOI:https://doi.org/10.1109/MDT.2010.7Google ScholarDigital Library
- Adam Waksman, Matthew Suozzo, and Simha Sethumadhavan. 2013. FANCI: Identification of stealthy malicious logic using Boolean functional analysis. In Proceedings of the ACM SIGSAC Conference on Computer Communications Security. ACM, New York, NY, 697--708.Google ScholarDigital Library
- F. Wolff, C. Papachristou, S. Bhunia, and R. S. Chakraborty. 2008. Towards Trojan-free trusted ICs: Problem analysis and detection scheme. In Proceedings of the Design, Automation and Test in Europe Conference (DATE’08). 1362--1365. DOI:https://doi.org/10.1109/DATE.2008.4484928Google Scholar
- T. F. Wu, K. Ganesan, Y. A. Hu, H. P. Wong, S. Wong, and S. Mitra. 2016. TPAD: Hardware Trojan prevention and detection for trusted integrated circuits. IEEE Trans. Comput.-aided Des. Integ. Circ. Syst. 35, 4 (Apr. 2016), 521--534.Google ScholarDigital Library
- K. Xiao, D. Forte, Y. Jin, R. Karri, S. Bhunia, and M. Tehranipoor. 2016. Hardware Trojans: Lessons learned after one decade of research. ACM Trans. Des. Autom. Electron. Syst. 22, 1 (May 2016). DOI:https://doi.org/10.1145/2906147Google ScholarDigital Library
- Z. Zhou, U. Guin, and V. D. Agrawal. 2018. Modeling and test generation for combinational hardware Trojans. In Proceedings of the IEEE 36th VLSI Test Symposium (VTS’18). 1--6.Google Scholar
Index Terms
- MaxSense: Side-channel Sensitivity Maximization for Trojan Detection Using Statistical Test Patterns
Recommendations
MERS: Statistical Test Generation for Side-Channel Analysis based Trojan Detection
CCS '16: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications SecurityHardware Trojan detection has emerged as a critical challenge to ensure security and trustworthiness of integrated circuits. A vast majority of research efforts in this area has utilized side-channel analysis for Trojan detection. Functional test ...
Golden-Free Hardware Trojan Detection with High Sensitivity Under Process Noise
Malicious modification of integrated circuits in untrusted design house or foundry has emerged as a major security threat. Such modifications, popularly referred to as Hardware Trojans, are difficult to detect during manufacturing test. Sequential ...
Trojan Side-Channels: Lightweight Hardware Trojans through Side-Channel Engineering
CHES '09: Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded SystemsThe general trend in semiconductor industry to separate design from fabrication leads to potential threats from untrusted integrated circuit foundries. In particular, malicious hardware components can be covertly inserted at the foundry to implement ...
Comments