final ts doc (2)
Transcript of final ts doc (2)
-
7/24/2019 final ts doc (2)
1/19
Hardware Trojan: Threats and Emerging Solutions
CHAPTER I
1.1 INTRODUCTION
Hardware security to ensure Trust in ICs has emerged as an important researchtopic in recent years. Economic reasons dictate that most of the modern ICs are
manufactured in off-shore fabrication facilities . Moreover, modern IC design often
involves intellectual property I!" cores supplied by third-party vendors,
outsourced design and test services as well as electronic design automation E#$"
software tools supplied by different vendors. %uch a business model has, to a large
e&tent, relin'uished the control that IC design houses had over the design and
manufacture of ICs ma(ing them vulnerable to different security attac(s.
)ig. * illustrates the level of trust at different steps of a typical IC life-cycle .
)ig. *. +ulnerable steps of a modern IC life cycle
SSJ ENGINEERING COLLEGE Page
-
7/24/2019 final ts doc (2)
2/19
Hardware Trojan: Threats and Emerging Solutions
Each party associated with the design and manufacture of an IC can be a potential
adversary who inserts malicious modications, referred as Hardware Troans .
Concern about this vulnerability of ICs and the resultant compromise of securityhas been e&pressed globally , especially since several une&plained military mishaps
are attributed to the presence of malicious hardware Troans . Ideally, any
undesired modication made to an IC should be detectable by pre-silicon
vericationsimulation and post- silicon testing. However, pre-silicon verication
or simulation re'uires a golden model of the entire IC. This might not be always
available, especially for I! based designs where I!s can come from third-party
vendors. /esides, a large multi-module design is usually not amenable to
e&haustive verication . !ost-silicon, the design can be veried either through
destructive depac(aging and reverse engineering of the IC , or by comparing its
functionality or circuit characteristics with a golden version of the IC . However,
e&isting state-of-the-art approaches do not allow destructive verication of ICs to
be scalable . Moreover, as pointed out in , it is possible for the adversary to insert
Troans in only some ICs on a wafer, not the entire population, which limits the
usefulness of a destructive approach. Traditional post-manufacturing logic testing
is not suitable for detecting hardware Troans. This is due to the stealthy nature of
hardware Troans and inordinately vast spectrum of possible Troan instances an
adversary can employ. Typically, the adversary would design a Troan that triggers
a malfunction only under rare circuit conditions in order to evade detection. #ue to
the nite si0e of the testset, the rare condition for activation of the Troan might not
be reali0ed during the testing period, especially if the Troan acts as a se'uential
state machine or 1time-bomb2 . 3n the other hand, the techni'ues for detecting
Troans by comparison of the 1side- channel parameters2 such as power trace or
delay are limited by the large process variation effect in nanoscale IC technologies,
reduced detection sensitivity for ultra-small Troans and measurement noise . In the
ne&t section, we give classication, models and e&les of different HardwareTroans. 4e then present a survey of the emerging techni'ues of Troan detection.
)inally, we discuss the maor challenges in the eld of Troan detection and
describe future research directions.
SSJ ENGINEERING COLLEGE Page !
-
7/24/2019 final ts doc (2)
3/19
Hardware Trojan: Threats and Emerging Solutions
CHAPTER II.
2.1 TROJAN TAXONOMY AND EXAMPLES#ifferent methods of classifying hardware Troans based on various characteristics
have been proposed. In 5678, the authors propose a simple classication of Troans
9 combinational whose activation depends on the occurrence of a particular
condition at certain internal nodes of the circuit" and se'uential whose activation
depends on the occurrence of a specic se'uence of rare logic values at internal
nodes". In 5:8, the authors classify Troans based on three attributes; physical,
activation and action. %ome classications e.g. 57, 6
-
7/24/2019 final ts doc (2)
4/19
Hardware Trojan: Threats and Emerging Solutions
)ig. 6. Troan ta&onomy based on trigger and payload mechanisms
The trigger mechanisms can be of two types; digital and analog. #igitally triggered
Troans can again be classied into combinational and se'uential types. )ig. =a"
shows an e&le of a combinationally triggered Troan where the occurrence of
the condition $>?, />? at the trigger nodes $ and / causes a payload node C to
have an incorrect value at Cmodified.
.
)ig ;=a" Combinationally triggered Troan
SSJ ENGINEERING COLLEGE Page #
-
7/24/2019 final ts doc (2)
5/19
Hardware Trojan: Threats and Emerging Solutions
Typically, an adversary would choose an e&tremely rare activation condition so that
it is very unli(ely for the Troan to trigger during conventional manufacturing test.
%e'uentially triggered Troans the so-called time bombs", on the other hand, are
activated by the occurrence of a se'uence, or a period of continuous operation. The
simplest se'uential Troans are synchronous stand-alone counters, which trigger a
malfunction on reaching a particular count.
)ig;=b" %ynchronous counter 1time-bomb2" Troan
)ig. =b" shows a synchronous (-bit counter which activates when the count
reaches 6(@*, by modifying the node EA to an incorrect value at node EA. $n
asynchronous version is shown in )ig. =c", where the count is increased not by the
cloc(, but by a rising transition at the output of an $B# gate with inputs p and '.
)ig;=c" $synchronous counter Troan
SSJ ENGINEERING COLLEGE Page $
-
7/24/2019 final ts doc (2)
6/19
Hardware Trojan: Threats and Emerging Solutions
The trigger mechanism can also be hybrid, where the counts of both a
synchronous and an asynchronous counter simultaneously determine the Troan
trigger condition, as shown in )ig. =d".
)ig;=d" Hybrid counter Troan
Bote that more comple& state machines of different types and si0es can be used to
generate the trigger condition based on a se'uence of rare events. In general, it is
more challenging to detect se'uential Troans using con- ventional test generation
and application, because it re'uires satisfying a se'uence of rare conditions at
internal circuit nodes to activate them. The number of such se'uential trigger
conditions for arbitrary Troan instances can be unmanageably large for a
deterministic logic testing approach.
The trigger-mechanism can also be analog in nature, where on-chip sensors are
used to trigger a malfunction.
SSJ ENGINEERING COLLEGE Page %
-
7/24/2019 final ts doc (2)
7/19
Hardware Trojan: Threats and Emerging Solutions
)ig;=e" $nalog Troan triggered based on logic value
)ig. =e" shows an e&le of an analog trigger mechanism where the inserted
capacitance is charged through the resistor if the condition '* >*, '6 >* is
satised, and discharged otherwise, causing the logic threshold to be crossed after a
large number of cycles.
)ig;=f" $nalog Troan triggered based on circuit activity
$ different analog Troan trigger mechanism see )ig. =f"" was proposed in 58,
where higher circuit activity and the resultant rise of temperature was used to
trigger the malfunction, through a pair of ring oscillators and a counter. Troans can
also be classied based on their payload mechanisms into two main classes -
digital and analog. #igital Troans can either affect the logic values at chosen
internal payload nodes, or can modify the contents of memory locations. $nalog
payload Troans, on the other hand, affect circuit parameters such as performance,
power and noise margin.
SSJ ENGINEERING COLLEGE Page &
-
7/24/2019 final ts doc (2)
8/19
Hardware Trojan: Threats and Emerging Solutions
)ig.
-
7/24/2019 final ts doc (2)
9/19
Hardware Trojan: Threats and Emerging Solutions
)ig. . Troan detection techni'ues.
Bote that there is no single 1silver bullet2 techni'ue available yet that can be
applied to detect all classes of Troans. Maority of e&isting techni'ues address
Troan detection in manufactured ICs and assume the availabil- ity of gate-level
golden netlist. +ery few investigations have addressed Troan detection at higher
level design descriptions e.g. register transfer level I!. In 5=:8, a structural
chec(ing approach is suggested to verify integrity of third party I!, but the
techni'ue is not easily scalable to large designs 5F8. The Troan detection
approaches can be classied under two main types; destructive and non-
destructive. The destruc- tive techni'ues 5=F-=78 use a sample of the manufactured
ICs which are subect to de-metalli0ation using Chemical Mechanical !olishing
SSJ ENGINEERING COLLEGE Page (
-
7/24/2019 final ts doc (2)
10/19
Hardware Trojan: Threats and Emerging Solutions
CM!" followed by %canning Electron Microscope %EM" image re-construction
and analysis 5=8. However, such approaches are e&tremely e&pensive and time-
consuming destructive analysis of a single chip ta(ing several months" and do not
scale well with increase in transistor integration density. Moreover, the results of
analy0ing a sample cannot be e&trapolated to the entire manufactured lot 5=8. %ince
an adversary might affect only a small population of the manufactured ICs,
destructive reverse engineering approaches cannot be effective for trust validation
in ICs. The proposed non-destructive approaches can again be classied under two
main heads; non-invasive and invasive. The non- invasive techni'ues leave the
original design unaltered while the invasive techni'ues modify the design to embed
features targeted towards Troan detection.
=.6 $". Invasive Troan #etection Techni'ues;
The invasive Troan detection techni'ues can again be classied under two
different headings - those which are directed towards preventing the insertion of
Troans during design or fabrication of an IC, and those which facilitate detection
of inserted Troans using post-manufacturing test. In 5:8, it was noted that Troan
insertion depends on the availability of free dead space within an IC layout, since
the total area of the die cannot be altered by the adversary. However, if the
adversary is capable of e&tracting the gate- level netlist from the layout, through
logic optimi0ation and better place and route techni'ues, it might be possible tofree- up space to accommodate the Troan. $ design techni'ue and associated
design automation Gow are proposed in 5*68 to prevent effective insertion of
Troans. Here, the original design is obfuscated through e&pansion of the reachable
state space to ma(e it difcult for an adversary to reverse-engineer the
functionality of the circuit and to nd the true rare events. Troans inserted into a
design without considering its true functional behavior become either invalid i.e.
not triggered in normal mode of operation" or easily detectable. The approach
results in 6
-
7/24/2019 final ts doc (2)
11/19
Hardware Trojan: Threats and Emerging Solutions
specic se'uence of inputs activates an embedded )%M in the module which ta(es
it to a special mode called the transparent mode see )ig. Fa"".
)ig;Fa" 3n-demand Transparency %cheme
In this mode, the controllability and observability of probable Troan trigger and
payload nodes is enhanced and a compacted signature is presented at the primary
outputs, which indicates the presence or absence of a Troan. In 5*8, a design
techni'ue termed +IT$MIB based on the inversion of the supply voltage of
alternate logic levels in an IC is proposed. The logic behavior of a gate operating
with inverted supply voltage is inverted during test mode. $s a result, the activity
of a rarely activated Troan circuit is enhanced and it can be detected by comparing
the power proles of different ICs. In 5*F8, the authors propose a low-overhead 1at-
speed2 delay characteri0ation techni'ue which is capable of detecting
modications to the circuit, both at run-time and at test-time. The path delaycharacteri0ation is based on the insertion of 1shadow latches2 see )ig. Fb"" in the
design to capture and compare with the data latched by registers in the original
circuit paths.
SSJ ENGINEERING COLLEGE Page
-
7/24/2019 final ts doc (2)
12/19
Hardware Trojan: Threats and Emerging Solutions
)ig;Fb" %hadow-latch /ased #elay Characteri0ation Techni'ue
The test-time measurements are compared to the design-time proections and any
substantial statistical difference indicates malicious design alteration. In 568, this
method was shown to be capable of detecting Troans in an :: array multiplier
circuit under J6? process variations. $ dummy Gip-Gop insertion techni'ue to
increase the trigger probability of Troans was presented in 568, to aid in thedetection of Troans through side-channel techni'ues. It can also help in Troan
detection with logic testing by ma(ing the malicious effect of a Troan observable
at the primary output. $nother novel techni'ue proposed in 5*
-
7/24/2019 final ts doc (2)
13/19
Hardware Trojan: Threats and Emerging Solutions
plane". The paper describes several security mechanisms to be performed by the
control planeK however, it does not discuss the technical challenges and the design
overhead.
=.= /". Bon-invasive Troan #etection Techni'ues;
In the non-invasive Troan detection techni'ues, a Troan is detected by comparing
the behavior of the test IC with the golden IC instance or a golden functional
model. They can be further classied into two main types; run-time and test- time
techni'ues. The run-time techni'ues employ an online monitoring system that tries
to detect suspicious activity during in-eld operation, while the test-time
techni'ues are aimed at detecting Troan-infected chips before deployment. *"Aun-time, non-invasive Troan detection approaches; In 5F8, the authors propose
the addition of recongurable #e- sign for Enabling %ecurity #E)EB%E" logic in
a given %oC to enable real-time functionality monitoring. The chec(s can be
performed concurrently with the normal circuit operation and trigger appropriate
countermeasures when a deviation from normal functionality is detected. However,
the effectiveness and the hardware overhead associated with this scheme is not
mentioned in the wor(. In 5*78, the authors propose a novel %oC bus architecture
that can detect malicious bus behaviors associated with Troan hardware, protect
the system and system bus from them and report the malicious behaviors to the
system C!L, without loss of bus performance. The authors report an additional
gate-count of about :?? logic gates in a four million gate %oC, and negligible delay
overhead. In 5*:8 the authors propose a scheme whereby functionally e'uivalent
software instances are e&ecuted on multiple C!L cores, assisted by dynamic
distributed software scheduling. The sub-tas( outputs from different cores are
compared to dynamically evaluate their individual trust-levels, with the distributed
scheduler undergoing a trust learning procedure for multiple runs. The authors
show that the scheme is capable of successfully completing obs in a Troaninfested environment, with improvement in throughput over successive runs. $
combined hardware-software approach to perform run- time e&ecution monitoring
has been proposed in 5*, =8. Here, a simple veriable 1hardware guard2 module
e&ternal to the C!L is considered. The wor( targets primarily #o% and privilege
escalation attac(s, using periodic chec(s by the operating system 3%" which is
SSJ ENGINEERING COLLEGE Page "
-
7/24/2019 final ts doc (2)
14/19
Hardware Trojan: Threats and Emerging Solutions
enhanced with live chec( functionality. The authors report 6.6 average
performance overhead using %!ECint 6??F benchmar( programs, but do not report
the hardware design overhead. 6" Test-time, non-invasive Troan detection
approaches; There are two main classes of testing based approaches for Troan
detection; a" those based on logic testing, and b" those based on the measurement
of side-channel parameters such as power, delay, etc. The main advantage of the
test- time techni'ues over the run-time techni'ues is that the test- time techni'ues
incur no hardware overhead, while the main disadvantage is the re'uirement of a
1golden2 i.e. Troan-free" manufactured IC or functional model. Aun-time
methods typically involve considerable performance and power overhead,
however, they provide the last line of defense and are capable of providing *??
condence in computed results.
a) Logic teti!g"#ae$ a%%&oac'e; The main challenge in a logic testing based
approach is the enormously large Troan space, which ma(es the generation of an
e&haustive set of test vectors to detect all possible Troans computation- ally
infeasible. $s an e&le, even with the constraint of ma&imum four trigger nodes
and a single payload node, a small I%C$%-: benchmar( circuit c::? with
-
7/24/2019 final ts doc (2)
15/19
Hardware Trojan: Threats and Emerging Solutions
)ig. 7. Dogic testing based techni'ue; Impact of B number of times a rare pointsatises its rare value" on the triggerTroan coverage and test length for an
I%C$%-: benchmar( circuit .The procedure achieves an : reduction in test
length compared to a weighted random pattern set, for similar Troan detection
coverage.
#) Si$e"c'a!!e( a!a(i"#ae$ a%%&oac'e; The side- channel analysis based
Troan detection approaches are based on observing the effect of an inserted Troan
on a physical parameter such as circuit current transient, power consumption or
path delay. The advantage of these approaches lies in the fact that even if the
Troan circuit does not cause observable malfunction in the circuit during test, the
presence of the e&tra circuitry can be reGected in some side-channel parameter.
However, the main challenges associated with side-channel analysis are large
process variation in modern nanometer technologies and measurement noise,
which can mas( the effect of the Troan circuit, especially for small Troans. In
5668, the authors introduced the concept of IC nger- printing, where each IC
instance is associated with a signature, called a 1ngerprint2 obtained by
measurement of one or more side-channel parameters. )rom the analysis of powertraces, used as the IC ngerprint in this wor(, the authors were able to identify
Troan instances with an e'uivalent area as small as ?.?* of the total si0e of the
circuit, in the presence of J7. random parameter variations. $nother approach
based on measurement of power-supply transient signal is described in 56=8, where
signals from multiple power ports for several IC instances are obtained by a
SSJ ENGINEERING COLLEGE Page $
-
7/24/2019 final ts doc (2)
16/19
Hardware Trojan: Threats and Emerging Solutions
calibration process and subected to statistical characteri0ation. The techni'ue was
capable of detecting around ? of activated Troans and =? of inactive Troans
in an I%C$%-: benchmar( circuit see )ig. :a"".
In 5678, the authors propose a test vector generation approach to ma&imi0e the
activity in individual partitions of a circuit, while minimi0ing the activity of other
partitions. %imulation results assuming a process variation of up to 7. were able
SSJ ENGINEERING COLLEGE Page %
-
7/24/2019 final ts doc (2)
17/19
Hardware Trojan: Threats and Emerging Solutions
to successfully detect most of the inserted Troans. In 56:8, a sustained vector
techni'ue for Troan detection is proposed, where each input test vector is repeated
multiple times to ensure the reduction of e&traneous toggles within the genuine
circuit. This techni'ue is shown to magnify the power prole difference between
the original and the infected circuit by up to thirty times compared to previous
approaches. !ath delays of output ports were used as the ngerprint in 56
-
7/24/2019 final ts doc (2)
18/19
Hardware Trojan: Threats and Emerging Solutions
two approaches have complementary scope in terms of Troan detection capa-
bility. Hence, approaches that combine the best of both worlds can be the most
promising in terms of generic Troan detection capability.
I*. CONCLUSION
SSJ ENGINEERING COLLEGE Page '
-
7/24/2019 final ts doc (2)
19/19
Hardware Trojan: Threats and Emerging Solutions
The issue of hardware Troans and effective countermeasures against them have
drawn considerable interest in recent times. Here presented a comprehensive study
of different Troan types and discussed emerging methods of detecting them.
Considering the varied nature and si0e of hard- ware Troans, it is li(ely that a
combination of techni'ues, both during design and test, would be re'uired to
provide acceptable level of security. #esign time approaches would span various
levels of design descriptions. 3n the other hand, post-silicon validation would
re'uire a combination of logic and side- channel test approaches to cover Troans
of different types and si0es under large parameter variations. Maor future
challenges in this area would include developing detection mechanisms for analog
Troans which can implement numerous types of activation and observation
conditionsK an integrated metric to 'uantify the level of trust that combines both
design and test time approachesK and an evaluation platform that analy0es a designto identify vulnerable regions and the impact of a design change on the level of
achievable trust.
+,t,&e -o&/
)uture wor( would focus on three maor areas related to hardware Troans; *"
e&ploring emerging attac(s, in particular, attac(s on circuits made with emerging
nanoscale devicesK 6" developing a unified trust metric for coverage estimation,
which can be e&tremely valuable in providing confidence level against arbitrary
attac(sK and =" novel protection approaches. )uture research on protection
approaches would include improving detection sensitivity for un(nown Troans
and eliminating the need of golden ICs, Troan-resilient design, and efficient online
detection approaches.
SSJ ENGINEERING COLLEGE Page (