Design, implementation and security analysis of hardware trojan threats in FPGA (abstract only)

Hardware Trojan Threats (HTTs) are stealthy components embedded inside integrated circuits (ICs) with an intention to attack and cripple the IC similar to viruses infecting the human body. HTTs are easily introduced into the IC using untrusted tools and unauthenticated intellectual property (IP). Previous efforts have focused essentially on systems being compromised using HTTs and the effectiveness of physical parameters including power consumption, timing variation and utilization for detecting HTTs. Less attention has been devoted to the monitoring of the system to analyze the HTT infection using a combination of affected physical parameters. We propose a novel metric for hardware Trojan detection, termed as HTT detectability metric (HDM) that leverages a weighted combination of normalized physical parameters. As opposed to existing studies, this work investigates a system model from a designer perspective in increasing the security of the device and an adversary model from an attacker perspective exposing and exploiting the vulnerabilities in the device. Based on the models, seven malicious HTTs were designed and implemented on a FPGA testbed to perform a variety of threats ranging from sensitive information leak, denial of service to beat the Root of Trust (RoT). Security analysis on the implemented Trojans clearly showed that existing detection techniques based on physical characteristics such as power consumption, timing variation or utilization does not necessarily capture the existence of HTTs as HTTs can be optimally designed and placed into the hardware that masks within these parameters. Our results showed that using HDM, 86% of the implemented Trojans were detected as opposed to using power, timing and utilization alone.