Hardware Sandboxing: A Novel Defense Paradigm Against Hardware Trojans in Systems on Chip

A novel approach for mitigation of hardware Trojan in Systems on Chip (SoC) is presented. With the assumption that Trojans can cause harm only when they are activated, the goal is to avoid cumbersome and sometimes destructive pre-fabrication and pre-deployment tests for Trojans in SoCs, by building systems capable of capturing Trojan activation or simply nullifying their effect at run-time to prevent damage to the system. To reach this goal, non-trusted third-party IPs and components off the shelf (COTS) are executed in sandboxes with checkers and virtual resources. While checkers are used to detect run-time activation of Trojans and mitigate potential damage to the system, virtual resources are provided to IPs in the sandbox, thus preventing direct access to physical resources. Our approach was validated with benchmarks from trust-hub.com, a synthetic system on FPGA scenario using the same benchmark. All our results showed a 100% Trojan detection and mitigation, with only a minimal increase in resource overhead and no performance decrease.

[1]  Mark Moulin,et al.  PSL: Beyond Hardware Verification , 2007 .

[2]  Miodrag Potkonjak,et al.  This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination. IEEE TRANSACTIONS ON VERY LARGE SCALE INTEGRATION (VLSI) SYSTEMS 1 Scalable Hardware Trojan Diagnosis , 2022 .

[3]  Mark Mohammad Tehranipoor,et al.  An Experimental Analysis of Power and Delay Signal-to-Noise Requirements for Detecting Trojans and Methods for Achieving the Required Detection Sensitivities , 2011, IEEE Transactions on Information Forensics and Security.

[4]  Sharad Malik,et al.  Hardware Trojan detection for gate-level ICs using signal correlation based clustering , 2015, 2015 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[5]  Mark Mohammad Tehranipoor,et al.  BISA: Built-in self-authentication for preventing hardware Trojan insertion , 2013, 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[6]  Christophe Bobda,et al.  Hardware isolation technique for IRC-based botnets detection , 2015, 2015 International Conference on ReConFigurable Computing and FPGAs (ReConFig).

[7]  Michael S. Hsiao,et al.  Hardware Trojan Attacks: Threat Analysis and Countermeasures , 2014, Proceedings of the IEEE.

[8]  Ankur Srivastava,et al.  Temperature tracking: An innovative run-time approach for hardware Trojan detection , 2013, 2013 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[9]  Mark Mohammad Tehranipoor,et al.  Protection Against Hardware Trojan Attacks: Towards a Comprehensive Solution , 2013, IEEE Design & Test.

[10]  Michael S. Hsiao,et al.  A region based approach for the identification of hardware Trojans , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[11]  Mark Mohammad Tehranipoor,et al.  Case study: Detecting hardware Trojans in third-party digital IP cores , 2011, 2011 IEEE International Symposium on Hardware-Oriented Security and Trust.

[12]  Amir Pnueli The Temporal Semantics of Concurrent Programs , 1981, Theor. Comput. Sci..

[13]  Swarup Bhunia,et al.  Security Against Hardware Trojan Attacks Using Key-Based Design Obfuscation , 2011, J. Electron. Test..

[14]  Anirban Sengupta,et al.  Untrusted Third Party Digital IP Cores: Power-Delay Trade-off Driven Exploration of Hardware Trojan Secured Datapath during High Level Synthesis , 2015, ACM Great Lakes Symposium on VLSI.

[15]  Farinaz Koushanfar,et al.  A Survey of Hardware Trojan Taxonomy and Detection , 2010, IEEE Design & Test of Computers.