Using gate-level side channel parameters for formally analyzing vulnerabilities in integrated circuits

Abstract The rising trend of globalization in integrated circuits (ICs) design and fabrication process has increased their vulnerability against malicious intrusions and alterations. Such modifications, also referred as Hardware Trojans (HTs), can lead to highly detrimental consequences like causing an IC to subvert normal operation, leak sensitive information or inducing denial of service (DoS). The vulnerability analysis of ICs against the malicious intrusions with conventional design-time testing and exhaustive simulations is computationally intensive, and it takes substantial resources and time for all-encompassing verification. To overcome these limitations, we propose a formal framework, based on gate-level side channel parameters, for a-priori assessment of IC vulnerability against HTs at the early stages of the design. This work employs formal modeling of the IC behavior in terms of switching power, propagation delay and leakage in order to examine the impact of malicious intrusions. We used the bounded model checker nuXmv, to formally verify and analyze the identified properties, owing to its inherent ability to handle real numbers and its support for analyzing infinite state domains. The vulnerabilities of ICs against HTs, and their effects on the IC nodes are assessed by analyzing linear temporal logic (LTL) properties, which are subsequently rendered into behavioral traces. We demonstrate the effectiveness of our approach on a set of ISCAS benchmarks.

[1]  David Blaauw,et al.  Statistical Analysis and Optimization for VLSI: Timing and Power , 2005, Series on Integrated Circuits and Systems.

[2]  Florian Schupfer,et al.  Hardware Trojan detection by specifying malicious circuit properties , 2013, 2013 IEEE 4th International Conference on Electronics Information and Emergency Communication.

[3]  Michael S. Hsiao,et al.  Hardware Trojan Attacks: Threat Analysis and Countermeasures , 2014, Proceedings of the IEEE.

[4]  Faiq Khalid,et al.  Runtime hardware Trojan monitors through modeling burst mode communication using formal verification , 2018, Integr..

[5]  Siva G. Narendra,et al.  Leakage in Nanometer CMOS Technologies , 2010 .

[6]  Marco Pistore,et al.  NuSMV 2: An OpenSource Tool for Symbolic Model Checking , 2002, CAV.

[7]  John P. Hayes,et al.  Unveiling the ISCAS-85 Benchmarks: A Case Study in Reverse Engineering , 1999, IEEE Des. Test Comput..

[8]  Aria Nosratinia,et al.  Silicon Demonstration of Hardware Trojan Design and Detection in Wireless Cryptographic ICs , 2017, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[9]  Sally Adee,et al.  The Hunt For The Kill Switch , 2008, IEEE Spectrum.

[10]  Sylvain Guilley,et al.  Hardware property checker for run-time Hardware Trojan detection , 2015, 2015 European Conference on Circuit Theory and Design (ECCTD).

[11]  N. Mohankumar,et al.  Malicious combinational Hardware Trojan detection by Gate Level Characterization in 90nm technology , 2014, Fifth International Conference on Computing, Communications and Networking Technologies (ICCCNT).

[12]  David Harris,et al.  CMOS VLSI Design: A Circuits and Systems Perspective , 2004 .

[13]  Behzad Razavi,et al.  Design of Analog CMOS Integrated Circuits , 1999 .

[14]  Marco Roveri,et al.  The nuXmv Symbolic Model Checker , 2014, CAV.

[15]  Christof Paar,et al.  MOLES: Malicious off-chip leakage enabled by side-channels , 2009, 2009 IEEE/ACM International Conference on Computer-Aided Design - Digest of Technical Papers.

[16]  Berk Sunar,et al.  Trojan Detection using IC Fingerprinting , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[17]  Charles A. Kamhoua,et al.  Translating circuit behavior manifestations of hardware Trojans using model checkers into run-time Trojan detection monitors , 2016, 2016 IEEE Asian Hardware-Oriented Security and Trust (AsianHOST).

[18]  Swarup Bhunia,et al.  Self-referencing: A Scalable Side-Channel Approach for Hardware Trojan Detection , 2010, CHES.

[19]  Osman Hasan,et al.  Hardware Trojan detection in soft error tolerant macro synchronous micro asynchronous (MSMA) pipeline , 2014, 2014 IEEE 57th International Midwest Symposium on Circuits and Systems (MWSCAS).

[20]  Osman Hasan,et al.  Analyzing Vulnerability of Asynchronous Pipeline to Soft Errors: Leveraging Formal Verification , 2016, J. Electron. Test..

[21]  Miodrag Potkonjak,et al.  Malicious Circuitry Detection Using Thermal Conditioning , 2011, IEEE Transactions on Information Forensics and Security.

[22]  Faiq Khalid,et al.  A self-learning framework to detect the intruded integrated circuits , 2016, 2016 IEEE International Symposium on Circuits and Systems (ISCAS).

[23]  Debdeep Mukhopadhyay,et al.  Improved Test Pattern Generation for Hardware Trojan Detection Using Genetic Algorithm and Boolean Satisfiability , 2015, CHES.

[24]  Sofiène Tahar,et al.  Formal Verification Methods , 2015 .

[25]  Subhasish Mitra,et al.  The Trojan-proof chip , 2015, IEEE Spectrum.

[26]  Hongwei Luo,et al.  Malicious circuitry detection using transient power analysis for IC security , 2013, 2013 International Conference on Quality, Reliability, Risk, Maintenance, and Safety Engineering (QR2MSE).

[27]  Azadeh Davoodi,et al.  A sensor-assisted self-authentication framework for hardware trojan detection , 2012, DATE 2012.

[28]  Shivam Bhasin,et al.  A survey on hardware trojan detection techniques , 2015, 2015 IEEE International Symposium on Circuits and Systems (ISCAS).

[29]  M. Tehranipoor,et al.  Hardware Trojans: Lessons Learned after One Decade of Research , 2016, TODE.

[30]  Osman Hasan,et al.  Formal Verification of Gate-Level Multiple Side Channel Parameters to Detect Hardware Trojans , 2016, FTSCS.

[31]  Mark Stephen Anderson,et al.  Towards Countering the Rise of the Silicon Trojan , 2008 .

[32]  Christos A. Papachristou,et al.  MERO: A Statistical Approach for Hardware Trojan Detection , 2009, CHES.

[33]  Jimson Mathew,et al.  A Flexible Online Checking Technique to Enhance Hardware Trojan Horse Detectability by Reliability Analysis , 2017, IEEE Transactions on Emerging Topics in Computing.

[34]  Osman Hasan,et al.  Formal analysis of macro synchronous micro asychronous pipeline for hardware Trojan detection , 2015, 2015 Nordic Circuits and Systems Conference (NORCAS): NORCHIP & International Symposium on System-on-Chip (SoC).

[35]  H.-S. Philip Wong,et al.  TPAD: Hardware Trojan Prevention and Detection for Trusted Integrated Circuits , 2015, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[36]  Farinaz Koushanfar,et al.  A Survey of Hardware Trojan Taxonomy and Detection , 2010, IEEE Design & Test of Computers.

[37]  Miodrag Potkonjak,et al.  Gate-level characterization: Foundations and hardware security applications , 2010, Design Automation Conference.

[38]  Swarup Bhunia,et al.  Towards Trojan-Free Trusted ICs: Problem Analysis and Detection Scheme , 2008, 2008 Design, Automation and Test in Europe.

[39]  Armin Biere,et al.  Bounded model checking , 2003, Adv. Comput..

[40]  Rolf Drechsler,et al.  Advanced Formal Verification , 2004 .

[41]  Miodrag Potkonjak,et al.  Hardware Trojan horse detection using gate-level characterization , 2009, 2009 46th ACM/IEEE Design Automation Conference.

[42]  Morteza Saheb Zamani,et al.  A study on the efficiency of hardware Trojan detection based on path-delay fingerprinting , 2014, Microprocess. Microsystems.

[43]  Axel Poschmann,et al.  Hardware trojan design and detection: a practical evaluation , 2013, WESS '13.

[44]  Jan M. Rabaey,et al.  Digital Integrated Circuits , 2003 .

[45]  Kwang-Ting Cheng,et al.  Hardware Trojan detection using exhaustive testing of k-bit subspaces , 2015, The 20th Asia and South Pacific Design Automation Conference.

[46]  James F. Plusquellic,et al.  On detecting delay anomalies introduced by hardware Trojans , 2016, 2016 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[47]  Gang Qu,et al.  Design THINGS for the Internet of Things — An EDA perspective , 2014, 2014 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).