Hardware property checker for run-time Hardware Trojan detection

Nowadays, Hardware Trojans (HTs) become a real threat because of IC design and fabrication outsourcing trend. In the state of the art, many efforts were devoted to counter this threat, especially at netlist level. However, some clever HTs are actually a combination between a hardware and a software vulnerability, which, together, allow an exploitation. In this paper, we intend to detect such advanced HT, by resorting to a run-time detection. This method consists in identifying some high-level and critical behavioral invariants, and by checking them during the circuit operation. The assertion and Property Specification Language (PSL) is used to describe the properties to be checked. Then, a Hardware Property Checker (HPC) is created and integrated in the IC in order to verify these properties in runtime. We discuss how to define the critical properties for HPC. We also explain how this method is complementary with others, especially how the Hardware Checker can itself be protected against a tampering attempt. A case of study on LEON processor was performed to demonstrate the feasibility of this detection technique.

[1]  Berk Sunar,et al.  Trojan Detection using IC Fingerprinting , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[2]  Amir Pnueli,et al.  PSL Model Checking and Run-Time Verification Via Testers , 2006, FM.

[3]  Sylvain Guilley,et al.  Linear complementary dual code improvement to strengthen encoded circuit against hardware Trojan horses , 2015, 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[4]  Jarrod A. Roy,et al.  EPIC: Ending Piracy of Integrated Circuits , 2008, 2008 Design, Automation and Test in Europe.

[5]  Michael S. Hsiao,et al.  ODETTE: A non-scan design-for-test methodology for Trojan detection in ICs , 2011, 2011 IEEE International Symposium on Hardware-Oriented Security and Trust.

[6]  Miron Abramovici,et al.  Integrated circuit security: new threats and solutions , 2009, CSIIRW '09.

[7]  Dick James,et al.  The State-of-the-Art in IC Reverse Engineering , 2009, CHES.

[8]  Yiorgos Makris,et al.  Experiences in Hardware Trojan design and implementation , 2009, 2009 IEEE International Workshop on Hardware-Oriented Security and Trust.

[9]  Bhagirath Narahari,et al.  OS support for detecting Trojan circuit attacks , 2009, 2009 IEEE International Workshop on Hardware-Oriented Security and Trust.

[10]  Florian Eibensteiner,et al.  SynPSL: Behavioral Synthesis of PSL Assertions , 2009, EUROCAST.

[11]  Yuanyuan Zhou,et al.  Designing and Implementing Malicious Hardware , 2008, LEET.

[12]  Gang Wang,et al.  Security Primitives for Reconfigurable Hardware-Based Systems , 2010, TRETS.

[13]  Cynthia E. Irvine,et al.  Security Checkers: Detecting processor malicious inclusions at runtime , 2011, 2011 IEEE International Symposium on Hardware-Oriented Security and Trust.

[14]  Cynthia E. Irvine,et al.  Evaluating security requirements in a general-purpose processor by combining assertion checkers with code coverage , 2012, 2012 IEEE International Symposium on Hardware-Oriented Security and Trust.