Formal Verification of Gate-Level Multiple Side Channel Parameters to Detect Hardware Trojans

The enhancements in functionality, performance, and complexity in modern electronics systems have ensued the involvement of various entities, around the globe, in different phases of integrated circuit (IC) manufacturing. This environment has exposed the ICs to malicious intrusions also referred as Hardware Trojans (HTs). The detection of malicious intrusions in ICs with exhaustive simulations and testing is computationally intensive, and it takes substantial effort and time for all-encompassing verification. In order to overcome this limitation, in this paper, we propose a framework to formally model and analyze the gate-level side channel parameters, i.e., dynamic power and delay, for Hardware Trojan detection. We used the nuXmv model checker for the formal modeling and analysis of integrated circuits due to its inherent capability of handling real numbers and support of scalable SMT-based bounded model checking. The experimental results show that the proposed methodology is able to detect the intrusions by analyzing the failure of the specified linear temporal logic (LTL) properties, which are subsequently rendered into behavioural traces, indicating the potential attack paths in integrated circuits.

[1]  Gang Qu,et al.  Design THINGS for the Internet of Things — An EDA perspective , 2014, 2014 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[2]  David Harris,et al.  CMOS VLSI Design: A Circuits and Systems Perspective , 2004 .

[3]  Sally Adee,et al.  The Hunt For The Kill Switch , 2008, IEEE Spectrum.

[4]  Hongwei Luo,et al.  Malicious circuitry detection using transient power analysis for IC security , 2013, 2013 International Conference on Quality, Reliability, Risk, Maintenance, and Safety Engineering (QR2MSE).

[5]  Jian Ma,et al.  Hierarchical Dynamic Thermal Management Method for High-Performance Many-Core Microprocessors , 2016, ACM Trans. Design Autom. Electr. Syst..

[6]  Mark Mohammad Tehranipoor,et al.  Case study: Detecting hardware Trojans in third-party digital IP cores , 2011, 2011 IEEE International Symposium on Hardware-Oriented Security and Trust.

[7]  Shivam Bhasin,et al.  A survey on hardware trojan detection techniques , 2015, 2015 IEEE International Symposium on Circuits and Systems (ISCAS).

[8]  Osman Hasan,et al.  Low Power Soft Error Tolerant Macro Synchronous Micro Asynchronous (MSMA) Pipeline , 2014, 2014 IEEE Computer Society Annual Symposium on VLSI.

[9]  Mark Stephen Anderson,et al.  Towards Countering the Rise of the Silicon Trojan , 2008 .

[10]  Christos A. Papachristou,et al.  MERO: A Statistical Approach for Hardware Trojan Detection , 2009, CHES.

[11]  Emmanuelle Encrenaz-Tiphène,et al.  Formal Verification of Timed VHDL Programs , 2010, FDL.

[12]  Debdeep Mukhopadhyay,et al.  Hardware Security - Design, Threats, and Safeguards , 2014 .

[13]  Rolf Drechsler,et al.  Advanced Formal Verification , 2004 .

[14]  Giorgio Di Natale,et al.  Is Side-Channel Analysis really reliable for detecting Hardware Trojans? , 2012 .

[15]  Jan M. Rabaey,et al.  Digital Integrated Circuits , 2003 .

[16]  M. Tehranipoor,et al.  Hardware Trojans: Lessons Learned after One Decade of Research , 2016, TODE.

[17]  Yiorgos Makris,et al.  Hardware Trojan detection using path delay fingerprint , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[18]  Michael S. Hsiao,et al.  Hardware Trojan Attacks: Threat Analysis and Countermeasures , 2014, Proceedings of the IEEE.

[19]  Osman Hasan,et al.  Hardware Trojan detection in soft error tolerant macro synchronous micro asynchronous (MSMA) pipeline , 2014, 2014 IEEE 57th International Midwest Symposium on Circuits and Systems (MWSCAS).

[20]  Jianmin Hou,et al.  Verification of Asynchronous Circuits using Timed Automata , 2002, Theory and Practice of Timed Systems @ ETAPS.

[21]  Jordi Cortadella,et al.  Verification of timed circuits with symbolic delays , 2004, ASP-DAC 2004: Asia and South Pacific Design Automation Conference 2004 (IEEE Cat. No.04EX753).

[22]  Berk Sunar,et al.  Trojan Detection using IC Fingerprinting , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[23]  Marco Pistore,et al.  NuSMV 2: An OpenSource Tool for Symbolic Model Checking , 2002, CAV.

[24]  John Lach,et al.  Performance of delay-based Trojan detection techniques under parameter variations , 2009, 2009 IEEE International Workshop on Hardware-Oriented Security and Trust.

[25]  Sylvain Guilley,et al.  Hardware property checker for run-time Hardware Trojan detection , 2015, 2015 European Conference on Circuit Theory and Design (ECCTD).

[26]  Jiing-Yuan Lin,et al.  A cell-based power estimation in CMOS combinational circuits , 1994, ICCAD.

[27]  Osman Hasan,et al.  Formal analysis of macro synchronous micro asychronous pipeline for hardware Trojan detection , 2015, 2015 Nordic Circuits and Systems Conference (NORCAS): NORCHIP & International Symposium on System-on-Chip (SoC).

[28]  Farinaz Koushanfar,et al.  A Survey of Hardware Trojan Taxonomy and Detection , 2010, IEEE Design & Test of Computers.

[29]  Subhasish Mitra,et al.  The Trojan-proof chip , 2015, IEEE Spectrum.

[30]  Marco Roveri,et al.  The nuXmv Symbolic Model Checker , 2014, CAV.

[31]  Miodrag Potkonjak,et al.  Malicious Circuitry Detection Using Thermal Conditioning , 2011, IEEE Transactions on Information Forensics and Security.

[32]  Faiq Khalid,et al.  A self-learning framework to detect the intruded integrated circuits , 2016, 2016 IEEE International Symposium on Circuits and Systems (ISCAS).

[33]  Florian Schupfer,et al.  Hardware Trojan detection by specifying malicious circuit properties , 2013, 2013 IEEE 4th International Conference on Electronics Information and Emergency Communication.