Hardware Trojans: Lessons Learned after One Decade of Research

Given the increasing complexity of modern electronics and the cost of fabrication, entities from around the globe have become more heavily involved in all phases of the electronics supply chain. In this environment, hardware Trojans (i.e., malicious modifications or inclusions made by untrusted third parties) pose major security concerns, especially for those integrated circuits (ICs) and systems used in critical applications and cyber infrastructure. While hardware Trojans have been explored significantly in academia over the last decade, there remains room for improvement. In this article, we examine the research on hardware Trojans from the last decade and attempt to capture the lessons learned. A comprehensive adversarial model taxonomy is introduced and used to examine the current state of the art. Then the past countermeasures and publication trends are categorized based on the adversarial model and topic. Through this analysis, we identify what has been covered and the important problems that are underinvestigated. We also identify the most critical lessons for those new to the field and suggest a roadmap for future hardware Trojan research.

[1]  Jarrod A. Roy,et al.  EPIC: Ending Piracy of Integrated Circuits , 2008, 2008 Design, Automation and Test in Europe.

[2]  Yu Liu,et al.  Hardware Trojan detection through golden chip-free statistical side-channel fingerprinting , 2014, 2014 51st ACM/EDAC/IEEE Design Automation Conference (DAC).

[3]  3D ICs with TSVs—Design Challenges and Requirements , 2012 .

[4]  Yier Jin,et al.  Real-time trust evaluation in integrated circuits , 2014, 2014 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[5]  Mark R. Beaumont,et al.  SAFER PATH: Security architecture using fragmented execution and replication for protection against trojaned hardware , 2012, 2012 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[6]  Jeyavijayan Rajendran,et al.  Detecting malicious modifications of data in third-party intellectual property cores , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[7]  Mark Mohammad Tehranipoor,et al.  BISA: Built-in self-authentication for preventing hardware Trojan insertion , 2013, 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[8]  Gang Qu,et al.  Designing Trusted Embedded Systems from Finite State Machines , 2014, TECS.

[9]  Bhagirath Narahari,et al.  OS support for detecting Trojan circuit attacks , 2009, 2009 IEEE International Workshop on Hardware-Oriented Security and Trust.

[10]  Sally Adee,et al.  The Hunt For The Kill Switch , 2008, IEEE Spectrum.

[11]  Youhua Shi,et al.  A score-based classification method for identifying Hardware-Trojans at gate-level netlists , 2015, 2015 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[12]  Osnat Keren,et al.  Duplication Based One-to-Many Coding for Trojan HW Detection , 2010, 2010 IEEE 25th International Symposium on Defect and Fault Tolerance in VLSI Systems.

[13]  Miodrag Potkonjak,et al.  Hardware obfuscation using PUF-based logic , 2014, 2014 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[14]  Ronald P. Cocchi,et al.  Circuit camouflage integration for hardware IP protection , 2014, 2014 51st ACM/EDAC/IEEE Design Automation Conference (DAC).

[15]  Michael S. Hsiao,et al.  A Novel Sustained Vector Technique for the Detection of Hardware Trojans , 2009, 2009 22nd International Conference on VLSI Design.

[16]  Jeyavijayan Rajendran,et al.  High-level synthesis for security and trust , 2013, 2013 IEEE 19th International On-Line Testing Symposium (IOLTS).

[17]  Simha Sethumadhavan,et al.  FANCI: identification of stealthy malicious logic using boolean functional analysis , 2013, CCS.

[18]  Franco Stellari,et al.  Verification of untrusted chips using trusted layout and emission measurements , 2014, 2014 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[19]  Ryan Kastner,et al.  A 3-D Split Manufacturing Approach to Trustworthy System Development , 2013, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[20]  Ramesh Karri,et al.  Run-time detection of hardware Trojans: The processor protection unit , 2013, 2013 18th IEEE European Test Symposium (ETS).

[21]  Swarup Bhunia,et al.  Security against hardware Trojan through a novel application of design obfuscation , 2009, 2009 IEEE/ACM International Conference on Computer-Aided Design - Digest of Technical Papers.

[22]  Christos A. Papachristou,et al.  MERO: A Statistical Approach for Hardware Trojan Detection , 2009, CHES.

[23]  Yiorgos Makris,et al.  Post-deployment trust evaluation in wireless cryptographic ICs , 2012, 2012 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[24]  Sanjit A. Seshia,et al.  Reverse engineering circuits using behavioral pattern mining , 2012, 2012 IEEE International Symposium on Hardware-Oriented Security and Trust.

[25]  Peter Gadfort,et al.  Split-fabrication obfuscation: Metrics and techniques , 2014, 2014 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[26]  Jeyavijayan Rajendran,et al.  Shielding Heterogeneous MPSoCs From Untrustworthy 3PIPs Through Security- Driven Task Scheduling , 2013, IEEE Transactions on Emerging Topics in Computing.

[27]  Cliff Wang,et al.  Introduction to Hardware Security and Trust , 2011 .

[28]  Nektarios Georgios Tsoutsos,et al.  Fabrication Attacks: Zero-Overhead Malicious Modifications Enabling Modern Microprocessor Privilege Escalation , 2014, IEEE Transactions on Emerging Topics in Computing.

[29]  Siddharth Garg,et al.  Securing Computer Hardware Using 3D Integrated Circuit (IC) Technology and Split Manufacturing for Obfuscation , 2013, USENIX Security Symposium.

[30]  Mark Mohammad Tehranipoor,et al.  A study on the effectiveness of Trojan detection techniques using a red team blue team approach , 2013, 2013 IEEE 31st VLSI Test Symposium (VTS).

[31]  Joseph Zambreno,et al.  Preventing IC Piracy Using Reconfigurable Logic Barriers , 2010, IEEE Design & Test of Computers.

[32]  Berk Sunar,et al.  Trojan Detection using IC Fingerprinting , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[33]  Hai Zhou,et al.  Parallel CAD: Algorithm Design and Programming Special Section Call for Papers TODAES: ACM Transactions on Design Automation of Electronic Systems , 2010 .

[34]  Jeyavijayan Rajendran,et al.  Hardware security: Threat models and metrics , 2013, 2013 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[35]  Brandon Wang,et al.  Embedded reconfigurable logic for ASIC design obfuscation against supply chain attacks , 2014, 2014 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[36]  Christof Paar,et al.  MOLES: Malicious off-chip leakage enabled by side-channels , 2009, 2009 IEEE/ACM International Conference on Computer-Aided Design - Digest of Technical Papers.

[37]  Swarup Bhunia,et al.  TeSR: A robust Temporal Self-Referencing approach for Hardware Trojan detection , 2011, 2011 IEEE International Symposium on Hardware-Oriented Security and Trust.

[38]  Mark Mohammad Tehranipoor,et al.  Case study: Detecting hardware Trojans in third-party digital IP cores , 2011, 2011 IEEE International Symposium on Hardware-Oriented Security and Trust.

[39]  Wei Zhang,et al.  A low cost acceleration method for hardware trojan detection based on fan-out cone analysis , 2014, 2014 International Conference on Hardware/Software Codesign and System Synthesis (CODES+ISSS).

[40]  Mark Mohammad Tehranipoor,et al.  Analyzing circuit vulnerability to hardware Trojan insertion at the behavioral level , 2013, 2013 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFTS).

[41]  Mark Mohammad Tehranipoor,et al.  A Clock Sweeping Technique for Detecting Hardware Trojans Impacting Circuits Delay , 2013, IEEE Design & Test.

[42]  Michael T. Niemier,et al.  Leveraging Emerging Technology for Hardware Security - Case Study on Silicon Nanowire FETs and Graphene SymFETs , 2014, 2014 IEEE 23rd Asian Test Symposium.

[43]  Yiorgos Makris,et al.  Enhancing security via provably trustworthy hardware intellectual property , 2011, 2011 IEEE International Symposium on Hardware-Oriented Security and Trust.

[44]  Christos A. Papachristou,et al.  Process reliability based trojans through NBTI and HCI effects , 2010, 2010 NASA/ESA Conference on Adaptive Hardware and Systems.

[45]  Yiorgos Makris,et al.  Hardware Trojan detection using path delay fingerprint , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[46]  Mark Mohammad Tehranipoor,et al.  On design vulnerability analysis and trust benchmarks development , 2013, 2013 IEEE 31st International Conference on Computer Design (ICCD).

[47]  Jeyavijayan Rajendran,et al.  Security analysis of integrated circuit camouflaging , 2013, CCS.

[48]  Michael S. Hsiao,et al.  Hardware Trojan Attacks: Threat Analysis and Countermeasures , 2014, Proceedings of the IEEE.

[49]  Mark Mohammad Tehranipoor,et al.  A Novel Technique for Improving Hardware Trojan Detection and Reducing Trojan Activation Time , 2012, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[50]  Mark Mohammad Tehranipoor,et al.  Detecting malicious inclusions in secure hardware: Challenges and solutions , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[51]  Christos A. Papachristou,et al.  Trustworthy computing in a multi-core system using distributed scheduling , 2010, 2010 IEEE 16th International On-Line Testing Symposium.

[52]  Syed Rafay Hasan,et al.  Tenacious hardware trojans due to high temperature in middle tiers of 3-D ICs , 2015, 2015 IEEE 58th International Midwest Symposium on Circuits and Systems (MWSCAS).

[53]  Lawrence T. Pileggi,et al.  Building trusted ICs using split fabrication , 2014, 2014 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[54]  Dhruva Acharyya,et al.  Detecting Trojans Through Leakage Current Analysis Using Multiple Supply Pad ${I}_{\rm DDQ}$s , 2010, IEEE Transactions on Information Forensics and Security.

[55]  Sandeep K. Gupta,et al.  Efficient Trojan Detection via Calibration of Process Variations , 2012, 2012 IEEE 21st Asian Test Symposium.

[56]  Mark Mohammad Tehranipoor,et al.  Layout-Aware Switching Activity Localization to Enhance Hardware Trojan Detection , 2012, IEEE Transactions on Information Forensics and Security.

[57]  Jeyavijayan Rajendran,et al.  Design and analysis of ring oscillator based Design-for-Trust technique , 2011, 29th VLSI Test Symposium.

[58]  Swarup Bhunia,et al.  Improving IC Security Against Trojan Attacks Through Integration of Security Monitors , 2012, IEEE Design & Test of Computers.

[59]  PlusquellicJim,et al.  Detecting Trojans through leakage current analysis using multiple supply pad IDDQS , 2010 .

[60]  Sandeep K. Gupta,et al.  A Resizing Method to Minimize Effects of Hardware Trojans , 2014, 2014 IEEE 23rd Asian Test Symposium.

[61]  Ankur Srivastava,et al.  Security-Aware Design Flow for 2.5D IC Technology , 2015, TrustED@CCS.

[62]  Christian Krieg,et al.  Applied formal methods for hardware Trojan detection , 2014, 2014 IEEE International Symposium on Circuits and Systems (ISCAS).

[63]  Chip-Hong Chang,et al.  Cluster-based distributed active current timer for hardware Trojan detection , 2013, 2013 IEEE International Symposium on Circuits and Systems (ISCAS2013).

[64]  Ankur Srivastava,et al.  On application of one-class SVM to reverse engineering-based hardware Trojan detection , 2014, Fifteenth International Symposium on Quality Electronic Design.

[65]  Mark Mohammad Tehranipoor,et al.  Efficient and secure split manufacturing via obfuscated built-in self-authentication , 2015, 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[66]  Mark Mohammad Tehranipoor,et al.  RON: An on-chip ring oscillator network for hardware Trojan detection , 2011, 2011 Design, Automation & Test in Europe.

[67]  Ajay Joshi,et al.  Detecting Hardware Trojans using backside optical imaging of embedded watermarks , 2015, 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[68]  Jonathan Tse,et al.  A split-foundry asynchronous FPGA , 2013, Proceedings of the IEEE 2013 Custom Integrated Circuits Conference.

[69]  Ozgur Sinanoglu,et al.  Slack removal for enhanced reliability and trust , 2014, 2014 9th IEEE International Conference on Design & Technology of Integrated Systems in Nanoscale Era (DTIS).

[70]  Milo M. K. Martin,et al.  Overcoming an Untrusted Computing Base: Detecting and Removing Malicious Hardware Automatically , 2010, 2010 IEEE Symposium on Security and Privacy.

[71]  Ankur Srivastava,et al.  Temperature tracking: An innovative run-time approach for hardware Trojan detection , 2013, 2013 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[72]  Jie Li,et al.  At-speed delay characterization for IC authentication and Trojan Horse detection , 2008, 2008 IEEE International Workshop on Hardware-Oriented Security and Trust.

[73]  Gabi Dreo Rodosek,et al.  The role of COTS products for high security systems , 2012, 2012 4th International Conference on Cyber Conflict (CYCON 2012).

[74]  Trey Reece,et al.  Design Comparison to Identify Malicious Hardware in External Intellectual Property , 2011, 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications.

[75]  Mark Mohammad Tehranipoor,et al.  Trustworthy Hardware: Identifying and Classifying Hardware Trojans , 2010, Computer.