Hardware Trojan Detection through Information Flow Security Verification

TL;DR

This paper critically analyzes existing hardware Trojan detection methods, highlights their limitations, and proposes a new IFS-based verification framework that effectively detects Trojans without white-box knowledge, validated on benchmark IPs.

Contribution

The paper introduces a novel IFS verification framework for Trojan detection that overcomes limitations of prior techniques and does not require white-box knowledge.

Findings

Successfully detects Trojans in trust-hub benchmarks

Demonstrates robustness against limitations of previous methods

Accurately identifies malicious insertions without white-box info

Abstract

Semiconductor design houses are increasingly becoming dependent on third party vendors to procure intellectual property (IP) and meet time-to-market constraints. However, these third party IPs cannot be trusted as hardware Trojans can be maliciously inserted into them by untrusted vendors. While different approaches have been proposed to detect Trojans in third party IPs, their limitations have not been extensively studied. In this paper, we analyze the limitations of the state-of-the-art Trojan detection techniques and demonstrate with experimental results how to defeat these detection mechanisms. We then propose a Trojan detection framework based on information flow security (IFS) verification. Our framework detects violation of IFS policies caused by Trojans without the need of white-box knowledge of the IP. We experimentally validate the efficacy of our proposed technique by accurately identifying Trojans in the trust-hub benchmarks. We also demonstrate that our technique does not share the limitations of the previously proposed Trojan detection techniques.