Detecting Hardware Trojans in Microprocessors via Hardware Error Correction Code-based Modules

TL;DR

This paper presents a hardware-based method using Error Correction Codes to detect malicious Hardware Trojans in RISC-V microprocessors, achieving perfect detection with minimal overhead.

Contribution

It introduces a Hardware Security Checker utilizing Hamming ECCs for effective runtime HT detection with zero false positives.

Findings

Achieves 100% detection rate of HTs

No false positives or missed detections

Minimal hardware overhead and no performance impact

Abstract

Software-exploitable Hardware Trojans (HTs) enable attackers to execute unauthorized software or gain illicit access to privileged operations. This manuscript introduces a hardware-based methodology for detecting runtime HT activations using Error Correction Codes (ECCs) on a RISC-V microprocessor. Specifically, it focuses on HTs that inject malicious instructions, disrupting the normal execution flow by triggering unauthorized programs. To counter this threat, the manuscript introduces a Hardware Security Checker (HSC) leveraging Hamming Single Error Correction (HSEC) architectures for effective HT detection. Experimental results demonstrate that the proposed solution achieves a 100% detection rate for potential HT activations, with no false positives or undetected attacks. The implementation incurs minimal overhead, requiring only 72 #LUTs, 24 #FFs, and 0.5 #BRAM while maintaining the microprocessor's original operating frequency and introducing no additional time delay.