Explainability Methods for Hardware Trojan Detection: A Systematic Comparison

TL;DR

This paper systematically compares explainability methods for hardware Trojan detection, evaluating domain-aware, case-based, and feature attribution techniques on a benchmark dataset.

Contribution

It provides a comprehensive comparison of three explainability approaches tailored for hardware Trojan detection, highlighting their strengths and limitations.

Findings

Domain-aware analysis offers circuit-specific insights.

Case-based reasoning provides precedent-based explanations.

Feature attribution methods give importance scores without circuit context.

Abstract

Hardware trojans are malicious circuits which compromise the functionality and security of an integrated circuit (IC). These circuits are manufactured directly into the silicon and cannot be fixed by security patches like software. The solution would require a costly product recall by replacing the IC and hence, early detection in the design process is essential. Hardware detection at best provides statistically based solutions with many false positives and false negatives. These detection methods require more thorough explainable analysis to filter out false indicators. Existing explainability methods developed for general domains like image classification may not provide the actionable insights that hardware engineers need. A question remains: How do domain-aware property analysis, model-agnostic case-based reasoning, and model-agnostic feature attribution techniques compare for hardware security applications? This work compares three categories of explainability for gate-level hardware trojan detection on the Trust-Hub benchmark dataset: (1) domain-aware property-based analysis of 31 circuit-specific features derived from gate fanin patterns, flip-flop distances, and primary Input/Output (I/O) connectivity; (2) model-agnostic case-based reasoning using k-nearest neighbors for precedent-based explanations; and (3) model-agnostic feature attribution methods (Local Interpretable Model-agnostic Explanations (LIME), SHapley Additive exPlanations (SHAP), gradient) that provide generic importance scores without circuit-level context.