Cross-Scale Persistence Analysis of EM Side-Channels for Reference-Free Detection of Always-On Hardware Trojans

TL;DR

This paper introduces a novel reference-free method for detecting always-on hardware Trojans by analyzing electromagnetic side-channel signals across multiple scales, identifying persistent statistical signatures that distinguish malicious from benign designs.

Contribution

The paper proposes a cross-scale persistence analysis framework using EM emissions and Gaussian Mixture Models to detect always-on Trojans without needing trusted golden references, advancing hardware security detection techniques.

Findings

Trojan-free designs show scale-dependent variability in EM signals.

Always-on Trojans produce persistent statistical signatures across scales.

Different Trojan types exhibit distinct persistence patterns.

Abstract

Always-on hardware Trojans pose a serious challenge to integrated circuit trust, as they remain active during normal operation and are difficult to detect in post-deployment settings without trusted golden references. This paper presents a reference-free detection framework based on cross-scale persistence analysis of electromagnetic (EM) side-channels, targeting always-on parasitic hardware behavior. The proposed method analyzes EM emissions across multiple time-frequency resolutions and constructs stability maps that capture the consistency of spectral features over repeated executions. Gaussian Mixture Models (GMMs) with Bayesian Information Criterion (BIC) based model selection are used to characterize statistical structure at each scale. We introduce cross-scale saturation, variability, and median mixture complexity metrics that quantify whether statistical structure evolves naturally or remains persistently anchored across resolutions. Experimental results on AES implementations show that Trojan-free designs exhibit scale-dependent variability consistent with transient switching behavior, while always-on Trojans produce persistent statistical signatures that suppress cross-scale evolution. Furthermore, different Trojan classes, such as workload-correlated leakage-information Trojans and independent ring-oscillator Trojans, exhibit distinct persistence patterns. These findings demonstrate that cross-scale persistence provides a physically interpretable and robust assurance signal for unsupervised, reference-free detection of always-on hardware Trojans.