Abstract
Hardware Trojan horses is a realistic threat in the modern IC supply chain. Once the associate risk is considered, appropriate defense mechanisms must be designed and employed at the various stages in order to detect such hardware malware. We propose two novel uses of ring oscillators, one as an attack vector against hardware implementations of true random number generators and one as an on-chip detection method for Trojans. We show that the transient-effect ring oscillators (TERO) of appropriate length are very sensitive even to small modifications of the monitored circuit and can be a viable alternative to detection based on conventional ring oscillators. Finally, we discuss an outlook to the future of hardware Trojan defenses.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
Herein, we will use the terms “Trojan” and “hardware Trojan” as synonyms for this term.
- 2.
- 3.
- 4.
- 5.
An early version of this work was presented and discussed in TRUDEVICE 2015, a workshop collocated with DATE 2015, in Grenoble, France on March 2015.
- 6.
An early version of this work was presented and discussed in TRUDEVICE 2015, a workshop collocated with DATE 2015, in Grenoble, France on March 2015.
References
Adee S. The hunt for the kill switch. IEEE Spectrum. 2008;45(5):34–9.
Banga M, Hsiao MS. A novel sustained vector technique for the detection of hardware Trojans. In: 2009 22nd international conference on VLSI design. IEEE; 2009. p. 327–32.
Banga M, Hsiao MS. VITAMIN: voltage inversion technique to ascertain malicious insertions in ICs. In: HOST’09, IEEE international workshop on hardware-oriented security and trust, 2009. IEEE; 2009. p. 104–7.
Bloom G, Narahari B, Simha R, Zambreno J. Providing secure execution environments with a last line of defense against Trojan circuit attacks. Comput Secur. 2009;28(7):660–9.
Böhl E, Ihle M. A fault attack robust TRNG. In: 2012 IEEE 18th international on-line testing symposium (IOLTS). IEEE; 2012. p. 114–7.
Bossuet L, Ngo XT, Cherif Z, Fischer V. A PUF based on a transient effect ring oscillator and insensitive to locking phenomenon. IEEE Trans Emer Top Comput. 2014;2(1):30–6.
Cherkaoui A, Fischer V, Fesquet L, Aubert A: A very high speed true random number generator with entropy assessment. In: Cryptographic hardware and embedded systems-CHES 2013. Springer; 2013. p. 179–96.
Clark J, Leblanc S, Knight S. Hardware Trojan horse device based on unintended USB channels. In: NSS’09, third international conference on network and system security, 2009. IEEE; 2009. p. 1–8.
Clark J, Leblanc S, Knight S. Compromise through USB-based hardware Trojan horse device. Future Gener Comput Syst. 2011;27(5):555–63.
Clark J, Leblanc S, Knight S. Risks associated with USB hardware Trojan devices used by insiders. In: 2011 IEEE international systems conference (SysCon). IEEE; 2011. p. 201–8.
Dabrowski A, Hobel H, Ullrich J, Krombholz K, Weippl E: Towards a hardware Trojan detection cycle. In: 2014 ninth international conference on availability, reliability and security (ARES); 2014. p. 287–94.
Fischer V, Lubicz D. Embedded evaluation of randomness in oscillator based elementary TRNG. In: Cryptographic hardware and embedded systems-CHES 2014. Springer; 2014. p. 527–43.
Jin Y. Introduction to hardware security. Electronics. 2015;4(4):763–84.
Jin Y, Makris Y. Hardware Trojans in wireless cryptographic ICs. IEEE Des Test Comput. 2010;27(1):26–35.
King ST, Tucek J, Cozzie A, Grier C, Jiang W, Zhou Y. Designing and implementing malicious hardware. LEET. 2008;8:1–8.
Kitsos P, Simos D, Torres-Jimenez J, Voyiatzis A. Exciting FPGA cryptographic Trojans using combinatorial testing. In: 26th IEEE international symposium on software reliability engineering (ISSRE 2015), IEEE CPS (2015). Gaithersburg, MD, USA, November 2–5, 2015. p. 69–76.
Kitsos P, Voyiatzis A. FPGA Trojan detection using length-optimized ring oscillators. In: 17th EUROMICRO conference on digital system design (DSD 2014). Verona, Italy: IEEE CPS; 2014.
Kitsos P, Voyiatzis A. Towards a hardware Trojan detection methodology. In: 2nd EUROMICRO/IEEE workshop on embedded and cyber-physical systems (ECYPS 2014). Budva, Montenegro; 2014.
Kitsos P, Voyiatzis A. A comparison of TERO and RO timing sensitivity for hardware Trojan detection applications. In: 18th EUROMICRO conference on digital system design (DSD 2015). Madeira, Portugal: IEEE CPS; 2015.
Lee W, Rotoloni B: Emerging cyber threats report 2013. Georgia Tech Cyber Secur Summit. 2012.
Lin L, Kasper M, Güneysu T, Paar C, Burleson W. Trojan side-channels: lightweight hardware Trojans through side-channel engineering. In: Cryptographic hardware and embedded systems-CHES 2009. Springer; 2009. p. 382–95.
Lindorfer M, Kolbitsch C, Comparetti PM. Detecting environment-sensitive malware. In: Recent advances in intrusion detection. Springer; 2011. p. 338–57.
Markettos AT, Moore SW. The frequency injection attack on ring-oscillator-based true random number generators. In: Cryptographic hardware and embedded systems-CHES 2009. Springer; 2009. p. 317–31.
Rad RM, Wang X, Tehranipoor M, Plusquellic J. Power supply signal calibration techniques for improving detection resolution to hardware Trojans. In: Proceedings of the 2008 IEEE/ACM international conference on computer-aided design. IEEE Press; 2008. p. 632–9.
Rai D, Lach J. Performance of delay-based Trojan detection techniques under parameter variations. In: HOST’09, IEEE international workshop on hardware-oriented security and trust, 2009. IEEE; 2009. p. 58–65.
Ray S, Yang J, Basak A, Bhunia S. Correctness and security at odds: post-silicon validation of modern SoC designs. In: Proceedings of the 52nd annual design automation conference, DAC ’15. New York, NY, USA: ACM; 2015. p. 146:1–146:6.
Rogers M, Ruppersberger CD. Investigative report on the US national security issues posed by Chinese telecommunications companies Huawei and ZTE: a report. US house of representatives; 2012.
Rukhin A, Soto J, Nechvatal J, Smid M, Barker E. A statistical test suite for random and pseudorandom number generators for cryptographic applications. DTIC document: Tech. rep; 2001.
Salmani H, Tehranipoor M, Plusquellic J. A novel technique for improving hardware Trojan detection and reducing Trojan activation time. IEEE Trans Very Large Scale Integr VLSI Syst. 2012;20(1):112–25.
Schindler W, Killmann W. Evaluation criteria for true (physical) random number generators used in cryptographic applications. In: Cryptographic hardware and embedded systems-CHES 2002. Springer; 2003. p. 431–49.
Sreedhar A, Kundu S, Koren I. On reliability Trojan injection and detection. J Low Power Electron. 2012;8(5):674–83.
UEA2&UIA I. Specification of the 3GPP confidentiality and integrity algorithms UEA2 & UIA2. Document 2: SNOW 3G specifications. Version: 1.1. ETSI; 2006.
Varchola M, Drutarovsky M. New high entropy element for FPGA based true random number generators. In: Cryptographic hardware and embedded systems, CHES 2010. Springer; 2010. p. 351–65.
Vidas T, Christin N. Evading android runtime analysis via sandbox detection. In: Proceedings of the 9th ACM symposium on information, computer and communications security. ACM; 2014. p. 447–58.
Wang X, Tehranipoor M, Plusquellic J. Detecting malicious inclusions in secure hardware: challenges and solutions. In: HOST 2008, IEEE international workshop on hardware-oriented security and trust, 2008. IEEE; 2008. p. 15–9.
Acknowledgements
This work was supported in part by the EU COST Action IC1204 Trustworthy Manufacturing and Utilization of Secure Devices (TRUDEVICE), the GSRT Action “KRIPIS” with national (Greece) and EU funds, in the context of the research project “ISRTDI” while P. Kitsos and A.G. Voyiatzis were with the Industrial Systems Institute of the “Athena” Research and Innovation Center in ICT and Knowledge Technologies, and the COMET K1 program by the Austrian Research Promotion Agency (FFG), while A.G. Voyiatzis was with SBA Research.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Kitsos, P., Sklavos, N., Voyiatzis, A.G. (2017). Ring Oscillators and Hardware Trojan Detection. In: Sklavos, N., Chaves, R., Di Natale, G., Regazzoni, F. (eds) Hardware Security and Trust. Springer, Cham. https://doi.org/10.1007/978-3-319-44318-8_9
Download citation
DOI: https://doi.org/10.1007/978-3-319-44318-8_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-44316-4
Online ISBN: 978-3-319-44318-8
eBook Packages: EngineeringEngineering (R0)