Abstract
Hardware Trojan (HT), intellectual property (IP) piracy, and overproduction of integrated circuit (IC) are three threats that may happen in untrusted fabrication foundries. HTs are malicious circuitry changes in the IC layout. They affect side-channels (IC parameters) such as path-delay or power consumption. Therefore, HT detection methods based on side-channel analysis have been proposed. They can detect an HT only if its effects on side-channels are significant among the alteration of side-channels, caused by process1 and environment2 variations. IC design modifications at different abstraction levels have been proposed to facilitate HT detection methods after fabrication, such as modifying a circuit to make the paths3 of the circuit more sensitive to HTs. Such modifications are known as design-for-trust (DfTr). In addition, key-based modifications have been proposed to protect IPs/ICs from IP piracy and IC overproduction. This approach is known as masking or obfuscation, and it modifies a circuit such that it does not correctly work without applying a correct key. In this work, we propose a DfTr method based on leveraging the masking approach. It improves HT detection methods based on path-delay analysis. As a matter of fact, the delay of shorter paths varies less than that of longer ones. Therefore, the objective of the proposed DfTr is to generate fake short paths for nets that only belong to long paths. Our layout level experiments show that the proposed DfTr masks the functionality of circuits and, on average, increases the HT detectability of path-delay-based detection methods by 10%.
Similar content being viewed by others
Notes
ROs generate oscillations and they include an odd number of NOT gates (or gates having an inversion function such as NOR/NAND gates) and feedback that the output of the last NOT gate is fed into the first NOT gate.
References
Mishra P, Tehranipoor M, Bhunia S (2017) Security and trust vulnerabilities in third-party IPs, In Hardware IP security and trust. Springer, Cham, pp 3–14
Agrawal, D., Baktir, S., Karakoyunlu, D., Rohatgi, P., & Sunar, B. (2007). Trojan detection using IC fingerprinting. In Security and privacy, 2007. SP'07. IEEE Symposium on (pp. 296–310). IEEE
Li H, Liu Q, Zhang J (2016) A survey of hardware Trojan threat and defense. Integr VLSI J 55:426–437
Lecomte M, Fournier J, Maurine P (2017) An on-chip technique to detect hardware Trojans and assist counterfeit identification. IEEE Trans Very Large Scale Integr (VLSI) Syst 25(12):3317–3330
Yu Q, Dofe J, Zhang Y, Frey J (2017) Hardware hardening approaches using camouflaging, encryption, and obfuscation. In: Hardware IP security and trust. Springer, Cham, pp 135–163
Chakraborty RS, Bhunia S (2009) HARPOON: an obfuscation-based SoC design methodology for hardware protection. IEEE Trans Comput Aided Des Integr Circuits Syst 28(10):1493–1502
Dofe, J., & Yu, Q. (2017) Novel dynamic state-deflection method for gate-level design obfuscation. IEEE Trans Comput Aided Des Integr Circuits Syst
Rajendran, J., Pino, Y., Sinanoglu, O., & Karri, R. (2012) Security analysis of logic obfuscation. In Proceedings of the 49th Annual Design Automation Conference (pp. 83–89). ACM
Zhang J (2016) A practical logic obfuscation technique for hardware security. IEEE Trans Very Large Scale Integr (VLSI) Syst 24(3):1193–1197
Rajendran J, Zhang H, Zhang C, Rose GS, Pino Y, Sinanoglu O, Karri R (2015) Fault analysis-based logic encryption. IEEE Trans Comput 64(2):410–424
Plaza SM, Markov IL (2015) Solving the third-shift problem in IC piracy with test-aware logic locking. IEEE Trans Comput Aided Des Integr Circuits Syst 34(6):961–971
Yasin M, Rajendran JJ, Sinanoglu O, Karri R (2016) On improving the security of logic locking. IEEE Trans Comput Aided Des Integr Circuits Syst 35(9):1411–1424
Dutta RG, Guo X, Jin Y (2017) IP trust: the problem and design/validation-based solution. In: Fundamentals of IP and SoC security. Springer, Cham, pp 49–65
Samimi, S. M. S., Aerabi, E., Nejat, A., Fazeli, M., Hely, D., & Beroulle, V. (2016). High output hamming-distance achievement by a greedy logic masking approach. In East-West Design & Test Symposium (EWDTS), 2016 I.E. (pp. 1–4). IEEE
Colombier B, Bossuet L, Hély D (2017) Logic modification-based IP protection methods: an overview and a proposal, In Foundations of hardware IP protection. Springer, Cham, pp 37–64
Chakraborty RS, Bhunia S (2011) Security against hardware Trojan attacks using key-based design obfuscation. J Electron Test 27(6):767–785
Nejat, A., Hely, D., & Beroulle, V. (2016) How logic masking can improve path delay analysis for Hardware Trojan detection. In Computer Design (ICCD), 2016 I.E. 34th International Conference on (pp. 424–427). IEEE
Shekarian SMH, Zamani MS (2015) Improving hardware Trojan detection by retiming. Microprocess Microsyst 39(3):145–156
Nejat A, Shekarian SMH, Zamani MS (2014) A study on the efficiency of hardware Trojan detection based on path-delay fingerprinting. Microprocess Microsyst 38(3):246–252
Cha, B., & Gupta, S. K. (2013). Trojan detection via delay measurements: a new approach to select paths and vectors to maximize effectiveness and minimize cost. In Proceedings of the conference on design, automation and test in Europe (pp. 1265–1270). EDA Consortium
Hoque T, Narasimhan S, Wang X, Mal-Sarkar S, Bhunia S (2017) Golden-free hardware Trojan detection with high sensitivity under process noise. J Electron Test 33(1):107–124
Jin, Y., & Makris, Y. (2008). Hardware Trojan detection using path delay fingerprint. In Hardware-oriented security and trust, 2008. HOST 2008. IEEE International Workshop on (pp. 51–57). IEEE
Rai, D., & Lach, J. (2009) Performance of delay-based Trojan detection techniques under parameter variations. In Hardware-oriented security and trust, 2009. HOST'09. IEEE International Workshop on (pp. 58–65). IEEE
Blaauw D, Chopra K, Srivastava A, Scheffer L (2008) Statistical timing analysis: from basic principles to state of the art. IEEE Trans Comput Aided Des Integr Circuits Syst 27(4):589–607
Ferraiuolo, A., Zhang, X., & Tehranipoor, M. (2012) Experimental analysis of a ring oscillator network for hardware Trojan detection in a 90nm ASIC. In Proceedings of the International Conference on Computer-Aided Design (pp. 37–42). ACM
Lamech, C., & Plusquellic, J. (2012) Trojan detection based on delay variations measured using a high-precision, low-overhead embedded test structure. In Hardware-Oriented Security and Trust (HOST), 2012 I.E. International Symposium on (pp. 75–82). IEEE
Roy JA, Koushanfar F, Markov IL (2010) Ending piracy of integrated circuits. Computer 43(10):30–38
Dupuis, S., Ba, P. S., Di Natale, G., Flottes, M. L., & Rouzeyre, B. (2014) A novel hardware logic encryption technique for thwarting illegal overproduction and hardware trojans. In On-Line Testing Symposium (IOLTS), 2014 I.E. 20th International (pp. 49–54). IEEE
Samimi, M. S., Aerabi, E., Kazemi, Z., Fazeli, M., & Patooghy, A. (2016). Hardware enlightening: nowhere to hide your hardware Trojans!. In On-Line Testing and Robust System Design (IOLTS), 2016 I.E. 22nd International Symposium on (pp. 251–256). IEEE
Russell SJ, Norvig P, Canny JF, Malik JM, Edwards DD (2003) Artificial intelligence: a modern approach (Vol. 2, No. 9). Prentice hall, Upper Saddle River
Pang LT, Qian K, Spanos CJ, Nikolic B (2009) Measurement and analysis of variability in 45 nm strained-Si CMOS technology. IEEE J Solid State Circuits 44(8):2233–2243
The ISCAS-85 Benchmark Circuits. [Online]. Available: http://www.pld.ttu.ee/~maksim/benchmarks/iscas89/
The ISCAS-85 Benchmark Circuits. [Online]. Available: http://pld.ttu.ee/~maksim/benchmarks/iscas85/
Verific Design Automation Inc., [Online]. Available: http://www.verific.com
Synopsys Design Compiler, [Online]. Available: http://www.synopsys.com/Tools/Implementation/RTLSynthesis/DesignCompiler/Pages/default.aspx
Cadence SOC Encounter, [Online]. Available: https://www.cadence.com
NanGate—The Standard Cell Library Optimization Company, [Online]. Available: http://www.nangate.com/
Author information
Authors and Affiliations
Corresponding author
Additional information
1It is the variation of some transistor characteristics, such as channel length and oxide thickness, that happens during IC manufacturing.
2It is the variation of circuit operating environments, such as temperature and supply voltage, while the circuit is working.
3One path starts from a primary input or flip-flop and ends to a primary output or flip-flop.
Rights and permissions
About this article
Cite this article
Nejat, A., Hely, D. & Beroulle, V. ESCALATION: Leveraging Logic Masking to Facilitate Path-Delay-Based Hardware Trojan Detection Methods. J Hardw Syst Secur 2, 83–96 (2018). https://doi.org/10.1007/s41635-018-0033-6
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s41635-018-0033-6