How Secure Are Printed Circuit Boards Against Trojan Attacks?

摘要

Hardware Trojan attacks at the integrated circuit (IC) level have been studied extensively in recent times. Researchers have analyzed the impact of these attacks and explored possible countermeasures for ICs. However, vulnerability with respect to hardware Trojan attacks at higher levels of system abstraction, e.g., at printed circuit board (PCB) level, have not been reported earlier. Previous studies have covered security of PCBs against piracy and various post-fabrication tampering attacks. JTAG (Joint Test Access Group) and other field programmability features, e.g., probe pins, unused sockets and USB have been extensively exploited by hackers to gain access to internal features of the designs as well as snooping of secret key, collection of test responses, and manipulating JTAG test pins. One instance demonstrated that Xbox can be hacked by disabling the Digital Rights Management (DRM) policy using JTAG. The emerging business model of PCB design and fabrication that favors extensive outsourcing and integration of untrusted components/entities in the PCB life-cycle to lower manufacturing cost, makes hardware Trojan attacks in PCBs highly feasible.