Runtime Identification of Hardware Trojans by Feature Analysis on Gate-Level Unstructured Data and Anomaly Detection

摘要

As the globalization of chip design and manufacturing process becomes popular, malicious hardware inclusions such as hardware Trojans pose a serious threat to the security of digital systems. Advanced Trojans can mask many architectural-level Trojan signatures and adapt against several detection mechanisms. Runtime Trojan detection techniques are considered as a last line of defense against Trojan inclusion and activation. In this article, we propose an offline analysis to select a subset of flip-flops as surrogates and build an anomaly detectionmodel based on the activity profile of flip-flops. These flip-flops are monitored online, and the anomaly detection model implemented online analyzes the flip-flop data to detect any anomalous Trojan activity. The effectiveness of our approach has been tested on several Trojan-inserted designs of the Leon3 processor. Trojan activation is detected with an accuracy score of above 0.9 (ratio of the number of true predictions to total number of predictions) with no false positives by monitoring less than 0.5% of the total number of flip-flops.