1 / 16

Towards Trojan-Free Trusted ICs: Problem Analysis and Detection Scheme

Towards Trojan-Free Trusted ICs: Problem Analysis and Detection Scheme. Han- yee Kim. About paper. Published in: DATE `08 (Design, Automation and Test in Europe, 2008) Author (Case Western Reserve University) Francis Wolff Chris Papachristou Swarup Bhunia Rajat S. Chakraborty.

hieu
Download Presentation

Towards Trojan-Free Trusted ICs: Problem Analysis and Detection Scheme

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Towards Trojan-Free Trusted ICs: Problem Analysis and Detection Scheme Han-yee Kim

  2. About paper • Published in: DATE `08 (Design, Automation and Test in Europe, 2008) • Author (Case Western Reserve University) • Francis Wolff • Chris Papachristou • SwarupBhunia • Rajat S. Chakraborty

  3. Abstract • Trojan issue has been raised recently due to outsourcing of the chip manufacturing processes. • Trojan is triggered by a rare value or time event. • Trojan may not be easily detected by functional or ATPC testing. • Paper is based on frequency analysis under rare trigger values. • Paper provides procedures to generate input trigger vectors and Trojan test vectors to detect Trojan effects. ATPC: Automatic Test Pattern Generation

  4. Introduction I • For a Trojan circuit to be effective, from the attacker’s viewpoint. • It should be triggered under are events or conditions. • It should not be easily detected by regular testing, both functional and ATPG. • There are two aspects in the Trojan mechanism • Input trigger • Output Payload

  5. Introduction II • There are three categories of Trojan triggering • Rare value triggered (The focus of this paper) • Time-triggered • Both time and value triggered

  6. Trojan Example and Taxonomy I • Trojan • Triggering: monitors a set of q-external inputs (q-trigger) • Payload activation logic: less observable • In order to evade detection during chip testing, the triggering logic can exploit the test enable (TE) control line to disable the Trojan. • Scan-chain is not perfect in this way; • Once triggering has occurred, the Trojan becomes activated and delivers a payload to p-external circuit nodes

  7. Trojan Example and Taxonomy II • The payload can be either destructive or non-destructive. • A destructive situation would be to enable the memory write signal. • A non-destructive case would be to enable super-user privilege mode while in normal user mode.

  8. Trojan Example and Taxonomy III • Figure 2 (a) shows the designer’s intention of waking-up a powered down circuit when a interrupt occurs. • In Figure 2 (b), the hacked circuit of 2 (a), uses the missing test case of {00} to modify the truth table of the AND gate. • Payload results in consuming excessive battery energy by preventing the circuit from going to sleep mode.

  9. Trojan Example and Taxonomy IV • The Time Bomb increases the number of exhaustive test vectors from to where k is unknown. • The detection problem is decidable but NP-complete. • An extension of the rare value is a rare sequence of values in which a particular ordered sequence of rare values triggers the Trojan circuit.

  10. Trojan Example and Taxonomy V • In general, Trojan circuits can be classified by the nature of their trigger and payload mechanisms, as shown in Fig. 4. • Asynchronous designs are more difficult to detect, consuming power only when they change state.

  11. Trojan Detection Approach I • Trigger inputs and payload outputs • Attach: connecting the Trojan inputs to circuit edges • Stitch: breaking one edge then feeding the left end to the Trojan input and the right end to the Trojan output.

  12. Trojan Detection Approach II • : frequency of occurrence of the trigger value under all possible vectors at the circuit input • should be very small, possibly 1 but >1 • Trigger vector: primary input vector that triggers a Trojan • Trojan test vector: trigger vector that propagates the payload to the circuit output • The set of Trojan test vectors is a subset of the set of trigger vectors.

  13. Trojan Detection Approach III • The problem is to find Trojan test vectors that can detect all Trojan effects triggered by rare values. • The rules are, • Assuming Trojans with q-inputs and a threshold of trigger frequency (rule 1) • Attach target are all combinations of q-edges that attain one or more bit-values with frequency (rule 2) • The paper propose to handle the Trojan threat with two rules.

  14. Trojan Detection Approach IV • At the end of the Trojan target analysis procedure • 1) A set of Q targets to attach q-input Trojans • 2) A set of P of target edges to stitch q-input Trojans • 3) The trigger values and frequencies of each of the Q x P possible Trojan circuits • 4) The input trigger vectors associated with the trigger values for the Trojans

  15. Result I • To validate methods, experiments are executed with ISCAS85 benchmarks. • Column 2 is the number of primary inputs for each of the ISCAS85. • Column 3 is the number of ATPG vectors that were generated by Synopsys Tetramax. • Column 4 shows the Tetramax trigger vector coverage percentage of column three for q=2 and trigger frequency threshold of one.

  16. Result II • Column 5 is the number of primary input trigger vectors which trigger the Trojan based on random sampling. • The last column(6) is the number of escape vectors which is the number of addition vectors needed to cover the next threshold level of two.

More Related