Detection of Malicious Insertions in Hardware through an Integrative Validation Approach

Integrated Circuit (IC) manufacturing has become an increasingly global process, which leads to the growing threat of hardware Trojan attacks. In the absence of a trusted supply chain model, post-manufacturing detection of hardware Trojans has gained relevance in commercial and military applications, where trusted field operation is critical. In a distributed manufacturing chain, there are several levels where Trojans can be introduced, including the RTL design, gate-level netlists, and the GDSII file. The target attack model in this work is hardware Trojans inserted in a foundry in the form of malicious modifications in the GDSII files during manufacturing process. We have attempted to detect hardware Trojans of different forms and sizes in a given design. We have employed efficient validation approaches to differentiate instances with malicious circuitry insertions from Trojan-free ones under process variations. The central idea behind our Trojan detection scheme is to integrate functional validation with side-channel analysis of two forms (considering both circuit power consumption and path delay information) in order to achieve the highest confidence. While some Trojans can be reliably detected through functional test, many evade, and need to be identified through sidechannel analysis. The paper presents our findings in detecting arbitrary Trojan instances in two designs.