Reference-free Hardware Trojan Detection in Manufactured Chips using Machine Learning-based Side channel Analyses

Abstract

Economical constraints propel the horizontal integrated circuit (IC) design flow which has brought considerable security concerns regarding the trustworthiness of ICs. Malicious modification of ICs referred to as a hardware Trojan (HT), may intervene in the normal operations of an IC or leak security-sensitive information of the IC. The ICs# trustworthiness model is adopting a zero-trust threat model as there are extensive opportunities for untrusted entities across the IC design flow to tamper with ICs. While considerable research has focused on detecting HTs after IC manufacturing, there exist outstanding challenges to adopting existing techniques. Assuming the existence of known good ICs as the reference model is one of the major limitations of existing techniques. Furthermore,many of these techniques require expensive equipment that might not be affordable by most companies. Demand for security experts who understand hardware Trojans and attack models and hold a deep knowledge ofproposed techniques is another matter. In addition, developing security metrics related to hardware Trojans for manufactured ICs has not effectively been addressed. Based on the PI#s research experience in tamper detection in IC before manufacturing, The PI has recently developed scalable solutions through a combination of testing techniques for IC designs and unsupervised machine learning algorithms. The experimental results showed a linear relationship between evaluation time and the size of the circuit with a false positive rate of 3%, on average. The PI proposes to leveragehis existing expertise to detect tampered manufactured ICs before and after deployment. In this proposal, the PI offers two research thrusts for detecting HTs in manufactured ICs treated as black boxes: (1) the detection of malicious manufactured hardware components before deploying the components (i.e., offline detection) and (2) the detection of malicious manufactured hardware components after their deployment (i.e., online detection). In offline detection, an IC under test operates in a controlled environment under different operating points (e.g., low and high voltage levels or high and low clock frequencies) and/or under different workloads (e.g., executing different programs). As the manufactured IC is treated as a black box and we assume the lack of any known good IC as a reference model, the IC itself is used as its own reference model. To perform the offline HT detection, IC#s side-channel traces are recorded, analyzed, and compared against the statistics of its own past side-channel traces. Any considerable deviation from the expected norm flags the device as a suspicious malicious hardware component. In online detection, a monitoring system is developed to measure and record side-channel signals of an operating component. Because embedded systems deliver limited defined tasks, it is possible to detect malicious activities by comparing the side-channel signals of a device against itself over different time intervals. Each research thrust consists of three main tasks: (a) developing effective unsupervised machine learning models to address various attack models over the horizontal IC design flow, (b) performing multi-vector side-channel signal analyses, and (c) introducing security metrics to determine the level of trust in a black-box manufactured IC. The outcomes of this proposal leverage DoD capabilitiesby providing tools to rank the security of ICs used in critical systems and delivering effective and efficient offline and online HT detection techniques.

Document Details

Document Type

DoD Grant Award

Publication Date

Jan 12, 2023

Source ID

N000142312131

Entities

Tags