Biblio

Recently, hardware Trojan has become a serious security concern in the integrated circuit (IC) industry. Due to the globalization of semiconductor design and fabrication processes, ICs are highly vulnerable to hardware Trojan insertion by malicious third-party vendors. Therefore, the development of effective hardware Trojan detection techniques is necessary. Testability measures have been proven to be efficient features for Trojan nets classification. However, most of the existing machine-learning-based techniques use supervised learning methods, which involve time-consuming training processes, need to deal with the class imbalance problem, and are not pragmatic in real-world situations. Furthermore, no works have explored the use of anomaly detection for hardware Trojan detection tasks. This paper proposes a semi-supervised hardware Trojan detection method at the gate level using anomaly detection. We ameliorate the existing computation of the Sandia Controllability/Observability Analysis Program (SCOAP) values by considering all types of D flip-flops and adopt semi-supervised anomaly detection techniques to detect Trojan nets. Finally, a novel topology-based location analysis is utilized to improve the detection performance. Testing on 17 Trust-Hub Trojan benchmarks, the proposed method achieves an overall 99.47% true positive rate (TPR), 99.99% true negative rate (TNR), and 99.99% accuracy.

Nowadays malicious vendors can easily insert hardware Trojans into integrated circuit chips as the entire integrated chip supply chain involves numerous design houses and manufacturers on a global scale. It is thereby becoming a necessity to expose any possible hardware Trojans, if they ever exist in a chip. A typical Trojan circuit is made of a trigger and a payload that are interconnected with a trigger net. As trigger net can be viewed as the signature of a hardware Trojan, in this paper, we propose a gate-level hardware Trojan detection method and model that can be applied to screen the entire chip for trigger nets. In specific, we extract the trigger-net features for each net from known netlists and use the machine learning method to train multiple detection models according to the trigger modes. The detection models are used to identify suspicious trigger nets from the netlist of the integrated circuit under detection, and score each net in terms of suspiciousness value. By flagging the top 2% suspicious nets with the highest suspiciousness values, we shall be able to detect majority hardware Trojans, with an average accuracy rate of 96%.