Biblio
Cyber physical systems (CPS) is a dominant technology in today's world due to its vast variety of applications. But in recent times, the alarmingly increasing breach of privacy and security in CPS is a matter of grave concern. Security and trust of CPS has become the need of the hour. Hardware Trojans are one such a malicious attack which compromises on the security of the CPS by changing its functionality or denial of services or leaking important information. This paper proposes the detection of Hardware Trojans at the system level in AES-256 decryption algorithm implemented in Atmel XMega Controller (Target Board) using a combination of side-channel power analysis and machine learning. Power analysis is done with help of ChipWhisperer-Lite board. The power traces of the golden algorithm (Hardware Trojan free) and Hardware Trojan infected algorithms are obtained and used to train the machine learning model using the 80/20 rule. The proposed machine learning model obtained an accuracy of 97%-100% for all the Trojans inserted.
The high penetration of third-party intellectual property (3PIP) brings a high risk of malicious inclusions and data leakage in products due to the planted hardware Trojans, and system level security constraints have recently been proposed for MPSoCs protection against hardware Trojans. However, secret communication still can be established in the context of the proposed security constraints, and thus, another type of security constraints is also introduced to fully prevent such malicious inclusions. In addition, fulfilling the security constraints incurs serious overhead of schedule length, and a two-stage performance-constrained task scheduling algorithm is then proposed to maintain most of the security constraints. In the first stage, the schedule length is iteratively reduced by assigning sets of adjacent tasks into the same core after calculating the maximum weight independent set of a graph consisting of all timing critical paths. In the second stage, tasks are assigned to proper IP vendors and scheduled to time periods with a minimization of cores required. The experimental results show that our work reduces the schedule length of a task graph, while only a small number of security constraints are violated.
The design of modern computer hardware heavily relies on third-party intellectual property (IP) cores, which may contain malicious hardware Trojans that could be exploited by an adversary to leak secret information or take control of the system. Existing hardware Trojan detection methods either require a golden reference design for comparison or extensive functional testing to identify suspicious signals. In this paper, we propose a new formal verification method to verify the security of hardware designs. The proposed solution formalizes fine grained gate level information flow model for proving security properties of hardware designs in the Coq theorem prover environment. Compare with existing register transfer level (RTL) information flow security models, our model only needs to translate a small number of logic primitives to their formal representations without the need of supporting the rich RTL HDL semantics or dealing with complex conditional branch or loop structures. As a result, a gate level information flow model can be created at much lower complexity while achieving significantly higher precision in modeling the security behavior of hardware designs. We use the AES-T1700 benchmark from Trust-HUB to demonstrate the effectiveness of our solution. Experimental results show that our method can detect and pinpoint the Trojan.