Description
The metric used in our framework is a vector-based comprehensive coverage metric that quantifies the overall trust of an IP considering both vulnerabilities and direct malicious modifications. We use a variable weighted sum of a design’s functional coverage, structural coverage, and asset coverage to assess an IP’s integrity. Designers can also effectively use our trust metric to compare the relative trustworthiness of functionally equivalent third-party IPs.
Related Tools
Publications
Cruz, Jonathan; Mishra, Prabhat; Bhunia, Swarup
The Metric Matters: The Art of Measuring Trust in Electronics Proceedings Article
In: Proceedings of the 56th Annual Design Automation Conference 2019, Association for Computing Machinery, Las Vegas, NV, USA, 2019, ISBN: 9781450367257.
@inproceedings{10.1145/3316781.3323488,
title = {The Metric Matters: The Art of Measuring Trust in Electronics},
author = {Jonathan Cruz and Prabhat Mishra and Swarup Bhunia},
url = {https://doi.org/10.1145/3316781.3323488},
doi = {10.1145/3316781.3323488},
isbn = {9781450367257},
year = {2019},
date = {2019-01-01},
booktitle = {Proceedings of the 56th Annual Design Automation Conference 2019},
publisher = {Association for Computing Machinery},
address = {Las Vegas, NV, USA},
series = {DAC '19},
abstract = {Electronic hardware trust is an emerging concern for all stakeholders in the semiconductor industry. Trust issues in electronic hardware span all stages of its life cycle - from creation of intellectual property (IP) blocks to manufacturing, test and deployment of hardware components and all abstraction levels - from chips to printed circuit boards (PCBs) to systems. The trust issues originate from a horizontal business model that promotes reliance of third-party untrusted facilities, tools, and IPs in the hardware life cycle. Today, designers are tasked with verifying the integrity of third-party IPs before incorporating them into system-on-chip (SoC) designs. Existing trust metric frameworks have limited applicability since they are not comprehensive. They capture only a subset of vulnerabilities such as potential vulnerabilities introduced through design mistakes and CAD tools, or quantify features in a design that target a particular Trojan model. Therefore, current practice uses ad-hoc security analysis of IP cores. In this paper, we propose a vector-based comprehensive coverage metric that quantifies the overall trust of an IP considering both vulnerabilities and direct malicious modifications. We use a variable weighted sum of a design's functional coverage, structural coverage, and asset coverage to assess an IP's integrity. Designers can also effectively use our trust metric to compare the relative trustworthiness of functionally equivalent third-party IPs. To demonstrate the applicability and usefulness of the proposed metric, we utilize our trust metric on Trojan-free and Trojan-inserted variants of an IP. Our results demonstrate that we are able to successfully distinguish between trusted and untrusted IPs.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Electronic hardware trust is an emerging concern for all stakeholders in the semiconductor industry. Trust issues in electronic hardware span all stages of its life cycle - from creation of intellectual property (IP) blocks to manufacturing, test and deployment of hardware components and all abstraction levels - from chips to printed circuit boards (PCBs) to systems. The trust issues originate from a horizontal business model that promotes reliance of third-party untrusted facilities, tools, and IPs in the hardware life cycle. Today, designers are tasked with verifying the integrity of third-party IPs before incorporating them into system-on-chip (SoC) designs. Existing trust metric frameworks have limited applicability since they are not comprehensive. They capture only a subset of vulnerabilities such as potential vulnerabilities introduced through design mistakes and CAD tools, or quantify features in a design that target a particular Trojan model. Therefore, current practice uses ad-hoc security analysis of IP cores. In this paper, we propose a vector-based comprehensive coverage metric that quantifies the overall trust of an IP considering both vulnerabilities and direct malicious modifications. We use a variable weighted sum of a design's functional coverage, structural coverage, and asset coverage to assess an IP's integrity. Designers can also effectively use our trust metric to compare the relative trustworthiness of functionally equivalent third-party IPs. To demonstrate the applicability and usefulness of the proposed metric, we utilize our trust metric on Trojan-free and Trojan-inserted variants of an IP. Our results demonstrate that we are able to successfully distinguish between trusted and untrusted IPs.
Hoque, Tamzidul; Cruz, Jonathan; Chakraborty, Prabuddha; Bhunia, Swarup
Hardware IP Trust Validation: Learn (the Untrustworthy), and Verify Proceedings Article
In: International Test Conference (ITC), ITC IEEE, 2018, ISBN: 978-1-5386-8382-8.
@inproceedings{Hoque2018,
title = {Hardware IP Trust Validation: Learn (the Untrustworthy), and Verify},
author = {Tamzidul Hoque and Jonathan Cruz and Prabuddha Chakraborty and Swarup Bhunia},
url = {https://ieeexplore.ieee.org/document/8624727},
doi = {10.1109/TEST.2018.8624727},
isbn = {978-1-5386-8382-8},
year = {2018},
date = {2018-10-26},
booktitle = {International Test Conference (ITC)},
publisher = {IEEE},
organization = {ITC},
abstract = {Increasing reliance on hardware Intellectual Property (IP) cores in modern system-on-chip (SoC) design flow, often obtained from untrusted vendors distributed across the globe, can significantly compromise the security of SoCs. While the design could be verified for a specified functionality using existing tools, it is extremely hard to verify its trustworthiness to guarantee that no hidden, and possibly malicious function exists in the form of a hardware Trojan. Conventional verification processes and tools fail to verify the trust of a third-party IP, primarily due to the lack of trusted reference design or golden models. In this paper, for the first time to our knowledge, we introduce a systematic framework to apply machine learning-based classification for hardware IP trust verification. A supervised classifier could be trained for identifying Trojan nets within a suspect IP, but the detection coverage and accuracy are extremely sensitive to the quality of training set available. Furthermore, reliance on a static training database limits the classifier's ability in detecting new Trojans and facilitates adversarial learning. The proposed framework includes a Trojan insertion tool that dynamically generates a large number of diverse implementations of Trojan classes for creating a robust training set. It is significantly more difficult for an adversary to evade our classifier using known Trojan classes since the tool dynamically samples the entire Trojan population. To further improve the efficiency of the system, we combined three machine learning models into an average probability Voting Ensemble. Our results for two broad classes of Trojan show excellent classification accuracy of 99.69% and 99.88% with F-score of 86.69% and 88.37% for sequential and combinational Trojans, respectively.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Increasing reliance on hardware Intellectual Property (IP) cores in modern system-on-chip (SoC) design flow, often obtained from untrusted vendors distributed across the globe, can significantly compromise the security of SoCs. While the design could be verified for a specified functionality using existing tools, it is extremely hard to verify its trustworthiness to guarantee that no hidden, and possibly malicious function exists in the form of a hardware Trojan. Conventional verification processes and tools fail to verify the trust of a third-party IP, primarily due to the lack of trusted reference design or golden models. In this paper, for the first time to our knowledge, we introduce a systematic framework to apply machine learning-based classification for hardware IP trust verification. A supervised classifier could be trained for identifying Trojan nets within a suspect IP, but the detection coverage and accuracy are extremely sensitive to the quality of training set available. Furthermore, reliance on a static training database limits the classifier's ability in detecting new Trojans and facilitates adversarial learning. The proposed framework includes a Trojan insertion tool that dynamically generates a large number of diverse implementations of Trojan classes for creating a robust training set. It is significantly more difficult for an adversary to evade our classifier using known Trojan classes since the tool dynamically samples the entire Trojan population. To further improve the efficiency of the system, we combined three machine learning models into an average probability Voting Ensemble. Our results for two broad classes of Trojan show excellent classification accuracy of 99.69% and 99.88% with F-score of 86.69% and 88.37% for sequential and combinational Trojans, respectively.
Chakraborty, Rajat Subhra; Wolff, Francis; Paul, Somnath; Papachristou, Christos; Bhunia, Swarup
MERO: A Statistical Approach for Hardware Trojan Detection Proceedings Article
In: Clavier, Christophe; Gaj, Kris (Ed.): Cryptographic Hardware and Embedded Systems - CHES 2009, pp. 396-410, Springer Berlin Heidelberg, Berlin, Heidelberg, 2009, ISBN: 978-3-642-04138-9.
@inproceedings{10.1007/978-3-642-04138-9_28,
title = {MERO: A Statistical Approach for Hardware Trojan Detection},
author = {Rajat Subhra Chakraborty and Francis Wolff and Somnath Paul and Christos Papachristou and Swarup Bhunia},
editor = {Christophe Clavier and Kris Gaj},
url = {https://doi.org/10.1007/978-3-642-04138-9_28},
doi = {10.1007/978-3-642-04138-9_28},
isbn = {978-3-642-04138-9},
year = {2009},
date = {2009-01-01},
booktitle = {Cryptographic Hardware and Embedded Systems - CHES 2009},
pages = {396-410},
publisher = {Springer Berlin Heidelberg},
address = {Berlin, Heidelberg},
abstract = {In order to ensure trusted in-field operation of integrated circuits, it is important to develop efficient low-cost techniques to detect malicious tampering (also referred to as Hardware Trojan) that causes undesired change in functional behavior. Conventional post- manufacturing testing, test generation algorithms and test coverage metrics cannot be readily extended to hardware Trojan detection. In this paper, we propose a test pattern generation technique based on multiple excitation of rare logic conditions at internal nodes. Such a statistical approach maximizes the probability of inserted Trojans getting triggered and detected by logic testing, while drastically reducing the number of vectors compared to a weighted random pattern based test generation. Moreover, the proposed test generation approach can be effective towards increasing the sensitivity of Trojan detection in existing side-channel approaches that monitor the impact of a Trojan circuit on power or current signature. Simulation results for a set of ISCAS benchmarks show that the proposed test generation approach can achieve comparable or better Trojan detection coverage with about 85% reduction in test length on average over random patterns.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
In order to ensure trusted in-field operation of integrated circuits, it is important to develop efficient low-cost techniques to detect malicious tampering (also referred to as Hardware Trojan) that causes undesired change in functional behavior. Conventional post- manufacturing testing, test generation algorithms and test coverage metrics cannot be readily extended to hardware Trojan detection. In this paper, we propose a test pattern generation technique based on multiple excitation of rare logic conditions at internal nodes. Such a statistical approach maximizes the probability of inserted Trojans getting triggered and detected by logic testing, while drastically reducing the number of vectors compared to a weighted random pattern based test generation. Moreover, the proposed test generation approach can be effective towards increasing the sensitivity of Trojan detection in existing side-channel approaches that monitor the impact of a Trojan circuit on power or current signature. Simulation results for a set of ISCAS benchmarks show that the proposed test generation approach can achieve comparable or better Trojan detection coverage with about 85% reduction in test length on average over random patterns.