Abstract
Malicious modification of hardware in untrusted fabrication facilities, referred to as hardware Trojan, has emerged as a major security concern. Comprehensive detection of these Trojans during post-manufacturing test has been shown to be extremely difficult. Hence, it is important to develop design techniques that provide effective countermeasures against hardware Trojans by either preventing Trojan attacks or facilitating detection during test. Obfuscation is a technique that is conventionally employed to prevent piracy of software and hardware intellectual property (IP). In this work, we propose a novel application of key-based circuit structure and functionality obfuscation to achieve protection against hardware Trojans triggered by rare internal circuit conditions. The proposed obfuscation scheme is based on judicious modification of the state transition function, which creates two distinct functional modes: normal and obfuscated. A circuit transitions from the obfuscated to the normal mode only upon application of a specific input sequence, which defines the key. We show that it provides security against Trojan attacks in two ways: (1) it makes some inserted Trojans benign, i.e. they become effective only in the obfuscated mode; and (2) it prevents an adversary from exploiting the true rare events in a circuit to insert hard-to-detect Trojans. The proposed design methodology can thus achieve simultaneous protection from hardware Trojans and hardware IP piracy. Besides protecting ICs against Trojan attacks in foundry, we show that it can also protect against malicious modifications by untrusted computer-aided design (CAD) tools in both SoC and FPGA design flows. Simulation results for a set of benchmark circuits show that the scheme is capable of achieving high levels of security against Trojan attacks at modest area, power and delay overhead.
Similar content being viewed by others
References
Aarestad J, Acharyya D, Rad R, Plusquellic J (2010) Detecting Trojans through leakage current analysis using multiple supply pad. IEEE Trans Inf Forensics Secur 5(4):893–904
Adee S (2008) The hunt for the kill switch. IEEE Spectrum 45(5):34–39
Agrawal D, Baktir S, Karakoyunlu D, Rohatgi P, Sunar B (2007) Trojan detection using IC fingerprinting. In: IEEE symposium on security and privacy
Alkabani Y, Koushanfar F (2007) Active hardware metering for intellectual property protection and security. In: USENIX security symposium
Alkabani Y, Koushanfar F (2009) Consistency-based characterization for hardware Trojan detection. In: International conference on CAD
Alkabani Y, Koushanfar F, Potkonjak M (2007) Remote activation of ICs for piracy prevention and digital right management. In: International conference on CAD
Banga M, Hsiao MS (2008) A region based approach for the identification of hardware Trojans. In: International workshop on hardware-oriented security and trust
Barak B, Goldreich O, Impagliazzo R, Rudich S, Sahai A, Vadhan SP, Yang K (2001) On the (im)possibility of obfuscating programs. In: Cryptology conference on advances in cryptology
Brzozowski M, YarmolikVN (2007) Obfuscation as intellectual rights protection in VHDL language. In: CISIM
Chakraborty RS, Bhunia S (2009) HARPOON: an obfuscation-based SoC design methodology for hardware protection. IEEE Trans CAD 28(10):1493–1502
Chakraborty RS, Bhunia S (2011) RTL hardware IP protection using key-based control and data flow obfuscation. In: International conference on VLSI design
Chakraborty RS, Paul S, Bhunia S (2008) On-demand transparency for improving hardware Trojan detectability. In: International workshop on hardware-oriented security and trust
Chakraborty RS, Wolff F, Paul S, Papachristou C, Bhunia S (2009) MERO: a statistical approach for hardware Trojan detection. Lect Notes Comput Sci 5747:396–410
Chou T, Roy K (1996) Accurate power estimation of CMOS sequential circuits. IEEE Trans VLSI 4(3):369–380
DARPA BAA06-40. TRUST for integrated circuits. [Online]. Available: http://www.darpa.mil/BAA/BAA06-40mod1/html
Du D, Narasimhan S, Chakraborty RS, Bhunia S (2010) Self–referencing: a scalable side-channel approach for hardware Trojan detection. In: Workshop on cryptographic hardware and embedded systems
Interra Systems, Concorde-Fast Synthesis. [Online]. Available: http://www.interrasystems.com/eda/eda_concorde.php
Jin Y, Makris Y (2008) Hardware Trojan detection using path delay fingerprint. In: International workshop on hardware-oriented security and trust
Jin Y, Kupp N, Makris Y (2009) Experiences in hardware Trojan design and implementation. In: International workshop on hardware-oriented security and trust
Kim L-W, Villasenor JD, Koc CK (2009) A Trojan-resistant system-on-chip bus architecture. In: MILCOM
Koushanfar F (2011) Provably secure active IC metering techniques for piracy avoidance and digital rights management. IEEE Trans Inf Forensics Secur (early access)
Koushanfar F, Mirhoseini A, Alkabani Y (2010) A unified submodular framework for multimodal IC Trojan detection. In: International conference on information hiding
Lin L, Burleson W, Parr C (2009) MOLES: malicious off-chip leakage enabled by side-channels. In: International conference on CAD
Lynn B, Prabhakaran M, Sahai A (2004) Positive results and techniques for obfuscation. In: International conference on the theory and applications of cryptographic techniques
Najm FN (1993) Transition density: a new measure of activity in digital circuits. IEEE Trans CAD 14(2):310–323
Narasimhan S, Du D, Chakraborty RS, Paul S, Wolff F, Papachristou C, Roy K, Bhunia S (2010) Multiple-parameter side-channel analysis: a non-invasive hardware Trojan detection approach. In: International symposium on hardware-oriented security and trust
Oliveira AL (1999) Watermarking-based copyright protection of sequential functions. In: Design automation conference
Potkonjak M, Nahapetian A, Nelson M, Massey T (2009) Hardware Trojan horse detection using gate-level characterization. In: Design automation conference
Rad RM, Wang X, Tehranipoor M, Plusquellic J (2008) Power supply signal calibration techniques for improving detection resolution to hardware Trojans. In: International conference on CAD
Ravi S, Raghunathan A, Chakradhar S (2004) Tamper resistance mechanisms for secure embedded systems. In: VLSI design
Roy JA, Kaushanfar F, Markov IL (2008) Circuit CAD tools as a security threat. In: International workshop on hardware-oriented security and trust
Roy JA, Koushanfar F, Markov IL (2008) EPIC: ending piracy of integrated circuits. In: Design, automation and test in Europe
Tehranipoor M, Koushanfar F (2010) A survey of hardware Trojan taxonomy and detection. IEEE Des Test Comput 27(1):10–25
Thicket™ family of source code obfuscators. [Online]. Available: http://www.semdesigns.com
Torunoglu I, Charbon E (2000) Watermarking-based copyright protection of sequential functions. IEEE J Solid-State Circuits 35(3):434–440
Wang C, Davidson J, Hill J, Knight J (2001) Protection of software-based survivability mechanisms. In: International conference on dependable systems and networks
Wolff F, Papachristou C, Bhunia S, Chakraborty RS (2008) Towards Trojan-free trusted ICs: problem analysis and detection scheme. In: Design, automation and test in Europe
Xakellis MG, Najm FN (1994) Statistical estimation of the switching activity in digital circuits. In: Design automation conference
Yotsuyanagi H, Kinoshita K (1998) Undetectable fault removal of sequential circuits based on unreachable states. In: VLSI test symposium
Yuan L, Qu G (2004) Information hiding in finite state machine. Lect Notes Comput Sci 3200:340–354
Author information
Authors and Affiliations
Corresponding author
Additional information
Responsible Editor: S. T. Chakradhar
A preliminary version of this work has been published in the International Conference on Computer Aided Design (ICCAD), 2009.
Rights and permissions
About this article
Cite this article
Chakraborty, R.S., Bhunia, S. Security Against Hardware Trojan Attacks Using Key-Based Design Obfuscation. J Electron Test 27, 767–785 (2011). https://doi.org/10.1007/s10836-011-5255-2
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10836-011-5255-2