Proof-Carrying Hardware Versus the Stealthy Malicious LUT Hardware Trojan

  • Qazi Arbab AhmedEmail author
  • Tobias Wiersema
  • Marco Platzner
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11444)


Reconfigurable hardware has received considerable attention as a platform that enables dynamic hardware updates and thus is able to adapt new configurations at runtime. However, due to their dynamic nature, e.g., field-programmable gate arrays (FPGA) are subject to a constant possibility of attacks, since each new configuration might be compromised. Trojans for reconfigurable hardware that evade state-of-the-art detection techniques and even formal verification, are thus a large threat to these devices. One such stealthy hardware Trojan, that is inserted and activated in two stages by compromised electronic design automation (EDA) tools, has recently been presented and shown to evade all forms of classical pre-configuration detection techniques. This paper presents a successful pre-configuration countermeasure against this “Malicious Look-up-table (LUT)”-hardware Trojan, by employing bitstream-level Proof-Carrying Hardware (PCH). We show that the method is able to alert innocent module creators to infected EDA tools, and to prohibit malicious ones to sell infected modules to unsuspecting customers.


  1. 1.
    Lattice semiconductor. Accessed 21 Nov 2018
  2. 2.
    Bhunia, S., Hsiao, M.S., Banga, M., Narasimhan, S.: Hardware trojan attacks: threat analysis and countermeasures. Proc. IEEE 102(8), 1229–1247 (2014). Scholar
  3. 3.
    Chakraborty, R.S., Saha, I., Palchaudhuri, A., Naik, G.K.: Hardware trojan insertion by direct modification of FPGA configuration bitstream. IEEE Des. Test 30(2), 45–54 (2013). Scholar
  4. 4.
    Drzevitzky, S., Kastens, U., Platzner, M.: Proof-carrying hardware: towards runtime verification of reconfigurable modules. In: 2009 International Conference on Reconfigurable Computing and FPGAs, pp. 189–194. IEEE, December 2009.
  5. 5.
    Haroldsen, T., Nelson, B., Hutchings, B.: RapidSmith 2: a framework for BEL-level CAD exploration on xilinx FPGAs. In: Proceedings of the 2015 ACM/SIGDA International Symposium on Field-Programmable Gate Arrays, pp. 66–69. FPGA 2015, ACM (2015).
  6. 6.
    Hicks, M., Finnicum, M., King, S.T., Martin, M.M.K., Smith, J.M.: Overcoming an untrusted computing base: detecting and removing malicious hardware automatically. In: 2010 IEEE Symposium on Security and Privacy, pp. 159–172. IEEE, May 2010.
  7. 7.
    Isenberg, T., Platzner, M., Wehrheim, H., Wiersema, T.: Proof-carrying hardware via inductive invariants. ACM Trans. Des. Autom. Electron. Syst. 22(4), 61:11–61:123 (2017). Scholar
  8. 8.
    Krieg, C., Wolf, C., Jantsch, A.: Malicious LUT: a stealthy FPGA trojan injected and triggered by the design flow. In: 2016 IEEE/ACM International Conference on Computer-Aided Design (ICCAD), pp. 1–8. IEEE, November 2016.
  9. 9.
    Peikari, C., Chuvakin, A.: Security Warrior. O’Reilly & Associates Inc., Sebastopol (2004)Google Scholar
  10. 10.
    Seed, C.: Arachne-pnr. Accessed 15 Nov 2018
  11. 11.
    Wiersema, T., Drzevitzky, S., Platzner, M.: Memory security in reconfigurable computers: combining formal verification with monitoring. In: International Conference on Field-Programmable Technology (FPT 2014), pp. 167–174. IEEE (2014).
  12. 12.
    Wolf, C., Lasser, M.: Project icestorm.
  13. 13.
    Xiao, K., Forte, D., Jin, Y., Karri, R., Bhunia, S., Tehranipoor, M.: Hardware trojans: lessons learned after one decade of research. ACM Trans. Des. Autom. Electron. Syst. 22(1), 6:1–6:23 (2016). Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Paderborn UniversityPaderbornGermany

Personalised recommendations