Abstract
A Hardware Trojan is a malicious addition or modification of an integrated circuit (IC) which could be inserted at arbitrary stages in the design and fabrication cycle to compromise the security of the entire system. In this chapter, readers will gain hands-on experience in the hardware Trojan insertion. Readers will learn how a typical hardware Trojan-inserted AES (advanced encryption standard) cryptographic implementation is implemented at RTL (register-transfer level) and triggered through bitstream tampering on an FPGA platform. Also, we demonstrate how to detect the malicious functionality with security property verification methods and present approaches to insert and detect malicious logics on an FPGA device, respectively.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ahmed, B., Bepary, M.K., Pundir, N., Borza, M., Raikhman, O., Garg, A., Donchin, D., Cron, A., Abdel-moneum, M.A., Farahmandi, F., et al.: Quantifiable assurance: from IPs to platforms (2022). arXiv preprint arXiv:2204.07909
Anandakumar, N.N., Rahman, M.S., Rahman, M.M.M., Kibria, R., Das, U., Farahmandi, F., Rahman, F., Tehranipoor, M.M.: Rethinking watermark: providing proof of IP ownership in modern SoCs (2022). Cryptology ePrint Archive
Benz, F., Seffrin, A., Huss, S.A. Bil: a tool-chain for bitstream reverse-engineering. In: 22nd International Conference on Field Programmable Logic and Applications (FPL), pp. 735–738. IEEE, Piscataway (2012)
Bhunia, S., Tehranipoor, M.: Hardware Security: A Hands-on Learning Approach. Morgan Kaufmann, Los Altos (2018)
Chakraborty, R.S., Saha, I., Palchaudhuri, A., Naik, G.K.: Hardware trojan insertion by direct modification of FPGA configuration bitstream. IEEE Design Test 30(2), 45–54 (2013)
Churiwala, S., Hyderabad, I. (2017). Designing with xilinx® FPGAS. In: Circuits &Systems. Springer, Berlin (2017)
Ender, M., Swierczynski, P., Wallat, S., Wilhelm, M., Knopp, P.M., Paar, C.: Insights into the mind of a trojan designer: the challenge to integrate a trojan into the bitstream. In: Proceedings of the 24th Asia and South Pacific Design Automation Conference, pp. 112–119 (2019)
Ender, M., Moradi, A., Paar, C.: The unpatchable silicon: a full break of the bitstream encryption of xilinx 7-series {FPGAs}. In: 29th USENIX Security Symposium (USENIX Security 20), pp. 1803–1819 (2020)
Farahmandi, F., Huang, Y., Mishra, P.: Trojan localization using symbolic algebra. In 2017 22nd Asia and South Pacific Design Automation Conference (ASP-DAC), pp. 591–597. IEEE, Piscataway (2017)
Gören, S., Ozkurt, O., Yildiz, A., Ugurdag, H.F.: FPGA bitstream protection with PUFs, obfuscation, and multi-boot. In: 6th International Workshop on Reconfigurable Communication-Centric Systems-on-Chip (ReCoSoC), pp. 1–2. IEEE, Piscataway (2011)
Giri, N., Anandakumar, N.N.: Design and analysis of hardware Trojan threats in reconfigurable hardware. In: 2020 Inter. Conf. on Emerging Trends in Infor. Tech. and Engineering (IC-ETITE), pp. 1–5. IEEE, Piscataway (2020)
Guin, U., Asadizanjani, N., Tehranipoor, M.: Standards for hardware security. GetMobile: Mobile Comput. Commun. 23(1), 5–9 (2019)
Kelly, S., Zhang, X., Tehranipoor, M., Ferraiuolo, A.: Detecting hardware Trojans using on-chip sensors in an ASIC design. J. Electron. Testing 31(1), 11–26 (2015)
Li, M., Davoodi, A., Tehranipoor, M.: A sensor-assisted self-authentication framework for hardware Trojan detection. In: 2012 Design, Automation & Test in Europe Conference & Exhibition (DATE), pp. 1331–1336. IEEE, Piscataway (2012)
Lin, L., Burleson, W., Paar, C.: Moles: malicious off-chip leakage enabled by side-channels. In: 2009 IEEE/ACM International Conference on Computer-Aided Design-Digest of Technical Papers, pp. 117–122. IEEE, Piscataway (2009)
Manivannan, S., Anandakumar, N.N., Nirmala Devi, M.: Key retrieval from AES architecture through hardware Trojan horse. In: International Symposium on Security in Computing and Communication, pp. 483–494 (2018)
Mehta, D., Lu, H., Paradis, O.P., MS, M.A., Rahman, M.T., Iskander, Y., Chawla, P., Woodard, D.L., Tehranipoor, M., Asadizanjani, N.: The big hack explained: detection and prevention of PCB supply chain implants. ACM J. Emerg. Technol. Comput. Syst. 16(4), 1–25 (2020)
Rahman, M.T., Rahman, M.S., Wang, H., Tajik, S., Khalil, W., Farahmandi, F., Forte, D., Asadizanjani, N., Tehranipoor, M.: Defense-in-depth: a recipe for logic locking to prevail. Integration 72, 39–57 (2020)
Salmani, H., Tehranipoor, M., Karri, R.: On design vulnerability analysis and trust benchmarks development. In: 2013 IEEE 31st International Conference on Computer Design (ICCD), pp. 471–474. IEEE, Piscataway (2013)
Samokhvalov, Y., Toliupa, S., Buchyk, S., Shtanenko, S.: Design of robotic systems in the basis of Sapr Intel Quartus Prime. In: 2021 IEEE 3rd International Conference on Advanced Trends in Information Theory (ATIT), pp. 179–183. IEEE, Piscataway (2021)
Swierczynski, P., Becker, G.T., Moradi, A., Paar, C.: Bitstream fault injections (BiFI)–automated fault attacks against SRAM-based FPGAs. IEEE Trans. Comput. 67(3), 348–360 (2017)
Tehranipoor, M., Koushanfar, F.: A survey of hardware trojan taxonomy and detection. IEEE Design Test Comput. 27(1), 10–25 (2010)
Tehranipoor, M., Wang, C.: Introduction to Hardware Security and Trust. Springer, Berlin (2011)
Wang, X., Narasimhan, S., Krishna, A., Mal-Sarkar, T., Bhunia, S.: Sequential hardware trojan: Side-channel aware design and placement. In: 2011 IEEE 29th International Conference on Computer Design (ICCD), pp. 297–300. IEEE, Piscataway (2011)
Wang, H., Shi, Q., Nahiyan, A., Forte, D., Tehranipoor, M.M.: A physical design flow against front-side probing attacks by internal shielding. IEEE Trans. Comput.-Aided Design Integr. Circuits Syst. 39(10), 2152–2165 (2019)
Xiao, K., Forte, D., Jin, Y., Karri, R., Bhunia, S., Tehranipoor, M.: Hardware Trojans: lessons learned after one decade of research. ACM Trans. Design Autom. Electron. Syst. 22(1), 1–23 (2016)
Xilinx, I: 7 series FPGAs configuration user guide (UG470) (2018). https://www.xilinx.com/support/documentation/user_guides/ug470_7Series_Config.pdf
Yang, K., Hicks, M., Dong, Q., Austin, T., Sylvester, D.: A2: analog malicious hardware. In: 2016 IEEE Symposium on Security and Privacy (SP), pp. 18–37. IEEE, Piscataway (2016)
Zhang, T., Wang, J., Guo, S., Chen, Z.: A comprehensive FPGA reverse engineering tool-chain: from bitstream to RTL code. IEEE Access 7, 38379–38389 (2019)
Author information
Authors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this chapter
Cite this chapter
Tehranipoor, M., Nalla Anandakumar, N., Farahmandi, F. (2023). Hardware Trojan Insertion. In: Hardware Security Training, Hands-on!. Springer, Cham. https://doi.org/10.1007/978-3-031-31034-8_5
Download citation
DOI: https://doi.org/10.1007/978-3-031-31034-8_5
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-31033-1
Online ISBN: 978-3-031-31034-8
eBook Packages: EngineeringEngineering (R0)