IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS, VOL. 39, NO.
1, JANUARY 2020 25
PMTP: A MAX-SAT-Based Approach to Detect
Hardware Trojan Using Propagation of
Maximum Transition Probability
Ahmad Shabani and Bijan Alizadeh , Senior Member, IEEE
Abstract—Hardware Trojan attacks have emerged as a major
security issue for hardware at different level of abstractions,
which relate to malicious tampering of a hardware during design
or fabrication process. In this paper, a new low overhead and
high speed design for trust methodology for increasing both full
activation and side channel sensitivity of Trojan is proposed. The
main idea is that the increase in transition probability of individ-
ual nets does not necessarily increase the transition probability of
the succeeding nets of the circuit. Accordingly, the rules and con-
flicts of the propagation of maximum transition probability for
individual gates have been presented to ensure that a full transi-
tion path is constructed between each low transition probability
net and primary inputs of the circuit. The results show that
the proposed methodology achieves superior efficiency in Trojan
full activation by more than 4× through logic testing approach
besides higher sensitivity averagely around 20× for power-based
side channel analysis compared to existing methods.
Index Terms—Boolean satisfiability (SAT), hardware secu-
rity, hardware Trojan (HT), maximum Boolean SAT (Max-SAT)
solver, Trojan detection.
I. I NTRODUCTION
UE TO remarkable growth in globalization of inte-
D grated circuits (ICs), and widespread outsourcing of ICs
manufacturing to untrusted fabrication facilities or foundries
located across the world, a new emerging thread known
as hardware Trojan (HT) brought to light just a decade
ago [1], [2]. An adversary can introduce HTs with the aim
of causing disruption in the normal functional behavior or
leaking vital information from a chip to an unauthorized
party [3].
Over the past decade, different types of Trojan attack mod-
els and counteraction methods have been reported [2], [4].
A Trojan in its simplest form, can be mounted by incorpo-
rating two distinct parts: 1) Trigger unit and 2) the Payload.
In order to activate a Trojan, the rare triggering condition real-
ized by Trigger unit must be satisfied. The other part of Trojan
Manuscript received April 6, 2018; revised July 13, 2018 and
October 19, 2018; accepted December 13, 2018. Date of publication
December 25, 2018; date of current version December 23, 2019. This paper
was recommended by Associate Editor Y. Makris. (Corresponding author:
Bijan Alizadeh.)
The authors are with the Design, Verification and Debugging of Embedded
Systems Laboratory, School of Electrical and Computer Engineering,
College of Engineering, University of Tehran, Tehran 14399-57131, Iran
(e-mail: ah.shabani@ut.ac.ir; b.alizadeh@ut.ac.ir).
Color versions of one or more of the figures in this paper are available
online at http://ieeexplore.ieee.org.
Digital Object Identifier 10.1109/TCAD.2018.2889663
0278-0070 c 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission.
See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
thorized licensed use limited to: AMRITA VISHWA VIDYAPEETHAM AMRITA SCHOOL OF ENGINEERING. Downloaded on September 15,2021 at 06:48:00 UTC from IEEE Xplore. Restrictions app
is the malicious effect or Payload where the Trojan deviates
an internal circuit net from its desired value leading to mal-
function when the triggering condition is fulfilled [2]. Existing
nondestructive Trojan detection-based methods can be broadly
classified into logic testing and side channel analysis. In logic
testing, the underlying challenge is to satisfy the rare condi-
tion of Trigger unit besides to manifest the injected erroneous
logic by applying special test patterns [5], [6]. Meanwhile,
vast majority of researches developed till date inspect the
anomaly in the side channel parameters (e.g., delay, transient,
and leakage power) of the circuit with inserted Trojan [7], [8].
However, these approaches mainly suffer from detection inac-
curacy for Trojans with small size in the presence of process
variations.
The main concept of multiple excitation of rare occur-
rence (MERO), as a prominent approach in logic testing, is
to derive an optimal test patterns in order to activate a set of
candidate nets individually to their rare logic values multiple
times [5]. Later, Saha et al. [6] proposed an enhanced version
of MERO scheme, which in turn can more effectively activate
and propagate the malicious impact of Trojan by combining
the genetic algorithm and Boolean satisfiability (SAT) test gen-
erations. Nevertheless, these generated test patterns are only
well designed to further trigger the rare condition of Trojan’s
inputs, and have a limited applicability for side channel anal-
ysis. So, Huang et al. [8] proposed another scheme named
as MERS specially for power-based side channel aware test
generation. Another alternative to the Trojan detection meth-
ods is to employ design modification techniques to either
facilitate detection or to prevent insertion of Trojans, which
are also commonly referred as design for trust (DFT) tech-
niques. In [9] and [10], DFT schemes were developed aiming
at shortening activation generation time by inserting scan flip-
flops and multiplexers. The insertion procedure tries to ensure
that all the circuit nets are switched to a transition probabil-
ity above a threshold. However, such DFT methods introduce
large area and power overheads imposed by complex insertion
points [2].
In this paper, we develop a new low overhead and high
speed DFT methodology together with special test-vector gen-
eration to rise the transition of low controllable nets to the
maximum transition probability (MTP). The key idea relies
on the fact that recklessly increasing transition probability
of individual nets does not necessarily increase the number
of transition of the succeeding nets in logical fan-out cone.
 26 IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS, VOL. 39, NO. 1, JANUARY 2020
(a)
Fig. 1. Probability distribution versus signal probability of being “1” of fan-ins (P1a and P1b ). a) AND/NAND. b) OR/NOR. and c) XOR/XNOR.
Regarding this matter, the main contributions of this paper are
as follows.
1) The rules and conflicts of the propagation of
MTP (PMTP) for individual gates are presented in such
a way that a full transition path is constructed between
each low transition probability net and primary inputs
of the circuit during a backward process.
2) We successfully adapt the PMTP requirements to the
form of maximum Boolean SAT (Max-SAT) problem
leading to a fast and easily implemented methodology
so as to satisfy the constraints imposed by PMTP rules.
3) Besides, deterministic test generation and special inser-
tion points have been introduced ensuring that all the
nets with low transition probability below a certain
threshold are switched to the MTP.
The rest of this paper is organized as follows. The basic
concepts of the proposed methodology are presented in
Section II. Next, the proposed methodology will be discussed
in detail in Section III, which will be analyzed to extract results
in Section IV. Finally, a comprehensive conclusion will be
presented in the last section.
II. M AX SAT-BASED M ETHODOLOGY U SING PMTP
RULES AND C ONFLICTS
According to the static probability analysis, we can obtain
a signal with MTP, i.e., 0.25, only when its signal probabili-
ties being “0” and “1” are equal to 0.5. However, the transition
probability at the output of a basic gate, such as NAND and
NOR will not be maximized (close to 0.18) even when the gate
is supplied with two inputs with the MTP. As a result, reck-
lessly increasing transition probability of individual nets yields
nonmaximal or even degraded transition probability of suc-
ceeding nets in the fan-out cone. Accordingly, we will develop
the PMTP rules and conflicts to propagate maximum transi-
tion probability. Before any further explanation, let us define
some terms that are frequently used in the rest of this paper.
Definition 1 (X Net): An X net (net with X label) is a net
of the circuit which is expected to switch into MTP.
Definition 2 (Forbidden Net): A forbidden net (fn ) is a non-
X input of a basic gate (AND/NAND/OR/NOR) whose output
has been already marked by X net.
thorized licensed use limited to: AMRITA VISHWA VIDYAPEETHAM AMRITA SCHOOL OF ENGINEERING. Downloaded on September 15,2021 at 06:48:00 UTC from IEEE Xplore. Restrictions app
(b) (c)
Definition 3 (Shared Forbidden Net): A shared forbidden
net (Sf n ) is an fn which is shared by multiple basic gates.
Definition 4 [Forbidden Fan-Out (FOF) Hash]: FOF is
a hash that contains all the X fan-outs of an Sf n . In other
words, this hash receives an Sf n as its key, and generates all
the X fan-outs sharing Sf n .
A. Proposed PMTP Rules and Conflicts
In order to reach the MTP, we need to analyze the tran-
sition probability distribution at the output of basic gate as
illustrated in Fig. 1. By inspecting the probability distribution
versus signal probability of being 1 of fan-ins, we can simply
extract the required PMTP rules, as will be presented in the
following.
Rule 1: The MTP at the output of the AND/NAND gate
is when transition probability of one of its input is in the
maximum level (X net) and that of the other input (fn ) is zero
sticking at 1 (ST1), as shown in Fig. 1(a).
Rule 2: In OR/NOR gate, the MTP at the output of gate is
achieved when one of its input is in the MTP (X net), while
the other one is sticking at 0 (ST0) as shown in Fig. 1(b).
Rule 3: The MTP condition for XOR/XNOR gate can be
achieved in several controllable ways which are illustrated
in Fig. 1(c). One controllable way to reap the benefits of
the MTP in XOR/XNOR gate is to keep both its inputs
in MTP.
Rule 4: For NOT gate, the MTP condition simply requires
the MTP in its input.
It is worth mentioning that these PMTP conditions are not
singular, which means that there exist other valid combina-
tions to satisfy MTP as well. However, only the controllable
conditions have been selected as four PMTP rules. After apply-
ing PMTP rules in backward manner, there is possibility that
some nets of the circuit violate the above PMTP rules in differ-
ent forms of conflict. Thus, it is crucial to understand how to
extract these conflicts and resolve them to avoid any erroneous
transition propagation. In summary, conflicts are classified into
three different types: X, SFN, and unsatisfiability (UNSAT)
conflicts, as will be explained in the following.
Conflict 1 (X Conflict): The X conflict occurs at the output
of a basic gate only when both its inputs have X label so that
the output of gate is in the nonmaximal transition probability
 SHABANI AND ALIZADEH: MAX-SAT-BASED APPROACH TO DETECT HT USING PMTP
(a) (b)
Fig. 2. Examples of arising conflicts. a) X conflict. b) SFN conflict.
(i.e., close to 0.18) indicating violation in the first or the second
PMTP rule as shown in Fig. 2(a).
Conflict 2 (SFN Conflict): The SFN conflict occurs if
multiple basic gates with opposing PMTP requirements share
the same fn . The reason is that the gate with type AND/NAND
desires to stick the Sf n net at logic 1 based on PMTP Rule 1,
whereas the OR/NOR gate has an opposing requirement based
on PMTP Rule 2 as shown in Fig. 2(b).
Conflict 3 (UNSAT Conflict): The main objective of Max-
SAT solver is to find an optimum assignment that satisfies
all Hard clauses together with the maximum number of Soft
clauses [11]. In this paper, the required constraints related to
the PMTP rules are imposed as unit Hard clauses on Max-SAT
solver. Therefore, it is expected that some Soft constraints are
violated so that they breach the PMTP rules. This situation is
referred to as UNSAT conflict.
B. Partial Maximum Satisfiability
Propositional logic formula F can always be written in
a conjunctive normal form (CNF) as the conjunction of
clauses. Each clause of CNF comprises of some literals, where
each literal is either a variable or the negation of the variable.
Boolean SAT problem is the problem of determining a truth
assignment which guarantees all the clauses of a given CNF
to be satisfied [12]. However, in another variation, referred
to as partial Max-SAT (PM-SAT), the clauses of the instance
are separated in two parts: 1) the Soft and 2) Hard clauses.
The final solution of PM-SAT is to find an optimum truth
assignment that satisfies all the Hard clauses besides maxi-
mizing (minimizing) the number of satisfied (falsified) Soft
clauses [11], [13].
III. P ROPOSED I NTEGRATED M ETHODOLOGY
In this section, we develop the proposed DFT methodol-
ogy together with special test pattern generation so as to
increase the full activation time and side channel sensitiv-
ity (SCS) for both logic testing and side channel detection
approaches. The proposed methodology consists of three
stages: 1) X-backpropagation; 2) PM-SAT solver; and 3) con-
flict resolution steps as shown in Fig. 3.
In summary, in X-backpropagation step, circuit netlist is
analyzed to extract transition probabilities and logical depth
information. Then, the four PMTP rules are applied to the
candidate X nets of the circuit in backward manner to rise
the switching activity of the nets with transition probability
below a given threshold (Pth ) toward the MTP. Besides, exist-
ing conflicts, including X and SFN are also identified during
the backward process. In the next step, constraints related to
thorized licensed use limited to: AMRITA VISHWA VIDYAPEETHAM AMRITA SCHOOL OF ENGINEERING. Downloaded on September 15,2021 at 06:48:00 UTC from IEEE Xplore. Restrictions app
27
Fig. 3. Proposed integrated methodology using PMTP rules and conflicts.
the PMTP rules are appended to the CNF file, then updated
CNF file is given to the MAX-SAT solver. Finally, in the last
step, existing conflicts are resolved by employing special inser-
tion points in the circuit. The final outcomes of the proposed
integrated methodology are optimized test patterns generated
from MAX-SAT solver and a modified circuit netlist.
A. X-Backpropagation Stage
The main goal of X-backpropagation step is to provide
a direct full transition path between each low transition proba-
bility net and a net with the MTP which can be either a primary
input or a scan flip-flop. This approach is accomplished by
applying PMTP rules to each low transition probability net
during a backpropagation process, as described in Algorithm 1.
The algorithm is fed with the circuit netlist and a given transi-
tion probability threshold (Pth ). First of all, the circuit netlist
is analyzed to extract signal and transition probability as well
as logic depth of internal nets (line 1). Then, the nets with
transition probability below Pth threshold are identified and
initially assigned to X set (line 2). As a basic assumption,
in most of the scenarios of Trojan attacks, a careful attacker
will likely select from this initial list to employ a Trojan with
a rare triggering condition. Thus, a primary objective is to rise
the transition probability of these nets to MTP.
Before any additional process, the initial X set is sorted in
descending order of logic depth (line 3). If the gate type of
the processing X net (xi ) is AND/NAND/OR/NOR, the PMTP
Rules 1 or 2 is applied to the X net (lines 6–9). In this case, one
of the fan-ins of the gate with lower logical depth is selected
as candidate X net (Selx) and that of the other (i.e., non-X fan-
in) is defined as forbidden net (fn ) (lines 16 and 17). If the
gate type of the processing X net (xi ) is XOR/XNOR/NOT/BUF,
all the fan-ins of the gate must be selected as Selx, and there
will be no fn based on PMTP Rules 3 and 4 (lines 10–13).
Otherwise, the X net is either primary input or scan flip-flop.
These primary inputs of the circuit should be supplied by test
 28 IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS, VOL. 39, NO. 1, JANUARY 2020

Algorithm 1 X Back-Propagation Procedure

/* Generate X nets and identify existing conflicts */
Input: Circuit netlist, transition probability threshold (Pth )
Output: List of X nets (X ), list of arising conflicts (C)
1. Calculate probability & logic depth of circuit netlist.
2. Fill X with nets so that 0 < NetsProbability <= Pth
3. Sort X in descending order of logic depth.
4. Set FN ← ∅ : (FN , List of all forbidden nets)
5. Set FOF {} ← ∅ : (FOF , Forbidden fan-out hash) Fig. 4. Example of circuit showing the proposed X-backpropagation.
6. for each net xi ∈ X do
7. Switch (GateType(xi )) TABLE I
8. Case:: AND | NAND | OR | NOR then A PPLYING X-BACKPROPAGATION S TEP FOR AN E XAMPLE C IRCUIT
9. Apply Rule #1 and Rule #2
10. Case:: XOR|XNOR then
11. Apply Rule #3
12. Case:: NOT|BUF then
13. Apply Rule #4
14. Default: Null
15. end sw
16. Set Selx ← Choose selected net from above PMTP rules
17. Set fn ← Select current forbidden net, if any.
18. Update C with extracted conflicts (Algorithm 2).
19. Update FN with current forbidden net fn .
20. Update FOF {fn } with key fn and value xi . previously been selected as forbidden net, all the basic gates
21. Update X with Selx and Sort it again. with opposing requirements in PMTP rules that have shared
22. end for
this net are considered as SFN conflict (CSFN ).
Next, we will illustrate the X-backpropagation procedure
Algorithm 2 X and SFN Conflicts Extraction through a simple example as shown in Fig. 4. Assume the nets
/* Extraction of X and SFN Conflicts occurred during G13 and G14 have low transition probability for a given Pth .
X-backpropagation step */ Regarding Algorithm 1, we first fill the X set with these two
Input: Selected X net (Selx), List of forbidden nets (FN ),
Forbidden fan-out hash (FOF {}), Current forbidden net (fn ), nets and sort it in descending order of logic depth as listed in
Current X net (xi ) Table I. Then, the PMTP Rule 1 is applied to G13 of gate F so
Output: List of X-Conflicts (CX ), List of SFN-Conflicts (CSFN ) that the input with lower logic depth (G10) is selected as Selx
1. /* Extract X-conflict */ and that of the other (G12) is defined as fn . Next, the X set is
2. if Selx ∈ FN then updated with G10 and reordered again. In the next iteration,
3. for each f Of i ∈ FOF {Selx} do
4. Update CX with f Of i the PMTP Rule 2 is applied to G14, resulting in selection of
5. end for G11 as Selx and G12 as fn . Since the forbidden net G12 is
6. end if selected multiple times and the corresponding gates F and G
7. /* Extract SFN-conflict */ have opposing PMTP requirements, the SFN conflict occurs
8. if fn ∈ FN then at G14. Similarly, the same procedure will be applied to other
9. for each f Of i ∈ FOF {fn } do
10. if Type(f Of i ) has inconsistency with Type(xi ) in PMTP gates until reaching the primary inputs G3 and G4. As a result,
11. Update CSFN with f Of i the full transition paths (blue lines in Fig. 4) are constructed
12. end if between inputs G3, G4 and low transition nets G13, G14.
13. end for The time complexity of Algorithm 1 is O(N×L), where N is
14. end if the number of low transition nets and L is the number of circuit
levels. To consider the worst case, we assume that all the low
transition nets are at the highest logic depth, and the MTP
patterns with high switching activity (e.g., random test pat- paths do not have overlap in between. Also, the complexity of
terns). Next, the possibility of conflict occurrence (e.g., X Algorithms 2 and 3 is O(F) and O(N×L), respectively, where
and SFN) is examined and the corresponding conflict lists F represents the maximum fan-out of the circuit.
are updated based on the procedure presented in Algorithm 2.
Finally, the list of X nets (X ), the list of forbidden nets (FN ),
and FOF hash (FOF{}) with the key fn will be updated by B. PM-SAT Solver Stage
Selx, fn , and xi , respectively (lines 19–21). After updating the X set and identifying conflicts during
Algorithm 2 identifies the existing conflicts that violate the X-backpropagation, the constraints imposed by PMTP rules
PMTP rules. The results of the algorithm are all the conflicts are appended to the CNF file in the form of unit hard clauses,
arising during X-backpropagation step. Lines 1–6 are dedi- as described in Algorithm 3. The algorithm is fed with the
cated to extract X conflicts (CX ). If the selected X net (Selx) updated X and conflict sets. Also, the main CNF file gener-
has already been chosen as forbidden net, all the basic gates ated from the gate level netlist is required. The outputs of the
sharing Selx (all the outputs of FOF hash with Selx as key) algorithm are an updated CNF file besides a list of violated
are defined as X conflict. Lines 7–14 present the procedure of gates (D), which certainly require to be resolved by special
SFN conflict identification. If the current forbidden net (fn ) has insertion points during conflict resolution stage.

thorized licensed use limited to: AMRITA VISHWA VIDYAPEETHAM AMRITA SCHOOL OF ENGINEERING. Downloaded on September 15,2021 at 06:48:00 UTC from IEEE Xplore. Restrictions app
 SHABANI AND ALIZADEH: MAX-SAT-BASED APPROACH TO DETECT HT USING PMTP
Algorithm 3 Procedure of Updating CNF File
/* Appending PMTP constraints to CNF file */
Input: List of X nets (X ), List of conflicts (C), CNF file
Output: List of candidate insertion (D), Updated CNF file
1. Set D ← 
2. for each xi ∈ X do
3. Substitute all soft clauses of NAND/NOR/NOT/XNOR gates
with complementary clauses.
4. Write (CNF file, Unit Hard,  xi )
5. Switch (ConflictType(xi ))
6. Case:: X-Conflict|SFN-Conflict
7. Update D with xi
8. Case:: No Conflict
9. if GateType(xi ) = AND|NAND then
10. Write (CNF file, Unit Hard, NonXInp(xi ))
11. else if GateType(xi ) = OR|NOR then
12. Write (CNF file, Unit Hard,  NonXInp(xi ))
13. end if
14. end sw
15. end for
Although the PMTP rules are actually identical for a gate
and its complementary (e.g., AND and NAND), Boolean logic
propagations of those gates are not the same. Thus, we should
first substitute all soft clauses of NAND/NOR/NOT/XNOR
gates with the complementary clauses to avoid inconsistency
between PMTP and propagation of Boolean logic (line 2).
Regardless of conflict and gate types, all the X nets impose
a constraint on CNF in the form of a unit hard clause with a lit-
eral, including negation of the corresponding variable (line 4).
Later, if the gate type is AND/NAND gate and it does not
belong to any conflict lists, the non-X fan-in of the gate must
be stuck at 1 based on PMTP Rule 1. Thus, a unit hard clause
with a literal, including variable of the non-X fan-in is required
to be added to CNF file (line 10). In the case that a net belongs
to the X or SFN conflict, the net is defined as violated net and
must be resolved, thus these nets are assigned to candidate
insertion list (D). At the end, the updated CNF file is ready to
be applied to PM-SAT solver. The solver will try to generate
an optimum truth assignment that satisfies all the hard con-
straints imposed by PMTP rules. Next, we extract the UNSAT
soft clauses from CNF file and map them to the corresponding
UNSAT gates.
As mentioned in X-backpropagation stage, some of the pri-
mary inputs of the circuit are selected as random test patterns
(i.e., inputs with X label) while the rest of the inputs should
be stuck at either 1 or 0 value. The choice of sticking value
for a primary input is simply determined by inspecting truth-
values of the corresponding variable from result of MAX-SAT
solver.
C. Conflict Resolution Stage
In this stage, all the conflicts that violate the PMTP rules
(e.g., X, SFN, and UNSAT) must be resolved by employing
special insertion points. For doing so, two insertion points
of Type A and B have been introduced to impose logic
1 and 0, respectively, on special location of the circuit, as
shown in Fig. 5. All the insertion points in the circuit are
simultaneously controlled by a common control signal called
thorized licensed use limited to: AMRITA VISHWA VIDYAPEETHAM AMRITA SCHOOL OF ENGINEERING. Downloaded on September 15,2021 at 06:48:00 UTC from IEEE Xplore. Restrictions app
29
(a) (b)
Fig. 5. Special insertion points; Type A and B.
authentication enable (AE) which switches the normal func-
tional mode (AE = 0) of the circuit into authentication mode
(AE = 1).
To avoid occurrence of X conflict, based on PMTP Rule 1,
if the violated gate type is AND/NAND gate, one of the fan-
ins must stick at logic 1 by using Type A insertion. In the
same way, the X conflict at OR/NOR gate can be resolved by
using insertion point of Type B. To resolve the SFN conflict,
the insertion point of Type A is applied to the forbidden net
of the violated gate with type AND/NAND. However, if the
gate with SFN conflict is OR/NOR gate, the insertion point of
Type B is required. And finally, to resolve UNSAT conflicts,
the output of the violated gate must stick at either 1 or 0 logic
according to its truth-value which has already been determined
by PM-SAT solver.
IV. E XPERIMENTAL R ESULTS
To better analyze the prominent features of the proposed
methodology, we have implemented the entire methodology
using Perl language according to Fig. 3 and applied it to
a subset of ISCAS-85 and ISCAS-89 benchmark circuits. The
sequential circuits are converted into full scan mode. To eval-
uate transition probability of internal nets, the analysis has
been carried out by using a simulation-based approach for
a large test vectors (10 000 random tests). Moreover, an open
source PM-SAT solver called Open-WBO [13] is utilized as
our decision procedure engine.
A. Maximum Transition Probability
In the first experiment, we analyze the distribution of tran-
sition probability before and after applying the proposed
methodology. Fig. 6(a) shows the distribution of transition
probability of the nets for benchmark c7552 with Pth equal
to 0.035 before applying proposed methodology. We classified
the nets of the circuit into three categories from activity point
of view: 1) the nets with transition probability (TP) below
a given Pth (LT, green dots); 2) the nets with TP higher than
Pth (HT, blue dots); and 3) the nets with zero TP sticking at
either 0 or 1 (red dots). After applying the proposed method-
ology, all the nets related to LT list are switched to the MTP
around 0.25 while some of the HT nets are stuck to either 0
or 1 logic, and the rest of them also reach the MTP, as shown
in Fig. 6(b).
The proposed probability distribution during authentication
mode can ensure that the Trojan’s inputs, which are likely
selected among the LT nets, have MTP. However, if this
 30 IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS, VOL. 39, NO. 1, JANUARY 2020
(a) (b)
Fig. 6. Transition probability distribution; (a) before and (b) after applying
proposed methodology to c7552 circuit (Pth = 0.035).
assumption on selection of Trojan’s triggers is violated, the
mounted Trojans no longer have stealthy nature, and con-
sequently will be easily detected during post-manufacturing
tests [4]. Furthermore, a careful attacker would never mount
a Trojan by incorporating the nets with zero TP since such
a Trojan will always be either quiet or active [5].
B. Exploration of Pth Threshold
In order to explore the optimum value of Pth , there are
several parameters that should be considered. They can be
grouped into two categories of authentication and circuit
parameters. The authentication parameters mainly depend on
the Trojan detection approach which can be either logic testing
or side channel analysis, and the circuit parameters repre-
sent the circuit overheads in area and power imposed by
methodology. Assume the Trojan’s trigger is composed of all
AND/OR gates, the transition probability of Trigger output can
be expressed as (1), where n is the number of triggers and TP
represents the average transition probability of Trojan’s inputs,
respectively,
 √ n   √ n 
1 − 1 − 4TP 1 − 1 − 4TP
TPTrigger = × 1−
2 2
In the proposed methodology, all the LT nets, that are
the potential candidate for Trojan’s inputs, are switched into
MTP. Thus, the TP value in (1) is around 0.25, and TPTrigger
can be rewritten as (1/2)n − (1/2)2n . To estimate the average
number of clock cycles required to generate a transition on
Trigger
Trigger output (Tclk ), the transition probability is modeled
using geometric distribution [9], resulting in
 
−1 1 1 −1
Trigger
Nclk = TPTrigger − 1 = − 2n − 1. (2)
2n 2 the higher priority () of lower area overhead than detec-
From (2), the number of clock cycles, on overage, required
to activate a Trojan, is independent of Pth value and only
depends upon the number of Trojan’s inputs (n). So, the
authentication time of the proposed method would not be much
affected by the choice of Pth . However, the larger Pth values
ensure that the large number of LT nets are switched into MTP,
leading to more reliability in Trojan activation. Moreover, one
metric to measure the SCS is trojan to circuit activity (TCA),
which is the ratio of the Trojan activity (Tractivity ), over the
thorized licensed use limited to: AMRITA VISHWA VIDYAPEETHAM AMRITA SCHOOL OF ENGINEERING. Downloaded on September 15,2021 at 06:48:00 UTC from IEEE Xplore. Restrictions app
TABLE II
O PTIMUM PTH FOR D IFFERENT C IRCUITS W ITH α = 10%, β = 2%
TABLE III
T IME C OMPLEXITY AND C IRCUIT OVERHEADS A FTER A PPLYING THE
P ROPOSED M ETHODOLOGY U SING O PTIMUM PTH
TABLE IV
S PECIFICATION OF F OUR C OMBINATIONAL T ROJANS
total circuit activity (Cractivity ). The Tractivity is almost indepen-
dent of Pth since all the Trojan’s inputs are in the MTP level
during authentication. Nevertheless, as the Pth value increases,
the number of nets with MTP will also increase leading to
increase in Cractivity and reduction in the SCS. Moreover,
employing insertion points will increase the area and power so
they also increase with the increase in Pth value. As a result,
.
the Pth threshold should be selected as low as possible to incur
the minimum circuit overhead besides to magnify TCA param-
(1)
eter. However, a lower bound on threshold is also required to
ensure that the Trojan detection is reliable. Therefore, we sug-
gest two constraints to determine upper and lower bounds of
threshold value, termed α and β, given by the designer. The
α defines the maximum tolerable overhead in gate or power
while the β represents the percentage of circuit’s nets which
are expected to switch into MTP.
Table II lists the optimum Pth values for different circuits
by considering α = 10% and β = 2%. Unlike the upper
bound Pth (α  β), the lower bound Pth (α  β) signifies
tion reliability. In order to moderate the significance of α and
β (α <> β) constraints, we have introduced another metric,
termed LT to insertion number (LINS), which is the ability
to maximize transition of more LT nets by using less inser-
tion points. The LINS is defined as the ratio of the number
of LT nets over the number of insertion points. After specify-
ing optimum upper and lower bounds of Pth using α and β,
the third constraint is considered so that the moderated Pthm
should have the maximum LINS value as reported in Table II.
 SHABANI AND ALIZADEH: MAX-SAT-BASED APPROACH TO DETECT HT USING PMTP 31

TABLE V
T ROJAN ACTIVATION AND D ETECTION A NALYSIS B EFORE A PPLYING THE P ROPOSED M ETHODOLOGY U SING 1000 T EST PATTERNS

TABLE VI
T ROJAN ACTIVATION AND D ETECTION A NALYSIS A FTER A PPLYING THE P ROPOSED M ETHODOLOGY U SING 1000 T EST PATTERNS

TABLE VII
R ESULTS OF THE P ROPOSED M ETHODOLOGY (POC AND TCA) U SING O PTIMUM PTHM

TABLE VIII TABLE IX

C OMPARISON OF THE P ROPOSED M ETHODOLOGY IN C IRCUIT C OMPARISON OF THE P ROPOSED M ETHODOLOGY IN T ROJAN ACTIVATION
OVERHEADS AND T IME C OMPLEXITY AND D ETECTION S ENSITIVITY FOR S 5378, Pth = 0.02

Table III reports the effect of the optimum Pthm on cir-

cuit overheads after applying the proposed methodology to
different benchmarks and synthesizing with TSMC 130-nm
technology. The results imply that the gate and power over-
heads of circuits are approximately less than 10%. The only
limitation of the proposed method is high delay overhead in
some cases since we have not considered the effect of tim-
ing overhead on selection of optimum Pth . One way to avoid
such timing degradation is to skip the insertion procedure on
the critical path of the circuit since the smart attacker would
never use the nets in critical path as Trojan’s inputs [9].
C. Trojan Activation and Detection
In order to directly exhibit the superior efficiency of the
PMTP method, two different designs have been considered:
1) design without applying the proposed methodology and
2) design with applying the proposed methodology. Then, each
design has been tampered by four combinational Trojans of
different size, number of trigger, and difficulty of activation
as reported in Table IV. The difficulty of Trojan activation
is defined as the number of clock cycles required to gener-
Trigger
ate a transition at Trigger’s output (Tclk ). Meanwhile, the
Trojan’s inputs have randomly been selected with the nets hav-
ing low transition probability below Pthm . The Payload output
of a Trojan depends on values of both Trigger output and
data input. If both are the same, the result of Payload output
will be similar to its inputs; otherwise, a Payload with different
input values, assuming the Trojan is active, would result in full
activation of Trojan since the payload output change (POC)
can cause disruption in normal activity of the circuit [9].
Table V lists the transition statistics for benchmark
s5378 without applying the proposed method with 1000 ran-
dom test patterns. In this table, columns 2 and 3 indicate
the total Cractivity and the number of transition on LT list,
respectively. The number of transitions at the Trojan’s output
represents the number of times that the Trigger output can
change from dominant to nondominant value and vice versa.

thorized licensed use limited to: AMRITA VISHWA VIDYAPEETHAM AMRITA SCHOOL OF ENGINEERING. Downloaded on September 15,2021 at 06:48:00 UTC from IEEE Xplore. Restrictions app
 32 IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS, VOL. 39, NO. 1, JANUARY 2020
TABLE X
C OMPARISON OF D IFFERENT T ROJAN D ETECTION AND P REVENTION S CHEMES BASED ON DFT
The seventh column is dedicated to represent the Tractivity
which is defined as the sum of the transitions inside and at
the output of Trojan circuit. The next two columns indicate
the number of Trojan full activations (POC) and the num-
ber of average clock cycles required to generate a transition
Payload
at Trojan’s Payload (Nclk ), respectively. Finally, TCA has
been presented.
Table V shows that before applying the proposed method
none of the Trojans is fully activated (i.e., POC = 0). Next, we
apply our proposed method and test patterns to the s5378 cir-
cuit using the optimum PTH = 0.04, as shown in Table VI.
According to Table VI, the proposed method indicates the
favorable increase in LT set transitions, Trojan inputs, Trojan
output, and Trojan activity besides the reduction in the total
Cractivity , leading to remarkable increase in the TCA param-
eter. Consequently, the higher sensitivity and robustness are
achieved. Moreover, unlike the design without modification,
the proposed method can fully activate (i.e., higher POC rate)
Trojans 1, 2, and 3 around 127, 58, and 12 times, respec-
tively. It is evident from Table VI that the POC rate of
Trojan 4 (large Trojan) is still zero for 1000 test patterns.
According to Table IV, we need more than 4000 test patterns,
on average, to generate a transition at Trigger unit. However,
larger Trojans have more sensitivity through power-based side
channel approaches. More results about the POC rate and
TCA parameter have been listed in Table VII after applying the
proposed method to different benchmarks using the optimum
Pthm presented in Table II. To expose the superior efficiency
of the proposed method, we have also implemented the other
known DFT methods presented in [9] and [10] for s5378 cir-
cuit with Pth = 0.02, as reported in Table VIII. It is obvious
that the proposed method does not impose any area overhead
on flip-flops, while this overhead is around 12.84% and 10%
for design presented in [9] and [10], respectively. Besides, the
results in Table VIII show that the proposed method is far
faster than [9] and [10] by factors of 30 and 4, respectively.
To further analyze the number of full activation and
SCS, Table IX reports a relative comparison in terms of
Payload
POC, Nclk , and TCA parameters for s5378 circuit with
Pth = 0.02, and by mounting different Trojan instances.
Regarding Table IX, achieving the MTP at Trojan’s inputs
yields more transitions at Trigger’s output compared with the
other methods. As a result, the POC rate in the proposed
method indicates a favorable increase by factor of 1.9, 8.9, and
4 in comparison with [9] for Trojan 1, 2, and 3, respectively.
thorized licensed use limited to: AMRITA VISHWA VIDYAPEETHAM AMRITA SCHOOL OF ENGINEERING. Downloaded on September 15,2021 at 06:48:00 UTC from IEEE Xplore. Restrictions app
This increase is also attained by factor of 1.3, 4.4, and 2.6 in
comparison with the method presented in [10]. Moreover,
Payload
the Nclk of the proposed method is prominently reduced
around 67% and 72%, in average, compared with the methods
presented in [9] and [10], respectively, so the number of test
patterns required to detect the malicious activity of Trojan can
be significantly reduced, and the authentication time per chip is
shortened as well. In spite of the increase in Trojan activity, the
total Cractivity is significantly reduced in the proposed method-
ology so that the noticeable improvement in TCA parameter is
achieved, indicating that the proposed method is more suitable
for power-based side channel analysis.
Finally, Table X reports the comparison of different DFT
methods in terms of detection type, ATPG scheme insertion
type, complexity of insertion points, time complexity, and
area overhead. It is concluded from Tables X and VIII that
the proposed methodology incurs less area overhead in aver-
age compared to that of the other methods [9], [10], [14]–[17].
The reason behind the reduction in area is to employ insertion
points with simple complexity comprising only one AND/OR
gate. However, this requirement entails the use of more
complex and area-intensive gates (XORs), multiplexers, and
flip-flops for other existing methods [9], [10], [14]–[17], as
the area of a flip-flop is often 4 to 6 times larger than a sim-
ple AND/OR gate [17]. The average area overhead imposed
by proposed methodology after synthesizing with TSMC
130-nm technology is about 10.17%. Results of Table X
also signify that, compared to the similar detection methods
in [9], [10], and [14], our approach has lower time complex-
ity. Note that the time complexity of both [9] and [10] in
worst case is O(M 2 ), where M is the total number of cir-
cuit nets, indicating higher complexity compared to O(N × L)
in the proposed methodology. Moreover, the proposed method
leverages the Max-SAT-based ATPG to generate efficient test
patterns. Unlike random [9], [10] and weighted random [14]
ATPGs, the Max-SAT-based ATPG accompanied by PMTP
methodology can effectively relieve the stealthy nature of
Trojans by allowing the MTP to propagate from primary inputs
toward low controllable nets.
V. C ONCLUSION
In this paper, a new low area overhead and high speed
DFT methodology was proposed. In this method, the rules
and conflicts of PMTP were developed for individual gates.
 SHABANI AND ALIZADEH: MAX-SAT-BASED APPROACH TO DETECT HT USING PMTP
After satisfying PMTP rules, resolving conflicts by means of
simple insertion points, and applying the efficient test patterns
generated by Max-SAT solver, the full transition paths are con-
structed between each low transition net and primary inputs.
The results for different benchmark circuits implied that the
proposed method provides the higher full activation rate by
a factor of four, in average, through logic testing besides more
sensitivity averagely around 20× for power-based side channel
analysis.
R EFERENCES
[1] S. Bhunia, M. S. Hsiao, M. Banga, and S. Narasimhan, “Hardware
Trojan attacks: Threat analysis and countermeasures,” Proc. IEEE,
vol. 102, no. 8, pp. 1229–1247, Aug. 2014.
[2] S. Bhunia and M. M. Tehranipoor, The Hardware Trojan War: Attacks,
Myths, and Defenses. New York, NY, USA: Springer, 2017.
[3] L. Lin, W. Burleson, and C. Paar, “MOLES: Malicious off-chip leakage
enabled by side-channels,” in Proc. Int. Conf. Comput.-Aided Design,
San Jose, CA, USA, 2009, pp. 117–122.
[4] M. Tehranipoor, H. Salmani, and X. Zhang, Integrated Circuit
Authentication: Hardware Trojans and Counterfeit Detection, Cham,
Switzerland: Springer, 2014.
[5] R. S. Chakraborty, F. Wolff, S. Paul, C. Papachristou, and S. Bhunia,
“MERO: A statistical approach for hardware Trojan detection,” in
Cryptographic Hardware and Embedded Systems—CHES 2009. Berlin,
Germany: Springer, 2009, pp. 396–410.
[6] S. Saha, R. S. Chakraborty, S. S. Nuthakki, and D. Mukhopadhyay,
“Improved test pattern generation for hardware trojan detection using
genetic algorithm and Boolean satisfiability,” in Proc. Cryptograph.
Hardw. Embedded Syst., 2015, pp. 577–596.
[7] R. Rad, J. Plusquellic, and M. Tehranipoor, “A sensitivity analysis of
power signal methods for detecting hardware Trojans under real process
and environmental conditions,” IEEE Trans. Very Large Scale Integr.
(VLSI) Syst., vol. 18, no. 12, pp. 1735–1744, Dec. 2010.
[8] Y. Huang, S. Bhunia, and P. Mishra, “MERS: Statistical test generation
for side-channel analysis based Trojan detection,” in Proc. ACM Conf.
Comput. Commun. Security, Vienna, Austria, 2016, pp. 130–141.
[9] H. Salmani, M. Tehranipoor, and J. Plusquellic, “A novel technique
for improving hardware Trojan detection and reducing Trojan activa-
tion time,” IEEE Trans. Very Large Scale Integr. (VLSI) Syst., vol. 20,
no. 1, pp. 112–125, Jan. 2012.
[10] B. Zhou, W. Zhang, S. Thambipillai, and J. K. J. Teo, “A low cost
acceleration method for hardware Trojan detection based on fan-out cone
analysis,” in Proc. Int. Conf. Hardw. Softw. Codesign Syst. Synthesis,
New Delhi, India, 2014, pp. 1–10.
[11] Z. Fu and S. Malik, “On solving the partial MAX-SAT problem,” in
Proc. Int. Conf. Theory Appl. Satisfiability Test., Seattle, WA, USA,
2006, pp. 252–265.
[12] A. Biere, M. Heule, H. van Maaren, and T. Walsh, Handbook of
Satisfiability, vol. 185. Amsterdam, The Netherlands: IOS Press, 2009.
thorized licensed use limited to: AMRITA VISHWA VIDYAPEETHAM AMRITA SCHOOL OF ENGINEERING. Downloaded on September 15,2021 at 06:48:00 UTC from IEEE Xplore. Restrictions app
33
[13] R. Martins, V. Manquinho, and I. Lynce, “Open-WBO: A modular
MaxSAT solver,” in Proc. Int. Conf. Theory Appl. Satisfiability Test.,
2014, pp. 438–445.
[14] B. Zhou et al., “Cost-efficient acceleration of hardware Trojan detection
through fan-out cone analysis and weighted random pattern technique,”
IEEE Trans. Comput.-Aided Design Integr. Circuits Syst., vol. 35, no. 5,
pp. 792–805, May 2016.
[15] A. Nejat, D. Hely, and V. Beroulle, “ESCALATION: Leveraging
logic masking to facilitate path-delay-based hardware Trojan detection
methods,” J. Hardw. Syst. Security, vol. 2, no. 1, pp. 83–96, Mar. 2018.
[16] S. Wei, K. Li, F. Koushanfar, and M. Potkonjak, “Provably complete
hardware Trojan detection using test point insertion,” in Proc. Int. Conf.
Comput. Aided Des. (ICCAD), San Jose, CA, USA, 2012, pp. 569–576.
[17] S. Wei and M. Potkonjak, “Malicious circuitry detection using fast tim-
ing characterization via test points,” in Proc. IEEE Int. Symp. Hardw.
Orient. Security Trust (HOST), Austin, TX, USA, 2013, pp. 113–118.
Ahmad Shabani received the B.S. degree in electri-
cal engineering from Shiraz University, Shiraz, Iran,
in 2014 and the M.S. degree in digital electronic
systems from Shahid Beheshti University, Tehran,
Iran, in 2016. He is currently pursuing the Ph.D.
degree in digital systems with Tehran University,
Tehran.
Since 2016, he has been a member of
Design, Verification and Debugging of Embedded
Systems Laboratory, Tehran University. His current
research interests include hardware security, Trojan
countermeasure, medical image processing, and low-power and high-speed
digital circuits.
Bijan Alizadeh (SM’13) received the Ph.D. degree
in electrical and computer engineering from the
University of Tehran, Tehran, Iran, in 2004.
He was with the School of Electrical Engineering,
Sharif University of Technology, Tehran, as an
Assistant Professor from 2005 to 2007 and VDEC,
University of Tokyo, Tokyo, Japan, as a Research
Associate from 2007 to 2010. He has been an
Assistant Professor with the School of Electrical and
Computer Engineering, University of Tehran since
2011, where he is currently an Associate Professor.
He has authored or co-authored over 100 publications in international sci-
entific journals and conferences. He has been engaged in the research
and development of very large-scale integration systems, field-programmable
gate array-based reconfigurable computing, formal verification and debug,
post-silicon debug, and high-level synthesis.