Professional Documents
Culture Documents
2.PMTP A MAX-SAT-Based Approach To Detect Hardware Trojan Using Propagation of Maximum Transition Probability
2.PMTP A MAX-SAT-Based Approach To Detect Hardware Trojan Using Propagation of Maximum Transition Probability
1, JANUARY 2020 25
Abstract—Hardware Trojan attacks have emerged as a major is the malicious effect or Payload where the Trojan deviates
security issue for hardware at different level of abstractions, an internal circuit net from its desired value leading to mal-
which relate to malicious tampering of a hardware during design function when the triggering condition is fulfilled [2]. Existing
or fabrication process. In this paper, a new low overhead and
high speed design for trust methodology for increasing both full nondestructive Trojan detection-based methods can be broadly
activation and side channel sensitivity of Trojan is proposed. The classified into logic testing and side channel analysis. In logic
main idea is that the increase in transition probability of individ- testing, the underlying challenge is to satisfy the rare condi-
ual nets does not necessarily increase the transition probability of tion of Trigger unit besides to manifest the injected erroneous
the succeeding nets of the circuit. Accordingly, the rules and con- logic by applying special test patterns [5], [6]. Meanwhile,
flicts of the propagation of maximum transition probability for
individual gates have been presented to ensure that a full transi- vast majority of researches developed till date inspect the
tion path is constructed between each low transition probability anomaly in the side channel parameters (e.g., delay, transient,
net and primary inputs of the circuit. The results show that and leakage power) of the circuit with inserted Trojan [7], [8].
the proposed methodology achieves superior efficiency in Trojan However, these approaches mainly suffer from detection inac-
full activation by more than 4× through logic testing approach curacy for Trojans with small size in the presence of process
besides higher sensitivity averagely around 20× for power-based
side channel analysis compared to existing methods. variations.
The main concept of multiple excitation of rare occur-
Index Terms—Boolean satisfiability (SAT), hardware secu- rence (MERO), as a prominent approach in logic testing, is
rity, hardware Trojan (HT), maximum Boolean SAT (Max-SAT)
solver, Trojan detection. to derive an optimal test patterns in order to activate a set of
candidate nets individually to their rare logic values multiple
times [5]. Later, Saha et al. [6] proposed an enhanced version
I. I NTRODUCTION of MERO scheme, which in turn can more effectively activate
UE TO remarkable growth in globalization of inte- and propagate the malicious impact of Trojan by combining
D grated circuits (ICs), and widespread outsourcing of ICs
manufacturing to untrusted fabrication facilities or foundries
the genetic algorithm and Boolean satisfiability (SAT) test gen-
erations. Nevertheless, these generated test patterns are only
located across the world, a new emerging thread known well designed to further trigger the rare condition of Trojan’s
as hardware Trojan (HT) brought to light just a decade inputs, and have a limited applicability for side channel anal-
ago [1], [2]. An adversary can introduce HTs with the aim ysis. So, Huang et al. [8] proposed another scheme named
of causing disruption in the normal functional behavior or as MERS specially for power-based side channel aware test
leaking vital information from a chip to an unauthorized generation. Another alternative to the Trojan detection meth-
party [3]. ods is to employ design modification techniques to either
Over the past decade, different types of Trojan attack mod- facilitate detection or to prevent insertion of Trojans, which
els and counteraction methods have been reported [2], [4]. are also commonly referred as design for trust (DFT) tech-
A Trojan in its simplest form, can be mounted by incorpo- niques. In [9] and [10], DFT schemes were developed aiming
rating two distinct parts: 1) Trigger unit and 2) the Payload. at shortening activation generation time by inserting scan flip-
In order to activate a Trojan, the rare triggering condition real- flops and multiplexers. The insertion procedure tries to ensure
ized by Trigger unit must be satisfied. The other part of Trojan that all the circuit nets are switched to a transition probabil-
ity above a threshold. However, such DFT methods introduce
Manuscript received April 6, 2018; revised July 13, 2018 and large area and power overheads imposed by complex insertion
October 19, 2018; accepted December 13, 2018. Date of publication
December 25, 2018; date of current version December 23, 2019. This paper points [2].
was recommended by Associate Editor Y. Makris. (Corresponding author: In this paper, we develop a new low overhead and high
Bijan Alizadeh.) speed DFT methodology together with special test-vector gen-
The authors are with the Design, Verification and Debugging of Embedded
Systems Laboratory, School of Electrical and Computer Engineering, eration to rise the transition of low controllable nets to the
College of Engineering, University of Tehran, Tehran 14399-57131, Iran maximum transition probability (MTP). The key idea relies
(e-mail: ah.shabani@ut.ac.ir; b.alizadeh@ut.ac.ir). on the fact that recklessly increasing transition probability
Color versions of one or more of the figures in this paper are available
online at http://ieeexplore.ieee.org. of individual nets does not necessarily increase the number
Digital Object Identifier 10.1109/TCAD.2018.2889663 of transition of the succeeding nets in logical fan-out cone.
0278-0070 c 2018 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission.
See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
thorized licensed use limited to: AMRITA VISHWA VIDYAPEETHAM AMRITA SCHOOL OF ENGINEERING. Downloaded on September 15,2021 at 06:48:00 UTC from IEEE Xplore. Restrictions app
26 IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS, VOL. 39, NO. 1, JANUARY 2020
Fig. 1. Probability distribution versus signal probability of being “1” of fan-ins (P1a and P1b ). a) AND/NAND. b) OR/NOR. and c) XOR/XNOR.
Regarding this matter, the main contributions of this paper are Definition 3 (Shared Forbidden Net): A shared forbidden
as follows. net (Sf n ) is an fn which is shared by multiple basic gates.
1) The rules and conflicts of the propagation of Definition 4 [Forbidden Fan-Out (FOF) Hash]: FOF is
MTP (PMTP) for individual gates are presented in such a hash that contains all the X fan-outs of an Sf n . In other
a way that a full transition path is constructed between words, this hash receives an Sf n as its key, and generates all
each low transition probability net and primary inputs the X fan-outs sharing Sf n .
of the circuit during a backward process.
2) We successfully adapt the PMTP requirements to the
A. Proposed PMTP Rules and Conflicts
form of maximum Boolean SAT (Max-SAT) problem
leading to a fast and easily implemented methodology In order to reach the MTP, we need to analyze the tran-
so as to satisfy the constraints imposed by PMTP rules. sition probability distribution at the output of basic gate as
3) Besides, deterministic test generation and special inser- illustrated in Fig. 1. By inspecting the probability distribution
tion points have been introduced ensuring that all the versus signal probability of being 1 of fan-ins, we can simply
nets with low transition probability below a certain extract the required PMTP rules, as will be presented in the
threshold are switched to the MTP. following.
The rest of this paper is organized as follows. The basic Rule 1: The MTP at the output of the AND/NAND gate
concepts of the proposed methodology are presented in is when transition probability of one of its input is in the
Section II. Next, the proposed methodology will be discussed maximum level (X net) and that of the other input (fn ) is zero
in detail in Section III, which will be analyzed to extract results sticking at 1 (ST1), as shown in Fig. 1(a).
in Section IV. Finally, a comprehensive conclusion will be Rule 2: In OR/NOR gate, the MTP at the output of gate is
presented in the last section. achieved when one of its input is in the MTP (X net), while
the other one is sticking at 0 (ST0) as shown in Fig. 1(b).
Rule 3: The MTP condition for XOR/XNOR gate can be
achieved in several controllable ways which are illustrated
II. M AX SAT-BASED M ETHODOLOGY U SING PMTP in Fig. 1(c). One controllable way to reap the benefits of
RULES AND C ONFLICTS the MTP in XOR/XNOR gate is to keep both its inputs
According to the static probability analysis, we can obtain in MTP.
a signal with MTP, i.e., 0.25, only when its signal probabili- Rule 4: For NOT gate, the MTP condition simply requires
ties being “0” and “1” are equal to 0.5. However, the transition the MTP in its input.
probability at the output of a basic gate, such as NAND and It is worth mentioning that these PMTP conditions are not
NOR will not be maximized (close to 0.18) even when the gate singular, which means that there exist other valid combina-
is supplied with two inputs with the MTP. As a result, reck- tions to satisfy MTP as well. However, only the controllable
lessly increasing transition probability of individual nets yields conditions have been selected as four PMTP rules. After apply-
nonmaximal or even degraded transition probability of suc- ing PMTP rules in backward manner, there is possibility that
ceeding nets in the fan-out cone. Accordingly, we will develop some nets of the circuit violate the above PMTP rules in differ-
the PMTP rules and conflicts to propagate maximum transi- ent forms of conflict. Thus, it is crucial to understand how to
tion probability. Before any further explanation, let us define extract these conflicts and resolve them to avoid any erroneous
some terms that are frequently used in the rest of this paper. transition propagation. In summary, conflicts are classified into
Definition 1 (X Net): An X net (net with X label) is a net three different types: X, SFN, and unsatisfiability (UNSAT)
of the circuit which is expected to switch into MTP. conflicts, as will be explained in the following.
Definition 2 (Forbidden Net): A forbidden net (fn ) is a non- Conflict 1 (X Conflict): The X conflict occurs at the output
X input of a basic gate (AND/NAND/OR/NOR) whose output of a basic gate only when both its inputs have X label so that
has been already marked by X net. the output of gate is in the nonmaximal transition probability
thorized licensed use limited to: AMRITA VISHWA VIDYAPEETHAM AMRITA SCHOOL OF ENGINEERING. Downloaded on September 15,2021 at 06:48:00 UTC from IEEE Xplore. Restrictions app
SHABANI AND ALIZADEH: MAX-SAT-BASED APPROACH TO DETECT HT USING PMTP 27
(a) (b)
thorized licensed use limited to: AMRITA VISHWA VIDYAPEETHAM AMRITA SCHOOL OF ENGINEERING. Downloaded on September 15,2021 at 06:48:00 UTC from IEEE Xplore. Restrictions app
28 IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS, VOL. 39, NO. 1, JANUARY 2020
thorized licensed use limited to: AMRITA VISHWA VIDYAPEETHAM AMRITA SCHOOL OF ENGINEERING. Downloaded on September 15,2021 at 06:48:00 UTC from IEEE Xplore. Restrictions app
SHABANI AND ALIZADEH: MAX-SAT-BASED APPROACH TO DETECT HT USING PMTP 29
thorized licensed use limited to: AMRITA VISHWA VIDYAPEETHAM AMRITA SCHOOL OF ENGINEERING. Downloaded on September 15,2021 at 06:48:00 UTC from IEEE Xplore. Restrictions app
30 IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS, VOL. 39, NO. 1, JANUARY 2020
TABLE II
O PTIMUM PTH FOR D IFFERENT C IRCUITS W ITH α = 10%, β = 2%
TABLE III
T IME C OMPLEXITY AND C IRCUIT OVERHEADS A FTER A PPLYING THE
P ROPOSED M ETHODOLOGY U SING O PTIMUM PTH
(a) (b)
Fig. 6. Transition probability distribution; (a) before and (b) after applying
proposed methodology to c7552 circuit (Pth = 0.035).
thorized licensed use limited to: AMRITA VISHWA VIDYAPEETHAM AMRITA SCHOOL OF ENGINEERING. Downloaded on September 15,2021 at 06:48:00 UTC from IEEE Xplore. Restrictions app
SHABANI AND ALIZADEH: MAX-SAT-BASED APPROACH TO DETECT HT USING PMTP 31
TABLE V
T ROJAN ACTIVATION AND D ETECTION A NALYSIS B EFORE A PPLYING THE P ROPOSED M ETHODOLOGY U SING 1000 T EST PATTERNS
TABLE VI
T ROJAN ACTIVATION AND D ETECTION A NALYSIS A FTER A PPLYING THE P ROPOSED M ETHODOLOGY U SING 1000 T EST PATTERNS
TABLE VII
R ESULTS OF THE P ROPOSED M ETHODOLOGY (POC AND TCA) U SING O PTIMUM PTHM
thorized licensed use limited to: AMRITA VISHWA VIDYAPEETHAM AMRITA SCHOOL OF ENGINEERING. Downloaded on September 15,2021 at 06:48:00 UTC from IEEE Xplore. Restrictions app
32 IEEE TRANSACTIONS ON COMPUTER-AIDED DESIGN OF INTEGRATED CIRCUITS AND SYSTEMS, VOL. 39, NO. 1, JANUARY 2020
TABLE X
C OMPARISON OF D IFFERENT T ROJAN D ETECTION AND P REVENTION S CHEMES BASED ON DFT
The seventh column is dedicated to represent the Tractivity This increase is also attained by factor of 1.3, 4.4, and 2.6 in
which is defined as the sum of the transitions inside and at comparison with the method presented in [10]. Moreover,
Payload
the output of Trojan circuit. The next two columns indicate the Nclk of the proposed method is prominently reduced
the number of Trojan full activations (POC) and the num- around 67% and 72%, in average, compared with the methods
ber of average clock cycles required to generate a transition presented in [9] and [10], respectively, so the number of test
Payload
at Trojan’s Payload (Nclk ), respectively. Finally, TCA has patterns required to detect the malicious activity of Trojan can
been presented. be significantly reduced, and the authentication time per chip is
Table V shows that before applying the proposed method shortened as well. In spite of the increase in Trojan activity, the
none of the Trojans is fully activated (i.e., POC = 0). Next, we total Cractivity is significantly reduced in the proposed method-
apply our proposed method and test patterns to the s5378 cir- ology so that the noticeable improvement in TCA parameter is
cuit using the optimum PTH = 0.04, as shown in Table VI. achieved, indicating that the proposed method is more suitable
According to Table VI, the proposed method indicates the for power-based side channel analysis.
favorable increase in LT set transitions, Trojan inputs, Trojan Finally, Table X reports the comparison of different DFT
output, and Trojan activity besides the reduction in the total methods in terms of detection type, ATPG scheme insertion
Cractivity , leading to remarkable increase in the TCA param- type, complexity of insertion points, time complexity, and
eter. Consequently, the higher sensitivity and robustness are area overhead. It is concluded from Tables X and VIII that
achieved. Moreover, unlike the design without modification, the proposed methodology incurs less area overhead in aver-
the proposed method can fully activate (i.e., higher POC rate) age compared to that of the other methods [9], [10], [14]–[17].
Trojans 1, 2, and 3 around 127, 58, and 12 times, respec- The reason behind the reduction in area is to employ insertion
tively. It is evident from Table VI that the POC rate of points with simple complexity comprising only one AND/OR
Trojan 4 (large Trojan) is still zero for 1000 test patterns. gate. However, this requirement entails the use of more
According to Table IV, we need more than 4000 test patterns, complex and area-intensive gates (XORs), multiplexers, and
on average, to generate a transition at Trigger unit. However, flip-flops for other existing methods [9], [10], [14]–[17], as
larger Trojans have more sensitivity through power-based side the area of a flip-flop is often 4 to 6 times larger than a sim-
channel approaches. More results about the POC rate and ple AND/OR gate [17]. The average area overhead imposed
TCA parameter have been listed in Table VII after applying the by proposed methodology after synthesizing with TSMC
proposed method to different benchmarks using the optimum 130-nm technology is about 10.17%. Results of Table X
Pthm presented in Table II. To expose the superior efficiency also signify that, compared to the similar detection methods
of the proposed method, we have also implemented the other in [9], [10], and [14], our approach has lower time complex-
known DFT methods presented in [9] and [10] for s5378 cir- ity. Note that the time complexity of both [9] and [10] in
cuit with Pth = 0.02, as reported in Table VIII. It is obvious worst case is O(M 2 ), where M is the total number of cir-
that the proposed method does not impose any area overhead cuit nets, indicating higher complexity compared to O(N × L)
on flip-flops, while this overhead is around 12.84% and 10% in the proposed methodology. Moreover, the proposed method
for design presented in [9] and [10], respectively. Besides, the leverages the Max-SAT-based ATPG to generate efficient test
results in Table VIII show that the proposed method is far patterns. Unlike random [9], [10] and weighted random [14]
faster than [9] and [10] by factors of 30 and 4, respectively. ATPGs, the Max-SAT-based ATPG accompanied by PMTP
To further analyze the number of full activation and methodology can effectively relieve the stealthy nature of
SCS, Table IX reports a relative comparison in terms of Trojans by allowing the MTP to propagate from primary inputs
Payload
POC, Nclk , and TCA parameters for s5378 circuit with toward low controllable nets.
Pth = 0.02, and by mounting different Trojan instances.
Regarding Table IX, achieving the MTP at Trojan’s inputs
yields more transitions at Trigger’s output compared with the V. C ONCLUSION
other methods. As a result, the POC rate in the proposed In this paper, a new low area overhead and high speed
method indicates a favorable increase by factor of 1.9, 8.9, and DFT methodology was proposed. In this method, the rules
4 in comparison with [9] for Trojan 1, 2, and 3, respectively. and conflicts of PMTP were developed for individual gates.
thorized licensed use limited to: AMRITA VISHWA VIDYAPEETHAM AMRITA SCHOOL OF ENGINEERING. Downloaded on September 15,2021 at 06:48:00 UTC from IEEE Xplore. Restrictions app
SHABANI AND ALIZADEH: MAX-SAT-BASED APPROACH TO DETECT HT USING PMTP 33
After satisfying PMTP rules, resolving conflicts by means of [13] R. Martins, V. Manquinho, and I. Lynce, “Open-WBO: A modular
simple insertion points, and applying the efficient test patterns MaxSAT solver,” in Proc. Int. Conf. Theory Appl. Satisfiability Test.,
2014, pp. 438–445.
generated by Max-SAT solver, the full transition paths are con- [14] B. Zhou et al., “Cost-efficient acceleration of hardware Trojan detection
structed between each low transition net and primary inputs. through fan-out cone analysis and weighted random pattern technique,”
The results for different benchmark circuits implied that the IEEE Trans. Comput.-Aided Design Integr. Circuits Syst., vol. 35, no. 5,
pp. 792–805, May 2016.
proposed method provides the higher full activation rate by [15] A. Nejat, D. Hely, and V. Beroulle, “ESCALATION: Leveraging
a factor of four, in average, through logic testing besides more logic masking to facilitate path-delay-based hardware Trojan detection
sensitivity averagely around 20× for power-based side channel methods,” J. Hardw. Syst. Security, vol. 2, no. 1, pp. 83–96, Mar. 2018.
[16] S. Wei, K. Li, F. Koushanfar, and M. Potkonjak, “Provably complete
analysis. hardware Trojan detection using test point insertion,” in Proc. Int. Conf.
Comput. Aided Des. (ICCAD), San Jose, CA, USA, 2012, pp. 569–576.
[17] S. Wei and M. Potkonjak, “Malicious circuitry detection using fast tim-
R EFERENCES ing characterization via test points,” in Proc. IEEE Int. Symp. Hardw.
[1] S. Bhunia, M. S. Hsiao, M. Banga, and S. Narasimhan, “Hardware Orient. Security Trust (HOST), Austin, TX, USA, 2013, pp. 113–118.
Trojan attacks: Threat analysis and countermeasures,” Proc. IEEE,
vol. 102, no. 8, pp. 1229–1247, Aug. 2014.
[2] S. Bhunia and M. M. Tehranipoor, The Hardware Trojan War: Attacks,
Myths, and Defenses. New York, NY, USA: Springer, 2017.
[3] L. Lin, W. Burleson, and C. Paar, “MOLES: Malicious off-chip leakage Ahmad Shabani received the B.S. degree in electri-
enabled by side-channels,” in Proc. Int. Conf. Comput.-Aided Design, cal engineering from Shiraz University, Shiraz, Iran,
San Jose, CA, USA, 2009, pp. 117–122. in 2014 and the M.S. degree in digital electronic
[4] M. Tehranipoor, H. Salmani, and X. Zhang, Integrated Circuit systems from Shahid Beheshti University, Tehran,
Authentication: Hardware Trojans and Counterfeit Detection, Cham, Iran, in 2016. He is currently pursuing the Ph.D.
Switzerland: Springer, 2014. degree in digital systems with Tehran University,
[5] R. S. Chakraborty, F. Wolff, S. Paul, C. Papachristou, and S. Bhunia, Tehran.
“MERO: A statistical approach for hardware Trojan detection,” in Since 2016, he has been a member of
Cryptographic Hardware and Embedded Systems—CHES 2009. Berlin, Design, Verification and Debugging of Embedded
Germany: Springer, 2009, pp. 396–410. Systems Laboratory, Tehran University. His current
[6] S. Saha, R. S. Chakraborty, S. S. Nuthakki, and D. Mukhopadhyay, research interests include hardware security, Trojan
“Improved test pattern generation for hardware trojan detection using countermeasure, medical image processing, and low-power and high-speed
genetic algorithm and Boolean satisfiability,” in Proc. Cryptograph. digital circuits.
Hardw. Embedded Syst., 2015, pp. 577–596.
[7] R. Rad, J. Plusquellic, and M. Tehranipoor, “A sensitivity analysis of
power signal methods for detecting hardware Trojans under real process
and environmental conditions,” IEEE Trans. Very Large Scale Integr.
(VLSI) Syst., vol. 18, no. 12, pp. 1735–1744, Dec. 2010.
[8] Y. Huang, S. Bhunia, and P. Mishra, “MERS: Statistical test generation Bijan Alizadeh (SM’13) received the Ph.D. degree
for side-channel analysis based Trojan detection,” in Proc. ACM Conf. in electrical and computer engineering from the
Comput. Commun. Security, Vienna, Austria, 2016, pp. 130–141. University of Tehran, Tehran, Iran, in 2004.
[9] H. Salmani, M. Tehranipoor, and J. Plusquellic, “A novel technique He was with the School of Electrical Engineering,
for improving hardware Trojan detection and reducing Trojan activa- Sharif University of Technology, Tehran, as an
tion time,” IEEE Trans. Very Large Scale Integr. (VLSI) Syst., vol. 20, Assistant Professor from 2005 to 2007 and VDEC,
no. 1, pp. 112–125, Jan. 2012. University of Tokyo, Tokyo, Japan, as a Research
[10] B. Zhou, W. Zhang, S. Thambipillai, and J. K. J. Teo, “A low cost Associate from 2007 to 2010. He has been an
acceleration method for hardware Trojan detection based on fan-out cone Assistant Professor with the School of Electrical and
analysis,” in Proc. Int. Conf. Hardw. Softw. Codesign Syst. Synthesis, Computer Engineering, University of Tehran since
New Delhi, India, 2014, pp. 1–10. 2011, where he is currently an Associate Professor.
[11] Z. Fu and S. Malik, “On solving the partial MAX-SAT problem,” in He has authored or co-authored over 100 publications in international sci-
Proc. Int. Conf. Theory Appl. Satisfiability Test., Seattle, WA, USA, entific journals and conferences. He has been engaged in the research
2006, pp. 252–265. and development of very large-scale integration systems, field-programmable
[12] A. Biere, M. Heule, H. van Maaren, and T. Walsh, Handbook of gate array-based reconfigurable computing, formal verification and debug,
Satisfiability, vol. 185. Amsterdam, The Netherlands: IOS Press, 2009. post-silicon debug, and high-level synthesis.
thorized licensed use limited to: AMRITA VISHWA VIDYAPEETHAM AMRITA SCHOOL OF ENGINEERING. Downloaded on September 15,2021 at 06:48:00 UTC from IEEE Xplore. Restrictions app