Professional Documents
Culture Documents
4.enhancing Hardware Trojan Detection Sensitivity Using Partition-Based Shuffling Scheme
4.enhancing Hardware Trojan Detection Sensitivity Using Partition-Based Shuffling Scheme
1, JANUARY 2021
Abstract—This brief presents a new test pattern generation the PMTP rules and conflicts to ensure the proper prop-
scheme alongside a design for trust (DfTr) methodology for agation of the maximum transition probability. Then, the
detecting hardware Trojan through side channel-based analy- PMTP rules are satisfied through MAX-SAT and conflicts
sis approaches. The proposed scheme takes advantage of the are resolved by inserting AND/OR into the main circuit. The
proposed Hamming distance-based reordering and partition- existing DfTr methods mainly focus on the fully activation
based shuffling methods. The key idea behind the proposed work of Trojans through logic testing or side channel-based analy-
is that instead of distributing the circuit activity profile among
sis approaches and they do not provide a unified solution for
all the nets with low transition probability at once, it can only be
restricted to the smaller subsets of rare nets one at a time, while detecting Trojans through both ways. However, the standalone
the rest of subsets remain at the lowest activity. As a result, application of logic testing or side channel-based approaches
a remarkable reduction in the background circuit activity by is not sufficient for reliable detection, and in most of the cases
more than 41% and favorable enhancement of detection sensi- the combination of both approaches is required [8]. The main
tivity about 31% are achieved compared to the state-of-the-art weakness in the existing methods [2]–[5] is that any effort to
method. increase the Trojan activity for raising the number of full acti-
vations of Trojan will increase the background circuit activity
Index Terms—Hardware Trojan, set partitioning, Hamming
distance, Trojan detection, side channel analysis. as well, and in turn this might adversely affect the side channel
detection sensitivity.
In this brief, to provide a unified methodology for detecting
I. I NTRODUCTION hardware Trojans, a new test pattern generation (TPG) scheme
is integrated with PMTP approach [5] using Hamming-
ARDWARE Trojans are the malicious circuitry which are
H intentionally mounted by an untrusted person or entity
aiming at altering the functionality, degrading the reliability,
Distance (HD)-based reordering and partition-based shuffling
schemes. The main objective is to enhance the side channel
sensitivity by reducing background activity while maintaining
and leaking vital information of the chip [1]. The common the number of Trojan full activations sufficient for logic testing
assumption in hardware trust community is that an intelligent approach. The contributions of this brief are as follows:
adversary would likely employ a Trojan trigger circuit by sup- 1) We integrate the proposed TPG scheme with PMTP
plying it with the low transition probability nets (i.e., rare nets) approach to enhance the detection sensitivity using HD-
for preserving its rarity of activation. based reordering and partition-based shuffling methods.
One promising way to alleviate the stealthy nature of 2) The partitioning problem is converted to a Set
Trojan is to increase the transition probability of the rare Partitioning Problem where some primary inputs are
nets by inserting some additional circuitry into the main partitioned into multiple subsets, each of which covers
circuit [2]–[6]. These modifications are referred to as design different but almost the same number of rare nets.
for trust (DfTr) approaches [7]. Authors of [2], [4] developed 3) The proposed test set is generated by using shuffling
two different DfTr methods for increasing the transition prob- method where a random set is reordered according to
ability of the rare nets by inserting the scan flip-flops and the maximum and minimum HDs, then the generated
a MUX-based structures into the main circuit. Later, authors sets will be shuffled based on the partitioning results.
of [3] proposed another insertion procedure which is based The rest of this brief is organized as follows. The problem
on XOR gates followed by flip-flops. In [5] authors developed specification and the proposed methodology is introduced in
a novel DfTr approach called PMTP with the aim of maximiz- Sections II and III. Then, the experimental results are extracted
ing the transition probability of the rare nets. They introduced in Section IV. Finally, a conclusion will be presented.
Manuscript received February 28, 2020; revised April 29, 2020; accepted
June 7, 2020. Date of publication June 10, 2020; date of current version
December 21, 2020. This brief was recommended by Associate Editor X. Li.
II. P ROBLEM S PECIFICATION AND
(Corresponding author: Bijan Alizadeh.) THE P ROPOSED M ETHOD
Ahmad Shabani is with the Design, Verification and Debugging To the best of our knowledge, the PMTP method [5] out-
of Embedded Systems Laboratory, School of Electrical and Computer performs the existing DfTr approaches in terms of the number
Engineering, College of Engineering, University of Tehran, Tehran 14395-515,
Iran (e-mail: ah.shabani@ut.ac.ir). of full activations of Trojan. To maximize the activity of
Bijan Alizadeh is with the Design, Verification and Debugging of Embedded the rare nets, they specified the full transition (FT) paths
Systems Laboratory, School of Electrical and Computer Engineering, College between the rare nets and the primary inputs of the circuit.
of Engineering, University of Tehran, Tehran 14395-515, Iran, and also with These paths are specified based on the minimum logical depth
the School of Computer Science, Institute for Research in Fundamental rule and are sensitized through some primary inputs fed by
Sciences (IPM), Tehran 19538-33511, Iran (e-mail: b.alizadeh@ut.ac.ir).
Color versions of one or more of the figures in this article are available random-based test vectors to increase the transition at the
online at https://ieeexplore.ieee.org. rare nets. The rest of the primary inputs are stuck at their
Digital Object Identifier 10.1109/TCSII.2020.3001263 controlling values of ‘0’ or ‘1’ specified by the MAX-SAT
1549-7747
c 2020 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission.
See https://www.ieee.org/publications/rights/index.html for more information.
thorized licensed use limited to: AMRITA VISHWA VIDYAPEETHAM AMRITA SCHOOL OF ENGINEERING. Downloaded on September 15,2021 at 06:44:28 UTC from IEEE Xplore. Restrictions app
SHABANI AND ALIZADEH: ENHANCING HARDWARE TROJAN DETECTION SENSITIVITY USING PARTITION-BASED SHUFFLING SCHEME 267
and maximum HDs. Then, the two reordered sets are shuf-
fled based on the partitioning results to generate the mutable
Fig. 1. The proposed integrated DfTr methodology. part. Finally, the mutable and immutable parts are combined
to generated the complete test set.
solver to let the maximum transition be propagated. However, III. P ROPOSED T EST PATTERN G ENERATION S CHEME
these high activity random-based vectors not only increase the Stimulating Inputs Partitioning Method: The stimulating
Trojan activity, but also the background circuit activity, result- input partitioning method is described in Algorithm 1. Before
ing in a low side channel detection sensitivity. Developing partitioning process, we need to extract the stimulating inputs
a pattern generation strategy to localize switching activity (P = {p1 , p, . . . , pN }), where N is the total number of stim-
and reduce the background noise is an extremely challeng- ulating inputs, by following each of the rare nets (ni ∈ LT)
ing task since there is correlation between the Trojan activity through FT paths (X) towards primary inputs (Stage #1). In
and the total number of background transitions. Accordingly, this backward process, when the primary inputs is reached, it
we present a pattern generation strategy alongside the PMTP is added to the P list and assigned as the stimulating input of
approach to enhance the side channel sensitivity by localizing the rare net ni (STM{ni }). Then, the coverage of each pi ∈ P
the circuit activity on the target partitions covering a subset (CC{pi }) is calculated by checking how many rare nets are
of rare nets, while keeping quiet the rest of the partitions. covered by each stimulating input. The number of rare nets
Fig. 1 shows the proposed integrated DfTr methodology incor- which are sensitized by a stimulating input is defined as the
porating 1) the PMTP approach [5] and 2) the proposed TPG Coverage Count (CC) of that input.
scheme. The test set generated by the PMTP approach can be Since the test designer is not aware of which rare nets are
divided into two parts of mutable and immutable parts. The selected as Trojan’s trigger and we assign an identical portion
immutable part remains constant for all the test vectors where of test vectors to each generated subsets, we need to make
its logic values are specified by MAX-SAT, while the mutable sure that each subset covers relatively the same number of rare
part refers to the part that frequently varies where it is sup- nets (i.e., the balanced subsets in terms of the coverage count)
plied by the random-based test vectors. To localize activity, which is translated to the same amount of activity assigned
we develop our TPG scheme on the mutable part since this to each subset. The problem ahead is to partition the set of
part is responsible for generating activity in the circuit. This stimulating inputs (P) into K balanced subsets (Si ) such that
part of test vector injects activity into the circuit through some the difference between the sum of the coverage counts of each
primary inputs called Stimulating Input (SI) which affects both subset is minimized. In fact, this is an optimization version of
Trojan and background activity simultaneously. Thus, instead the Set Partitioning Problem [8], which is a task of deciding
of random test pattern, we proposed a guided test patterns whether a given multiset P of positive integers can be parti-
which can target the subsets of rare nets one at the time while tioned into two subsets of s1 and s2 such that the sum of the
reducing background circuit activity. numbers in each subset is equal.
In Fig. 1, the proposed unified methodology takes the circuit According to Stage #2 of Algorithm 1, one simple heuris-
netlist as input and using the PMTP approach generates the tics approach to the above problem is the greedy algorithm,
modified circuit netlist by employing AND/OR insertion-point which iterates through the set of stimulating inputs sorted in
structures into the main circuit. The proposed TPG scheme descending order of coverage count, assigning each of them
consists of two main phases: 1) Stimulating input partitioning to whichever subset has the smaller sum of the coverages. The
and 2) Partition-based shuffling. In this concept, the stimulat- proposed partitioning process is shown in Fig. 2 in which the
ing inputs are the primary inputs (i.e., endpoints) of the FT set of stimulating inputs P = {p1 , p2 , . . . , p13 } is partitioned
paths. In the first phase, the stimulating inputs are extracted into three subsets S = {S1 , S2 , S3 }, K = 3 with relatively the
and then partitioned into multiple subsets. In the second phase, same number of total coverage counts. In Fig. 2, the number
the random test vectors are reordered based on minimum in the boxes represents the coverage count of each pi and the
thorized licensed use limited to: AMRITA VISHWA VIDYAPEETHAM AMRITA SCHOOL OF ENGINEERING. Downloaded on September 15,2021 at 06:44:28 UTC from IEEE Xplore. Restrictions app
268 IEEE TRANSACTIONS ON CIRCUITS AND SYSTEMS—II: EXPRESS BRIEFS, VOL. 68, NO. 1, JANUARY 2021
thorized licensed use limited to: AMRITA VISHWA VIDYAPEETHAM AMRITA SCHOOL OF ENGINEERING. Downloaded on September 15,2021 at 06:44:28 UTC from IEEE Xplore. Restrictions app
SHABANI AND ALIZADEH: ENHANCING HARDWARE TROJAN DETECTION SENSITIVITY USING PARTITION-BASED SHUFFLING SCHEME 269
Fig. 5. Distribution of maximum TCA, Trojan activity, and background activity over 100 random Trojan samples of Trojan #3 and #4 for s5378.
TABLE II
N UMBER OF F ULL ACTIVATIONS OF D IFFERENT T ROJANS
TABLE IV
D IFFERENT C ASES OF T RIGGER I NPUT S ELECTION OF T ROJAN
thorized licensed use limited to: AMRITA VISHWA VIDYAPEETHAM AMRITA SCHOOL OF ENGINEERING. Downloaded on September 15,2021 at 06:44:28 UTC from IEEE Xplore. Restrictions app
270 IEEE TRANSACTIONS ON CIRCUITS AND SYSTEMS—II: EXPRESS BRIEFS, VOL. 68, NO. 1, JANUARY 2021
Fig. 6. Comparison of side channel sensitivity over 100 random Trojan samples, a) CASE #1; b) CASE #2; c) Random (s5378, k = 4, Ntest = 1000).
TABLE V
BACKGROUND C IRCUIT ACTIVITY OF THE P ROPOSED AND THE PMTP A PPROACH FOR D IFFERENT C ASES OF T RIGGER S ELECTION (K=4)
TABLE VI
S IDE C HANNEL D ETECTION S ENSITIVITY OF THE P ROPOSED AND THE PMTP A PPROACH FOR D IFFERENT C ASES OF T RIGGER S ELECTION (K=4)
remain almost zero for most of the times. Also, the TCA of [2] B. Zhou, W. Zhang, S. Thambipillai, and J. K. J. Teo, “A low cost
the proposed scheme shows the higher peak than the other acceleration method for hardware trojan detection based on fan-out
approaches. This distinguished activity profile can help test cone analysis,” in Proc. Int. Conf. Hardw. Softw. Codesign Syst. Synth.
CODES+ISSS, 2014, p. 28.
engineer to detect the presence of Trojan more reliable. This [3] A. Mondal, M. H. Mahalat, A. R. Medapati, S. Roy, and B. Sen, “XOR
observation can relatively identify the rare nets used as trig- based methodology to detect hardware trojan utilizing the transition
ger’s inputs with higher resolution. Once the trigger selection probability,” in Proc. 2018 8th Int. Symp. Embedded Comput. Syst.
broadens to multiple partitions (e.g., CASE #2), the sensitivity Design (ISED), 2018, pp. 215–219.
profile also distributes among those partitions. [4] H. Salmani, M. Tehranipoor, and J. Plusquellic, “A novel technique
for improving hardware trojan detection and reducing trojan activation
time,” IEEE Trans. Very Large Scale Integr. (VLSI) Syst., vol. 20, no. 1,
pp. 112–125, Jan. 2012.
V. C ONCLUSION [5] A. Shabani and B. Alizadeh, “PMTP: A MAX-SAT-based approach to
In this brief, a new test pattern generation scheme was detect hardware trojan using propagation of maximum transition proba-
bility,” IEEE Trans. Comput.-Aided Design Integr. Circuits Syst., vol. 39,
developed to enhance the side channel detection sensitivity no. 1, pp. 25–33, Jan. 2020.
of Trojan by using the proposed HD-based reordering and [6] A. Shabani and B. Alizadeh, “PODEM: A low-cost property-based
partition-based shuffling methods. Unlike the previous works, design modification for detecting hardware trojans in resource-constraint
the detection sensitivity profile of the proposed approach is IoT devices,” J. Netw. Comput. Appl., to be published.
much higher and almost restricted to the partitions from which [7] K. Xiao, D. Forte, Y. Jin, R. Karri, S. Bhunia, and M. Tehranipoor,
“Hardware trojans: Lessons learned after one decade of research,” ACM
the Trojan trigger’s inputs are selected. As a result, the Trojan- Trans. Design Autom. Electron. Syst., vol. 22, no. 1, pp. 1–23, 2016.
infected circuits can be distinguished with more reliability and [8] M. Tehranipoor, H. Salmani, and X. Zhang, Integrated Circuit
the trigger’s inputs are identified with higher resolution. Authentication: Hardware Trojans and Counterfeit Detection. Cham,
Switzerland: Springer, 2014.
[9] R. E. Korf, “Multi-way number partitioning,” in Proc. IJCAI Int. Joint
R EFERENCES Conf. Artif. Intell., 2009, pp. 538–543.
[10] Y. Huang, S. Bhunia, and P. Mishra, “MERS: Statistical test generation
[1] S. Bhunia and M. M. Tehranipoor, The Hardware Trojan War: Attacks, for side-channel analysis based Trojan detection,” in Proc. ACM Conf.
Myths, and Defenses. Cham, Switzerland: Springer, 2017. Comput. Commun. Security, vol. 1, Oct. 2016, pp. 130–141.
thorized licensed use limited to: AMRITA VISHWA VIDYAPEETHAM AMRITA SCHOOL OF ENGINEERING. Downloaded on September 15,2021 at 06:44:28 UTC from IEEE Xplore. Restrictions app