Professional Documents
Culture Documents
slide 2
Introduction Background Method Evaluation Results Conclusion
Criterion Fault HT
Activation Known functional state Arbitrary
Insertion Accidental Intentional
Manifestation Functional/parametric Both + Leak info.
slide 3
Introduction Background Method Evaluation Results Conclusion
Counter
Untrusted hardware
Challenges in HT Detection
Versatility of HTs : Size, Location, quiet, different
type/form
Testing/verification tools fail: Conventional tools are for
defects and faults, not for intentionally added HTs
Distinction between HTs and “noise”
Error from testing and HT detection methods.
Side channel noise and measurement errors.
Functional noise (e.g. don’t cares)
Manufacturing variations (process variations)
slide 6
Introduction Background Method Evaluation Results Conclusion
Classification of HT Detection
Destructive approaches
@ Costly and time consuming.
Non-destructive approaches
• Run-time Monitoring
• Test-time detection
Logic test (Limited Detection)
@ Only functional HT
@ Required a sophisticated pattern set
Side channel analysis.
@ Power: quiescent current, transient current
@ Delay, Radiation etc.
slide 7
Introduction Background Method Evaluation Results Conclusion
HT Detection
Side-channel analysis: Power, delay etc.
Does not require triggering Trojans to observe its
impact at primary output nodes
May catch HT even for a partial activation
slide 9
Introduction Background Method Evaluation Results Conclusion
slide 10
Introduction Background Method Evaluation Results Conclusion
Scan Chain
Scan Flip Flop (FF)
slide 11
Introduction Background Method Evaluation Results Conclusion
Proposed Method
Scan-chain segmentation
• Increase Trojan-to-circuit power consumption
Pattern application technique
• Activate most FFs in launch-on-capture (LOC) mode
– Transition to combinational core increases
• Restrict background switching
Scan Chain
– Clock gating for FFs
Self-Authentication FF
• Generating NOEPs for HT detection
slide 12
Introduction Background Method Evaluation Results Conclusion
slide 13
Introduction Background Method Evaluation Results Conclusion
V5 P4 Table3: EP pairs
V1 V2 V3 V4 V5
NOEP-1 Seg-1 Seg-2
NOEP-2 Seg-4 Seg-3
NOEP-3 Seg-1/seg-4
NOEP-4 Seg-3 Seg-4 slide 14
Introduction Background Method Evaluation Results Conclusion
slide 15
Introduction Background Method Evaluation Results Conclusion
SR
Trojan cells
P1=Pm(Sr,tr)
ST
slide 16
Introduction Background Method Evaluation Results Conclusion
W/o Golden IC
Seg-1
Difference:
SUS
o Power consumed by HT
Seg-2 - Intra-die variations
Self-authentication
slide 17
Introduction Background Method Evaluation Results Conclusion
Inserted Trojans
Trojans` specification in 90nm technology library
Type Circuit Type Total cell area
(µm2)
T1 2 AND gates and 1 NAND gate 22
T2 2-bit counter 305
T3 4 bit comparator with 2 FF 1875
T2
g1
g3
T3 g2
T1 slide 18
Introduction Background Method Evaluation Results Conclusion
150000
150000 100000
100000
50000
50000
0
overlapping
0 0 100000 200000 300000 400000 cells
0 100000 200000 300000 400000
400000
Region-7 Region-16
400000
350000
300000 300000
250000
200000 200000
150000
100000 100000
50000
0
0
0 100000 200000 300000 400000
0 100000 200000 300000 400000
EP Pair Generation
0.0056
0.0055
0.0054
0.0053
0.0052
0.0051
0.005
1 2 3 4 5 6 7 8 9 10
slide 20
Introduction Background Method Evaluation Results Conclusion
Most cases more than 80% chances of Trojan cell activation slide 21
Introduction Background Method Evaluation Results Conclusion
Summary
slide 22
Thank You
slide 23