A Hardware-Trojans Identifying Method Based on Trojan Net Scoring at Gate-Level Netlists
Outsourcing IC design and fabrication is one of the effective solutions to reduce design cost but it may cause severe security risks. Particularly, malicious outside vendors may implement <i>Hardware Trojans (HTs)</i> on ICs. When we focus on IC design phase, we cannot assume an HT-free netlist or a <i>Golden netlist</i> and it is too difficult to identify whether a given netlist is HT-free or not. In this paper, we propose a score-based hardware-trojans identifying method at gate-level netlists without using a Golden netlist. Our proposed method does not directly detect HTs themselves in a gate-level netlist but it detects a net included in HTs, which is called <i>Trojan net</i>, instead. Firstly, we observe Trojan nets from several HT-inserted benchmarks and extract several their features. Secondly, we give <i>scores</i> to extracted Trojan net features and sum up them for each net in benchmarks. Then we can find out a <i>score threshold</i> to classify HT-free and HT-inserted netlists. Based on these scores, we can successfully classify HT-free and HT-inserted netlists in all the Trust-HUB gate-level benchmarks and ISCAS85 benchmarks as well as HT-free and HT-inserted AES gate-level netlists. Experimental results demonstrate that our method successfully identify all the HT-inserted gate-level benchmarks to be "HT-inserted" and all the HT-free gate-level benchmarks to be "HT-free" in approximately three hours for each benchmark.
- IEICE Trans. Fundamentals
IEICE Trans. Fundamentals E98.A(12), 2537-2546, 2015