Dynamic FPGA Detection and Protection of Hardware Trojan: A Comparative Analysis
This addresses security risks in critical systems using untrusted third-party hardware components, but it is incremental as it builds on existing FPGA and Trojan detection concepts.
The paper tackles the problem of detecting and protecting against hardware Trojans in third-party IPs on FPGAs without requiring golden chips, by presenting runtime methods that range from low-overhead to sophisticated techniques, with results showing negligible to increased overheads in delay and power as security improves.
Hardware Trojan detection and protection is becoming more crucial as more untrusted third parties manufacture many parts of critical systems nowadays. The most common way to detect hardware Trojans is comparing the untrusted design with a golden (trusted) one. However, third-party intellectual properties (IPs) are black boxes with no golden IPs to trust. So, previous attempts to detect hardware Trojans will not work with third-party IPs. In this work, we present novel methods for Trojan protection and detection on field programmable gate arrays (FPGAs) without the need for golden chips. Presented methods work at runtime instead of test time. We provide a wide spectrum of Trojan detection and protection methods. While the simplest methods have low overhead and provide limited protection mechanisms, more sophisticated and costly techniques are introduced that can detect hardware Trojans and even clean up the system from infected IPs. Moreover, we study the cost of using the FPGA partial reconfiguration feature to get rid of infected IPs. In addition, we discuss the possibility to construct IP core certificate authority that maintains a centralized database of unsafe vendors and IPs. We show the practicality of the introduced schemes by implementing the different methodologies on FPGAs. Results show that simple methods present negligible overheads and as we try to increase security the delay and power overheads increase.