Secure Run-Time Hardware Trojan Detection Using Lightweight Analytical Models

Abstract

Hardware Trojans, malicious components that attempt to prevent a chip from operating as expected, are carefully crafted to circumvent detection during the predeployment silicon design and verification stages. They are an emerging threat being investigated by academia, the military, and industry. Therefore, run-Time hardware Trojan detection is critically needed as the final layer of defense during chip deployment, and in this work, we focus on hardware Trojans that target the processor's performance. Current state-of-The-Art detectors watch hardware counters for anomalies using complex machine-learning models, which require a dedicated off-chip processor and must be trained extensively for each target processor. In this work, we propose a lightweight solution that uses data from a single reference run to accurately determine whether a Trojan is slowing processor performance, across CPU configurations, without the need for new profiles. To accomplish this, we use an analytical model based on the application's inherent microarchitecturally independent characteristics. Such models determine the expected microarchitectural events across different processor configurations without requiring reference values for each application-hardware configuration pair. By comparing predicted values to actual hardware events, one can quickly check for unexpected application slowdowns that are the key signatures of many hardware Trojans. The proposed methodology achieves a higher true positive rate (TPR) compared to prior works while having no false positives. The proposed detector incurs no run-Time performance penalty and only adds a negligible power overhead of 0.005%.