A Novel Algorithm for Hardware Trojan Detection Through Reverse Engineering

Abstract

Malicious alteration in an IC design is generally referred to as hardware Trojans (HTs). The involvement of multiple entities in the VLSI design cycle has made the process of HT detection very challenging. This article presents a novel method for the detection of HT at the gate level of abstraction. A path retrace algorithm detects the nets added/deleted by an adversary along with its location. The netlists of the genuine circuit (design netlist) and the Trojan-inserted circuit are used by the algorithm to detect the malicious nets in the circuit. This method utilizes testability analysis as the metric for segregating malicious nets in the compromised circuit netlist. Netlist of the fabricated IC, which is obtained through reverse engineering and the design netlist of the original circuit are used to determine the testability parameters, such as controllability and observability of the nets. Based on the variation in testability metrics of a signal in the original circuit, the path retrace algorithm identifies the malicious gates inserted into the original circuit. In addition, the algorithm also helps to isolate the Trojan circuit and comprehend its functional implication on the original design. Using the list of malicious gates and compromised circuit netlist, it is possible to identify the Trojan nets inserted by the adversary. This technique is more effective in detecting functional Trojans as compared to techniques employing reverse engineered images as it is design parameter independent and impervious to noise.