An Automated Framework for Board-Level Trojan Benchmarking

Abstract

Economic and operational advantages have led the supply chain of printed circuit boards (PCBs) to incorporate various untrusted entities. Any of the untrusted entities are capable of introducing malicious alterations to facilitate a functional failure or leakage of secret information during field operation. While researchers have been investigating the threat of malicious modification within the scale of individual microelectronic components, the possibility of a board-level malicious manipulation has essentially been unexplored. In the absence of standard benchmarking solutions, prospective countermeasures for PCB trust assurance are likely to utilize homegrown representation of the attacks that undermine their evaluation and do not provide scope for comparison with other techniques. In this article, we have developed a benchmarking solution to facilitate an unbiased and comparable evaluation of countermeasures applicable to PCB trust assurance. Based on a taxonomy tailored for PCB-level alterations, we have developed a toolflow for the automatic generation of Trojan benchmarks to facilitate a comprehensive evaluation against a large number of diverse Trojan implementations and application of data mining for trust verification. Using the toolflow, we have developed a suite of custom “Trojan benchmarks” (i.e., PCB designs with Trojans) containing representative examples of Trojans in the taxonomy inserted in different PCB designs of varying complexity and functionality. Finally, with experimental measurements from a fabricated PCB and structural analysis of netlist, we analyze the stealthiness of the Trojan designs and present the runtime of the tool for a large number of PCB designs.