Detecting Trojans Through Leakage Current Analysis Using Multiple Supply Pad ${I}_{\rm DDQ}$s

Abstract

Hardware Trojans have emerged as a new threat to the security and trust of computing systems. Hardware Trojans are deliberate and malicious modifications to the logic function implemented within digital and mixed signal chips. In contrast to software Trojans, it is not possible to simply scan the hard drive to eradicate a hardware Trojan. Hardware Trojans can be designed to shutdown the chip at some predetermined time and/or when some specific signal or data pattern is received. They may also be designed to remain hidden while leaking confidential information covertly to the adversary. Determining whether a hardware Trojan has been inserted into a chip is extremely difficult for a variety of reasons, e.g., nanometer feature sizes and chip design complexity combine to make optical inspection difficult or impossible. This paper presents experimental results demonstrating the effectiveness of a Trojan detection method that is based on the analysis of a chip's Jddqs (steady-state current), which are measured simultaneously from multiple places on the chip. The proposed method also incorporates a technique for virtually eliminating process and test environment variations effects which act to reduce detection sensitivity of traditional testing approaches. Used together, resolution enhancements of up to a 1000 x are possible over conventional single power supply current measurement techniques. A regression-based statistical technique is applied to the data collected from a set of chips fabricated in a 65-nm process to illustrate the detection capabilities and limitations of this type of approach.