Empirical Word-Level Analysis of Arithmetic Module Architectures for Hardware Trojan Susceptibility

Abstract

As the design complexity increases, the attack space for malicious modifications in the design also increases. Attackers in untrusted phases during IC design cycle may embed a Hardware Trojan (HT). Identification of such HT is complex, due to rare triggering nature of the nodes involved in the HT. For analyzing HT susceptibility, it is essential to have knowledge about the high-level signal statistics (mean, variance etc.) of the inputs of a design as this information can identify nets having rarely changing signal values. A random vector based simulation approach fails to accurately model the toggling behavior of the nets in the design and hence cannot be used to study the compromising behavior of a subverted arithmetic module instance in a design. In this paper, we propose an empirical framework for HT susceptibility analysis based on spatially correlated input streams applied to arithmetic module (adder and multiplier) architectures in Digital Signal Processing (DSP) hardware. Empirical analysis for varying input statistics of several adder architectures show that the ripple-carry and carry-lookahead adder have the lowest toggle nets depending on an attacker selectable triggering threshold, hence higher resistance to HT. On the other hand, dadda multiplier outperforms other multiplier architectures. The results indicate that for an IP integrator, HT susceptibility analysis can help choose between alternative architectures for building HT-free designs based on both circuit parameters (e.g. power, performance, and area (PPA)) and toggle behavior.