Hardware Trojan Detection Using the Order of Path Delay

Abstract

Many fabrication-less design houses are outsourcing their designs to third-party foundries for fabrication to lower cost. This IC development process, however, raises serious security concerns on Hardware Trojans (HTs). Many design-for-trust techniques have been proposed to detect HTs through observing erroneous output or abnormal side-channel characteristics. Side-channel characteristics such as path delay have been widely used for HT detection and functionality verification, as the changes of the characteristics of the host circuit incurred by the inserted HT can be identified through proper methods. In this article, for the first time, we propose a two-phase technique, which uses the order of the path delay in path pairs to detect HTs. In the design phase, a full-cover path set that covers all the nets of the design is generated; meanwhile, in the set, the relative order of paths in path pairs is determined according to their delay. The order of the paths in path pairs serves as the fingerprint of the design. In the test phase, the actual delay of the paths in the full-cover set is extracted from the fabricated circuits, and the order of paths in path pairs is compared with the fingerprint generated in the design phase. A mismatch between them indicates the existence of HTs. Both process variations and measurement noise are taken into consideration. The efficiency and accuracy of the proposed technique are confirmed by a series of experiments, including the examination of both violated path pairs incurred by HTs and their false alarm rate.