Abstract
Due to the global supply of semiconductor intellectual property (IP) cores, modern system-on-chip (SoC) designs are vulnerable to malicious functionality, referred to as hardware Trojans. Hardware Trojans are inserted to bypass the security mechanisms in a SOC or cause confidentiality, integrity, and availability violations. There is an increased emphasis on finding effective solutions to generate tests to activate Trojans in hardware designs (if any) in third party IPs. However, state-of-the-art approaches suffer from ineffectiveness in detection and scalability. In this paper, we propose SymbA that utilizes symbolic execution at C/C++ level to activate malicious functionality hidden in RTL designs. SymbA is based on mapping of RTL design to C level and leveraging the existing powerful software-level symbolic execution engine to generate tests. SymbA maps back the generated tests to RTL and checks if the hidden Trojans have been activated. In this paper, we use KLEE Symbolic Execution Engine and show the efficiency of SymbA by applying it to a number of Trust-Hub benchmarks. SymbA improves the existing state-of-the-art techniques significantly with regard to performance, coverage and memory usage.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
