Thwarting Security Threats From Malicious FPGA Tools With Novel FPGA-Oriented Moving Target Defense

Abstract

The increasing usage and popularity of the field-programmable gate array (FPGA) systems bring in security concerns. Existing countermeasures are mostly based on the assumption that the computer-aided design (CAD) tools for FPGA configuration are trusted. Unfortunately, this assumption does not always hold. In this paper, we investigate the potential security threats originated from the untrusted CAD tools. Furthermore, we exploit the principle of moving target defense (MTD) to propose an FPGA-oriented MTD (FOMTD) method. The three defense lines in the FOMTD generate uncertainties, from the attacker’s point of view, to thwart hardware Trojan insertion attacks. The theoretical upper bound of the hardware Trojan hit rate for each defense line is provided in this paper. Experimental results show that the proposed defense line 2 and defense line 3 reduce the Trojan hit rate by up to 40% and 91%, respectively, for the scenario where the malicious CAD tool can insert Trojans in the occupied FPGA slices. The proposed gate replacement technique in the defense line 3 further improves the attack resilience and obtains 88% reduction on the Trojan hit rate. Compared to the static redundancy-based Trojan detection method, the proposed method achieves better resilience against Trojan insertions and consumes 50% less dynamic power.