We demonstrate a novel technique that employs transistor short-term aging effects in integrated circuits (ICs) to detect hardware Trojans in embedded systems. In advanced technology nodes (≤ 45 nm), voltage scaling in combination with short-term aging opens doors for short-term degradations. The induced short-term degradations result in dynamic variation of delays along various paths within the IC. Aging degradation generated under fast voltage switching from high to low results in bit errors at the circuit output. Our experiments use short-term aging-aware standard cell libraries to show the effectiveness of short-term aging to detect hardware Trojans. We extract a rich set of features that capture bit error patterns at the outputs of the IC. We use a one class SVM-based classifier that uses these features to learn the distribution of bit errors at the outputs of a clean IC. We discern the deviation in the pattern of bit errors due to a Trojan in the IC from the baseline distribution. To reiterate, the method uses the model of a clean IC. Furthermore, it is robust against chip-to-chip variations. We illustrate the technique on six Trojans from Trust-Hub spanning two cryptographic chips and an embedded PIC microcontroller. Our approach detects Trojans with an accuracy ≥ 95%. It is easier to detect Trojans in an optimized-netlist circuit as more paths are close to the critical path. Even when the circuit is not optimized (i.e., when very few paths are close to the critical path), short-term aging plus mild overclocking can detect Trojans with high accuracy.
Read full abstract