The need for metrics for quantifying trustworthiness of electronic hardware against diverse threats on its integrity and confidentiality has greatly increased due to the increasing reliance on the untrusted global supply chain. Hardware Trojans, or malicious design alterations, has emerged as a major threat to hardware integrity and garnered significant interest in recent times due to its catastrophic potential. Effective protection against hardware Trojan attacks, however, requires well-defined metrics, which fall into two broad classes: 1) measure of a design’s vulnerability to Trojan insertion and 2) measure of effectiveness of a defense solution—a design or verification/test approach—against Trojan attacks, which is often represented as Trojan coverage. The former is important to assess the level of difficulty an adversary would encounter to insert a hard-to-detect Trojan. Previous efforts have assigned vulnerability as a function of the number of suspect nets identified in a design or are required to enumerate a subspace of Trojans. However, these values simplify the problem of hardware Trojan insertion and leave much of the subsequent analysis regarding the viable Trojan space unmeasured. In this article, we address this critical gap by presenting Trojan vulnerability factor ( TVF), a metric for quantifying a design’s vulnerability to Trojan insertion via maximal clique analysis. With such analysis, we can frame the threat to more accurately represent the Trojan behavior and quantify the level of effort required for a designer to cover these Trojan triggers without needing to directly consider Trojan trigger sizes. We also introduce soft thresholding to account for suspect nets, which lie at the boundary of a design. Experimental results highlight the benefits of the proposed approach over existing Trojan vulnerability metrics. Finally, we demonstrate scalability to large designs through partitioning and clique sampling-based estimations.
Read full abstract