Rescuing Hardware from malware attacks is a great challenge today. Moreover detecting the presence of malicious intrusion using low-cost techniques is very challenging especially when it is believed that hardware Trojans are integrated into the rarely excited nodes. Though logical testing is admitted to be the accurate way to check the functional correctness of the circuit, the method becomes inefficient for circuits requiring humongous number of test patterns to activate the hardware trojan. This paper proposes a probabilistic approach to generate a set of test patterns that activate the Trojan explicitly by observing the incorrect responses to the applied test patterns. Our experimental result in ISCAS’85 benchmark circuits show that the test patterns generated by our approach enclose all nets where there is a high chance for trojan insertion. We stress that though our results are circuit specific, the proposed approach is generic and hence it can be applied to any digital circuit. In fact, we demonstrate that for the C880 circuit, our approach requires only 217 inputs to be tested whereas the naive approach needs 260 test patterns. In addition to the experimental results, we use a game-theoretic framework to show the effectiveness of our approach in generating trojan activating test patterns compared to naive and ATPG testing process.
Read full abstract