On the feasibility of using evolvable hardware for hardware Trojan detection and prevention

doi:10.1016/j.asoc.2020.106247

Applied Soft Computing

Volume 91, June 2020, 106247

https://doi.org/10.1016/j.asoc.2020.106247 Get rights and content

Highlights

•
We are the first to investigate the use of EH for HTH detection and prevention.
•
We implement a VRC as a virtual overlay architecture on an FPGA for preventing HTHs.
•
We compare two approaches for the generation of new configurations (GP and CGP).
•
We evaluate the overhead of the VRC architecture on an FPGA resources.
•
We discuss the limitations of the proposed solution and the application scenarios.

Abstract

Evolvable hardware (EH) architectures are capable of changing their configuration and behavior dynamically based on inputs from the environment. In this paper, we investigate the feasibility of using EH to prevent Hardware Trojan Horses (HTHs) from being inserted, activated, or propagated in a digital electronic chip. HTHs are malicious hardware components that intend to leak secret information or cause malfunctioning at run-time in the chip in which they are integrated. We hypothesize that EH can detect internal circuit errors at run-time and reconfigure to a state in which the errors are no longer present. We implement a Virtual Reconfigurable Circuit (VRC) on a Field-Programmable Gate Array (FPGA) that autonomously and periodically reconfigures itself based on an Evolutionary Algorithm (EA). New VRC configurations are generated with an on-chip EA engine.

We show that the presented approach is applicable in a scenario in which (1) the HTH-critical areas in the circuit are known in advance, and (2) the VRC is a purely combinatorial circuit, as opposed to the on-chip memory holding the golden reference, which requires one or more cycles to be read/written. We compare two different approaches for protecting the system against HTHs: Genetic Programming (GP) and Cartesian Genetic Programming (CGP). The paper reports on experiments on four benchmark circuits and gives an overview of both the limitations and the added value of the presented approaches.

Introduction

With the rise of the Internet of Things (IoT), electronic chips or integrated circuits (ICs) play an increasingly important role in our society. Often, ICs process sensitive personal or company-critical information. Nevertheless, several steps in the development of ICs are outsourced to different (sometimes untrusted) parties. This opens the door for the manipulation of ICs to extract secret information, e.g., through wireless communication or disabling (parts of) the chip. A malicious building block that is inserted in an IC to cause this undesired behavior is called a Hardware Trojan Horse (HTH).

The potential threat of HTHs was first reported by the US Department of Defense in 2005 [1]. They expressed their concerns on ICs in military applications, mainly related to untrusted foundries and untrusted actors in the supply chain. Although there are no HTHs in ICs reported in real-world applications yet, there are many examples of academic research results, both on injecting and detecting/preventing HTHs. Moreover, there was recently the alarming disclosure of a tiny chip that was added to the motherboard of servers of the company Elemental Technologies [2]. The chip that was not part of the original design of the motherboard creates a secret connection to each network in which the server is included. The fact that Elemental’s servers are massively deployed in US Defense data centers underlines the severity of the matter. Investigations showed that the chips were inserted by Chinese subcontractors during the manufacturing process.

In this paper, we investigate the possibility of using run-time reconfigurable circuits to prevent the insertion, the activation, and the propagation of HTHs. More specifically, we explore solutions based on evolvable hardware (EH) architectures, which are reconfigurable circuits that adapt their behavior dynamically through interactions with the environment. EH concentrates on the generation of efficient electronic circuits through the use of Evolutionary Algorithms (EAs). Originally, EH techniques were proposed for the efficient design of new circuits, i.e., to do a fast exploration of potential circuits with a given functionality at design-time [3]. In this case, the terms “evolutionary circuit design” and “evolved hardware” are also commonly used. Here, we consider the scenario in which the generation of new circuits is done at run-time, adapting to changes in the environment, as proposed in [4] for run-time filter updates in image processing applications.

A popular way of implementing EH architectures is through a Virtual Reconfigurable Circuit (VRC) [5]. This is a circuit that consists of programmable elements with a programmable interconnect. As opposed to commercially available configurable hardware platforms or Field-Programmable Gate Arrays (FPGAs), VRCs can be reconfigured in only one or a few clock cycles based on the direct output of an EA.

The contributions of this paper can be summarized as follows:

•
We are the first to investigate the use of EH for HTH detection and prevention.
•
We implement a VRC as a virtual overlay architecture on an FPGA for preventing HTH insertion, activation, and propagation.
•
We compare two approaches for the generation of new configurations. The first is based on a tree structure using Genetic Programming (GP), while the second one is based on a graph structure using Cartesian Genetic Programming (CGP).
•
We evaluate the overhead in FPGA resources, power consumption, and computational delay for four commonly used hardware circuits, implemented on the VRC architecture.
•
We discuss the limitations of the proposed solution and the application scenarios in which the presented architectures are of interest.

The paper is structured as follows. Section 2 gives the necessary background information on HTHs in digital circuits, evolvable hardware, and VRCs. Section 3 discusses related work on HTH detection and prevention. In Section 4, we propose an FPGA architecture consisting of a VRC and an on-chip EA engine. In Section 5, we evaluate the feasibility of our approach based on four benchmark circuits. Section 6 concludes the paper and gives an outlook on future work.

Section snippets

Hardware Trojan horses in digital circuits

HTHs are malicious circuits that intend to leak secret information, e.g., through wireless communication, or to cause malfunctioning at run-time in the chip in which they are integrated. HTHs can be inserted by untrusted foundries and actors at different stages in the design and development of FPGAs and ASICs (Application-Specific Integrated Circuits). For example, in a chip that needs to communicate over the Internet, the hardware component that takes care of Internet communication at the

HTH prevention and detection

To obtain secure systems, methodologies that incorporate Design for Security (DfS) should be used. Both prevention and detection methods are necessary to prevent adversaries from infecting a system with HTHs.

In the category of prevention techniques, a new TMR structure is introduced in [23], called Adapted Triple Modular Redundancy (ATMR). ATMR uses three different circuits for implementing the same module, relying on the fact that it is highly unlikely that the circuits are all triggered

Proposed HTH prevention/detection method

In this paper, a new method to protect FPGAs from the insertion of HTHs is presented. Our approach uses virtual partial FPGA reconfiguration and implements EAs entirely on the FPGA. We assume that HTHs are inserted in specific subcircuits of the digital architecture, and, therefore, we concentrate on protecting those subcircuits. The criteria for selecting the subcircuits are based on testability and time slack, as explained in Section 2.1, or on the type of building block with respect to the

Evaluation results

This section describes the details of the proposed scheme in this paper through the implementation of four benchmark circuits. The first one is Mem-ctrl, a memory controller from the IWLS benchmark [48] because a desirable place for an attacker to insert an HTH is at the control input of a memory. On this benchmark circuit, we perform an investigation on the use of CGP and GP for HTH protection. We also evaluate the resource occupation and the power consumption of three other benchmark

Conclusions

In this paper, we propose a new protection mechanism against Hardware Trojan Horse (HTH) insertion. The proposed method is based on a Virtual Reconfigurable Circuit (VRC), implemented on a Field-Programmable Gate Array (FPGA). The VRC is reconfigured with an on-chip genetic unit that implements an Evolutionary Algorithm (EA). The VRC is implemented in selected parts of the FPGA that are susceptible to HTH insertion. Through periodic reconfiguration into valid alternative configurations, the VRC

CRediT authorship contribution statement

Mansoureh Labafniya: Software, Writing - original draft, Conceptualization, Methodology. Stjepan Picek: Methodology, Writing - review & editing, Validation. Shahram Etemadi Borujeni: Writing - review & editing, Validation. Nele Mentens: Methodology, Project administration, Supervision, Writing - review & editing, Validation.

Declaration of Competing Interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

References (48)

SwarnalathaA. et al.
Complete hardware evolution based SoPC for evolvable hardware
Appl. Soft Comput.
(2014)
JohnsonA.P. et al.
Remote dynamic partial reconfiguration: A threat to internet-of-things and embedded security applications
Microprocess. Microsyst.
(2017)
Defense Science Board Task Force on High Performance Microchip Supply
(2005)
RobertsonJ. et al.
The big hack: How China used a tiny chip to infiltrate US companies
Bloomberg Businessweek
(2018)
ThompsonA.
An evolved circuit, intrinsic in silicon, entwined with physics
SalvadorR. et al.
Self-reconfigurable evolvable hardware system for adaptive image processing
IEEE Trans. Comput.
(2013)
SekaninaL. et al.
An evolvable combinational unit for FPGAs
Comput. Inform.
(2012)
RajendranJ. et al.
Fault analysis-based logic encryption
IEEE Trans. Comput.
(2015)
SamimiM.S. et al.
Hardware enlightening: No where to hide your hardware trojans!
DupuisS. et al.
A novel hardware logic encryption technique for thwarting illegal overproduction and hardware trojans

TrimbergerS.

Trusted design in FPGAs

DrimerS.

Volatile FPGA design security–a survey

IEEE Comput. Soc. Annu. Vol.

(2008)

EibenA.E. et al.

Introduction to Evolutionary Computing

(2003)

KozaJ.R.

Genetic Programming

(1994)

HollandJ.H.

Adaptation in Natural and Artificial Systems: an Introductory Analysis with Applications to Biology, Control, and Artificial Intelligence

(1992)

MillerJ.F.

An empirical study of the efficiency of learning boolean functions using a Cartesian genetic programming approach

MillerJ.F. et al.

CaRtesian genetic programming

WalkerJ.A. et al.

A multi-chromosome approach to standard and embedded Cartesian genetic programming

KeymeulenD. et al.

Fault-tolerant evolvable hardware using field-programmable transistor arrays

IEEE Trans. Reliab.

(2000)

7 series FPGAs memory resources - user guide

(2019)

LyonsR.E. et al.

The use of triple-modular redundancy to improve computer reliability

IBM J. Res. Dev.

(1962)

Mal-SarkarS. et al.

Design and validation for FPGA trust under hardware trojan attacks

IEEE Trans. Multi-Scale Comput. Syst.

(2016)

LabbafniyaM. et al.

Secure FPGA design by filling unused spaces

ISC Int. J. Inf. Secur.

(2019)

Cited by (9)

Hardware Trojan prevention using memristor technology
2023, Microprocessors and Microsystems
The design of modern integrated circuits includes many steps and different entities providing opportunities to adversaries for Trojan injection or IP (intellectual property) piracy at different design levels. Hardware Trojans and IP piracy are the new realities that must be taken into consideration for trustworthy integrated circuit design. In this work, a new method utilizing memristor technology is presented to implement a configurable layout to obfuscate the design. In the proposed solution, the main design is divided into clusters of sub-circuits in which interconnects between the clusters are not known to anyone other than the designer. The clusters are then connected through configurable memristor switches. In the proposed solution, split manufacturing is not needed, and the integrated circuit/IP core can be fabricated by an untrusted foundry without compromising the security. Moreover, the clustering technique provides direct access to the sub-circuits through the network of configurable switches. This will increase the observability and controllability in the test phase and assists the detection and isolation of possible Trojans.
Evolutionary computation and machine learning in security
2022, GECCO 2022 Companion - Proceedings of the 2022 Genetic and Evolutionary Computation Conference
EA-based Mitigation of Hardware Trojan Attacks in NoC of Coarse-Grained Reconfigurable Arrays
2022, Proceedings - 2022 International Conference on Networking and Network Applications, NaNA 2022
Evolutionary computation and machine learning in cryptology
2021, GECCO 2021 Companion - Proceedings of the 2021 Genetic and Evolutionary Computation Conference Companion
Automatic Hardware Trojan Generation Platforms in Integrated Circuits: A Critical Review
2021, 2021 International Conference of Technology, Science and Administration, ICTSA 2021
Evolutionary computation and machine learning in cryptology
2020, GECCO 2020 Companion - Proceedings of the 2020 Genetic and Evolutionary Computation Conference Companion

View all citing articles on Scopus

View full text