A Study On The Hardware Trojan Detection Based On On-Chip Ring Oscillator

Integrated circuits(ICs)are the core of national information industry and network security,which is applied in almost every part of life.However,with the globalization of the ICs industry,chip design companies usually outsource their products to third-party suppliers to save manufacturing costs,which leads to the opportunity for malicious suppliers to implant hardware trojan into chips.Therefore,the secret information of the c hip may be stolen or even completely destroyed under certain circumstances.In order to ensure the security of the chip,the detection method of the hardware trojan is studied in this thesis.The subject of this thesis comes from the project of national ministry.In this thesis,In order to protect the security of the chip,a hardware trojan detection method is proposed based on chip path-delay fingerprinting.The detection method is intended to detect hardware trojan implanted at the layout level,and the method has high detection accuracy for hardware trojan detection.The path delay of the golden model chip is collected to construct the fingerprint of the chip by this detection method,and the delay parameters of the chip under test are compared with the constructed fingerprinting to detect whether the chip under test is implanted into the trojan.To a certain extent,the process variation interferes with the change of path delay and power consumption caused by the trojan horse in the circuit.Therefore,the influence of process variation on hardware trojan detection is analyzed firstly.Three hardware trojans of different sizes are implanted in the s510 circuit of the ISCAS89 benchmark circuit.Hspice is used to analyze the circuit power consumption and path delay at different process corners,and Monte-Carlo method is used to simulate the process variation.The influence of hardware trojans with different characteristics on the power consumption and path delay of the carrier circuit is discussed.The results show that the influence of the hardware trojan on the circuit delay is mainly contributed by its payload.When the scale of Trojan is 1.84%,the influence of hardware trojans on power consumption is covered by process variations,but its influence on the path is still significant.Therefore,in the case of a small trojan scale,the hardware trojan detection method based on path delay has more obvious advantages,and its ability to resist process variations is stronger.Then,the hardware trojan detection method based on path delay fingerprint is investigated.This method measures the delay of the suspicious path by using the designed path delay measurement structure,thereby constructing a series of path delay fingerprints and performing trojan detection on the chip to be tested.Firstly,a random test vector is applied to the gate circuit to find the low active nodes in the circuit,so as to find the suspicious paths in the circuit that may be implanted into the hardware trojan.Secondly,a ring oscillator is constructed using these suspicious paths and return loops.And the oscillation period of the ring oscillator is read out by a counter in the oscillation mode.At the same time,a high precision calibration circuit is designed in order to eliminate the delay of the return loop added by the circuit structure itself.Finally,in order to oscillate the ring oscillator and calibrate the return loop,a transition delay fault model test vector is generated.Finally,the hardware trojan detection method is verified.The s38584 circuit of the ISCAS89 benchmark circuit is used as the carrier circuit,and five differe nt scale trojan circuits in the Trust-Hub trojan library are selected.Meanwhile,Perl scripts are written to simulate process variation,and data collection is done through circuit simulation.Then,the PCA algorithm and the Q uickhull algorithm are used to process the delay data of the golden model chip to generate a fingerprint,and the delay data of the chip to be tested is compared with the constructed fingerprint to detect whether the hardware trojan is implanted in the chip to be tested.The results indicate that compared with the traditional side channel detection method,the advantages of the proposed detection method are:(1)no need to activate the trojan horse;(2)it can achieve accurate positioning of the location of the trojan;(3)The delay of the specific path is measured and is less affected by the process variation.Experiments result show that in the presence of process variation,the hardware trojans with small area can achieve good detection results.The detection method can effectively detect hardware trojans with an area ratio of 0.0532%.