Research On Hardware Trojans Defense Module In Ethernet Switch SoC And Implementation Of TRNG Design

In recent years,with the distributed development of integrated circuit IC industry under the control of cost,the three process of IC flow including design,manufacturing and testing have formed their respective industries.At the same time,due to the on-chip system(SoC)design methods,a modular integration method is also formed on the integrated circuit design.Therefore,the design process of a large chip will be inevitably involved by the integration process of multiple companies or industry chains.In such a situation,attackers can inject hardware faults at all levels,forming a hardware implant attack in the form of hardware Trojans,which makes the chip's credible security issue subject to severe examination.Especially at the national security level,the facilities system,including equipment chips in the areas of administration,educ ation,and public services,must have higher security requirements.The project of this paper is aimed at designing an autonomous,trustworthy,safe and controllable Ethernet switch with active resistance to attack in combination with the academic community and industry.Therefore,this paper proposes an active defense technology for hardware Trojans:anti-cooperation technique.By analyzing the hardware Trojan attack model,the anti-cooperation technique for the data stream in the hardware can cut off the connection between trigger information added by the attacker in the data stream and the trigger logic added b y the attacker in the hardware.So that the hardware Trojan cannot be triggered normally,to achieve the initiative to resist the hardware Trojans.At the same time,this paper also gives the design criteria and related performance parameters of the anti-cooperation module.Afterwards,for an Ethernet switch,the anti-cooperation module of its frame data payload part is designed and the anti-attack capability of this module against multiple types of Trojan trigger patterns is simulated through experiments.The hardware implementation of the anti-cooperation module is completed,and the structure of the 8-stage pipeline is used to access the message memory interface of the switch with a main clock frequency of 400MHz.In the process of designing the anti-cooperation module,a module call of a true random number generator circuit is involved.A true random number generator is a module that can generate unpredictable properties output number with a strong random distribution.It usually uses a natural random phenomenon to extract the entropy source that generates a random number.The true random number generator implemented in the circuit mainly utilizes circuit noise or circuit metastable phenomenon.This thesis is based on the true random number generator of the asynchronous ring oscillator structure.It improves the true random number generator of the asynchronous ring oscillator structure by analyzing the source of the entropy source generated by the circuit structure.At the same time,the true random number generator of the traditional ring oscillator structure is also implemented in the FPGA.Comparing the implementation on the platform,the performance of the two was compared under the evaluation criteria based on the NIST sp800 random sequence detection standard.At the same time,in order to better realize and verify the improved true random number generator of asynchronous ring oscillator structure,this paper implements it on HHGrace 0.13μm process platform,and carries out simulation verification and layout design.The core layout area of the circuit chip can be achieved at least 60x60μm~2,and has been submitted to tape out.On the process platform,the implementation of the traditional ring oscillator true random number generator is also compared.Both two parts of the above have laid a good foundation for the support projects of this article.