Research On Hardware Trojan Detection Based On SC-SP Side Channel Detection Method

With the rapid development of integrated circuit,chip security issues are receiving more and more attention.Due to the unstoppable trend of the globalization of the integrated circuit industry chain,many chip companies have separated the design and manufacturing for economic benefit,which has led to a sharp increase in the possibility of chips being implanted into hardware Trojans.Hardware Trojans can cause serious damage to the chip.Therefore,the detection of hardware Trojans plays a crucial role in chip security in the information age.The subject of this thesis comes from the project of national ministry.Aiming at the above hardware trojan detection problem,this thesis proposes a hardware trojan detection method with low overhead,high coverage and high precision suitable for large-scale integrated circuits,and establishes a complete detection process.The detection method first implants a path delay detection structure at the early stage of chip design,and then uses the delay detection structure to extract the delay feature in the gold model as a watermark,and finally compares the delayed feature of the chip to be tested with the watermark of golden model.The method overcomes the problem that the traditional side channel detection method requires a lot of effort to activate the Trojan.Due to the shortcomings of the Faster-than-at-speed sweeping delay measurement method and the shadow register structure delay measurement method,this thesis combines this two delay measurement method,and proposes a method suitable for large scale integrated circuits which can detect the delay of the unobservable internal path in the circuit.The specific implementation of the SC-SP method is that,due to the limitation of the on-chip and off-chip test clocks,a delay measurement method based on the Faster-than-at-speed sweeping is applied to the long path that can be applied to the maximum frequency of the chip.and then performs a fragile net search on the short path that the Faster-than-at-speed sweeping method cannot cover.The improved shadow register delay detection structure in this thesis is added to the net.The SC-SP delay detection method proposed in this thesis can be applied to each stage of the large-scale integrated circuit life cycle.In this paper,the influence of the location and scale of the hardware Trojan's payload and activation mechanism on the circuit delay is mathematically simulated.The experimental results show that the hardware Trojan detection method based on delay characteristics has better detecting performance for changing functional Trojans which payload gate is connected in the circuit.In order to verify the proposed method,this thesis firstly uses C language to realize the weak net search and automatic addition of on-chip delay structure,and then implants three different types of Trojans on ISCAS'89 s38417 circuit.Logical synthesis,scan chain insertion,physical design,and fault test vector generation are then performed on the Trojan circuit and the genuine circuit with the detection structure.Finally,this thesis uses Perl to simulate the process variation and preprocesses the result data using C language.For the problem that the data dimension of chip delay feature is too high,this thesis uses the Matlab to realize the MDS algorithm to statistically analyze the watermark of the Trojan chip and the genuine chip,and then use the Quickhull algorithm to construct the watermark of the Trojan chip into a convex hull.Therefore,whether the hardware Trojan exists in the circuit is determined according to whether the feature point of the Trojan chip is far away from the convex hull.The final experimental results show that the detection method has a good detection effect on the explicit payload Trojan and large-scale Trojans,and a Trojan near the input and output node of the scan register is more easily to be detected.