Analysis Of Concealment Technology Of Functional Hardware Trojan Based On Design Constraints

The hardware Trojan discovered in the past ten years or so has maliciously modified the chip at different stages of the integrated circuit design process,subverting the traditional perception that electronic device security is only related to software systems.In the context of the global economy,chip design and manufacturing are increasingly dependent on thirdparty entities,providing more possibilities for hardware Trojan attacks.Looking back on China,on the one hand,with the continuous innovation of artificial intelligence and other technologies,it has provided a good opportunity for the development of the chip industry.On the other hand,the serious backwardness of high-end chips,advanced manufacturing,electronic design automation tools and other fields reflects the fact that China's chip autonomous controllability needs to be strengthened urgently.Facing the coexistence of challenges and opportunities,more attention should be paid to the new security issues brought about by hardware Trojans.Although a lot of research has been done in this area on the research of countermeasures for hardware Trojans,there are few studies on hardware Trojan design.At the same time,the implementation of the hardware Trojan is more traditional,it cannot fully reflect the urgency of the security problems it brings,and it is difficult to make innovative progress in the research of the hardware Trojan countermeasure.Aiming at the above problems,the design constraints in the design goals of functional hardware Trojans that can maliciously tamper with the original functions of the circuit are focused in this thesis.Taking the most important how to obtain the best concealment effect as the starting point,four functional hardware Trojan concealment technology are proposed.First,analyze the existing functional hardware Trojan coding styles,and on this basis,propose a coding style based on spatial distribution to maximize the use of existing resources of the original circuit or combine the working characteristics of the original circuit;Secondly,for the case where the logic test method in the hardware Trojan countermeasures only focuses on low-probability nodes during circuit modification or test vector generation,a low-trigger-rate technology based on high and low probability nodes is proposed.The method of obtaining node probability and combination probability required by this technology is analyzed in detail.The purpose is to get rid of the complete dependence on low probability nodes and further reduce the trigger rate of functional hardware Trojans;Thirdly,considering the use of high and low probability nodes to form a functional hardware Trojan,although it can reduce the trigger rate,the attacker cannot trigger it at any time while the circuit is running.Therefore,a highly controllable technology that introduces an analog capacitive hardware Trojan is proposed;Fourthly,the low-power design technology of various functional hardware Trojans in the implementation process is analyzed.For hardware Trojans based on counter,two-stage cascade is used to reduce dynamic power consumption.Using the above concealment technology,the OpenMIPS processor is taken as the target circuit in this thesis to design four types of 11 functional hardware Trojans.They are hardware Trojan which can tamper program counter register,hardware Trojan which can generate timer interrupts,hardware Trojan which can force reset and hardware Trojan which can make the data forwarding in the pipeline fail.EDA tools is used to verify the logic function of the design in this thesis.The results show that all functional hardware Trojans can achieve the expected results and have a small impact on the area and power consumption of the target circuit.Besides,the application effect of concealment technology is analyzed.For the first point,when designing a functional hardware Trojan using spatial distribution coding style,compared with the existing coding style,the FSM coverage of the target circuit is increased by 36.63%.At the same time,condition,branch,toggle,and line coverage are closer to the original target circuit;For the second point,compared to the functional hardware Trojan implemented using only low probability nodes,the trigger rate of functional hardware Trojan implemented using high and low probability nodes is reduced by up to 87.5%;For the third point,the trigger time and recovery time of the analog side under various temperatures and voltages were simulated to explore the applicable range of the highly controllable technology;For the fourth point,the results show that the power consumption of the hardware Trojan based on counter can be reduced by a two-stage cascade,and the dynamic power consumption of the trigger can be reduced by up to 24.55%.The possible future countermeasures for each concealment technology are also analyzed at the end of this thesis.