Is your FPGA bitstream Hardware Trojan-free? Machine learning can provide an answer

Palumbo, Alessandro; Cassano, Luca; Luzzi, Bruno; Hernández, José Alberto; Reviriego, Pedro; Bianchi, Giuseppe; Ottavi, Marco

doi:10.1016/j.sysarc.2022.102543

Search citation statements

Order By: Relevance

Paper Sections

Select...

Citation Types

Supporting

Mentioning

Contrasting

Year Published

2023

2024

Publication Types

Select...

Article3

Other2

Relationship

Self Cite0

Independent5

Authors

Journals

Cited by 11 publications

References 44 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

Self-aware decentralized security for real time approximate computing tasks in FPGA-based edge platforms

Guha

2024

J Supercomput

View full text Add to dashboard Cite

Self-aware decentralized security for real time approximate computing tasks in FPGA-based edge platforms

Guha

2024

J Supercomput

View full text Add to dashboard Cite

Post-configuration Activation of Hardware Trojans in FPGAs

Ahmed,

Wiersema,

Platzner

2024

J Hardw Syst Secur

View full text Add to dashboard Cite

The battle of developing hardware Trojans and corresponding countermeasures has taken adversaries towards ingenious ways of compromising hardware designs by circumventing even advanced testing and verification methods. Besides conventional methods of inserting Trojans into a design by a malicious entity, the design flow for field-programmable gate arrays (FPGAs) can also be surreptitiously compromised to perform successful attacks that result in malfunctions or information leakages. In this paper, we introduce a mechanism for the post-configuration activation of a Trojan that leverages malicious routing so that the attacker can leave the Trojan circuit in an undetectable dormant state even in the generated and transmitted bitstream. The Trojan is designed, for example, by adding an enable signal that is routed to an unused primary input/output of the FPGA or by attaching the payload via one route to the remaining design, and then that new route is disconnected during place-and-route and only re-connected when the FPGA is being programmed. The trigger can thus only be activated once the circuit is on the device, which leaves the Trojan dormant in all verification and pre-silicon testing steps. This Trojan can therefore currently neither be prevented by conventional testing and verification methods nor by bitstream-level verification techniques. Since our method ensures that the malicious circuitry is only active in the field, the approach works also quite well with triggerless (always-on) Trojans that have a negligible impact on the overall area and power consumption of the circuit and can thus easily escape detection by fingerprinting techniques using side-channel analyses.

show abstract

A review of Urban Air Mobility-enabled Intelligent Transportation Systems: Mechanisms, applications and challenges

Wang

Deng

Gui

et al. 2023

Journal of Systems Architecture

View full text Add to dashboard Cite

Is your FPGA bitstream Hardware Trojan-free? Machine learning can provide an answer

Cited by 11 publications

References 44 publications

Self-aware decentralized security for real time approximate computing tasks in FPGA-based edge platforms

Self-aware decentralized security for real time approximate computing tasks in FPGA-based edge platforms

Post-configuration Activation of Hardware Trojans in FPGAs

A review of Urban Air Mobility-enabled Intelligent Transportation Systems: Mechanisms, applications and challenges

Contact Info

Product

Resources

About