TruDetect: Trustworthy Deep-Learning based Hardware Trojan Detection
Lead Research Organisation:
Queen's University Belfast
Department Name: Sch of Electronics, Elec Eng & Comp Sci
Abstract
The modern semiconductor supply chain uses overseas foundries, third-party IP and third-party test facilities. However, with so many different untrusted entities, this design and fabrication outsourcing has exposed silicon chips to a range of hardware-based security threats such as counterfeiting, IP piracy, reverse engineering and hardware Trojans (HT).
A hardware Trojan is a malicious modification of a circuit in order to control, modify, disable, monitor or affect the operation of the circuit. Although there have been no public reports of HTs detected in practice, in 2020, the cybersecurity company F-Secure published a report on their investigation into a pair of counterfeit Cisco Catalyst 2960-X series switches . While these devices did not have back-door functionality, they did employ measures to bypass processes that authenticate system components and F-Secure stated that motivated attackers use the same approach to insert hardware trojans to stealthily backdoor companies.
Such hardware threats are major security threats for safety-critical and embedded systems applications, for e.g in the medical, automotive or transport sectors. Due to the nature of this clandestine industry, it is very difficult to ascertain the true scale of the problem. However, in recent years both the sovereignty and cyber security of the semiconductor supply chain have become significant concerns for many countries.
The recently published EU Cyber Resilience Act (September 2022) outlines essential cybersecurity requirements for products with digital elements and states that such produced ''shall be delivered without any known exploitable vulnerabilities'. In addition, the 2022 National Cyber Strategy 2022 outlines the need to 'ensure that wherever possible the next generation of connected technologies are designed, developed and deployed with security and resilience in mind and ... embrace a 'secure by design' approach'.
The overall goal of the TruDetect project is to develop a trustworthy DL-based HT detection system that can be easily integrated into a security verification framework in EDA tools. This will include the design of novel countermeasures that ensure trustworthiness of the DL-based HT detection system against adversarial HTs and the use of Explainable AI to offer a comprehensive analysis of the DL system behaviour.
A hardware Trojan is a malicious modification of a circuit in order to control, modify, disable, monitor or affect the operation of the circuit. Although there have been no public reports of HTs detected in practice, in 2020, the cybersecurity company F-Secure published a report on their investigation into a pair of counterfeit Cisco Catalyst 2960-X series switches . While these devices did not have back-door functionality, they did employ measures to bypass processes that authenticate system components and F-Secure stated that motivated attackers use the same approach to insert hardware trojans to stealthily backdoor companies.
Such hardware threats are major security threats for safety-critical and embedded systems applications, for e.g in the medical, automotive or transport sectors. Due to the nature of this clandestine industry, it is very difficult to ascertain the true scale of the problem. However, in recent years both the sovereignty and cyber security of the semiconductor supply chain have become significant concerns for many countries.
The recently published EU Cyber Resilience Act (September 2022) outlines essential cybersecurity requirements for products with digital elements and states that such produced ''shall be delivered without any known exploitable vulnerabilities'. In addition, the 2022 National Cyber Strategy 2022 outlines the need to 'ensure that wherever possible the next generation of connected technologies are designed, developed and deployed with security and resilience in mind and ... embrace a 'secure by design' approach'.
The overall goal of the TruDetect project is to develop a trustworthy DL-based HT detection system that can be easily integrated into a security verification framework in EDA tools. This will include the design of novel countermeasures that ensure trustworthiness of the DL-based HT detection system against adversarial HTs and the use of Explainable AI to offer a comprehensive analysis of the DL system behaviour.
