Hardware IP Trust Validation: Learn (the Untrustworthy), and Verify

Abstract

Increasing reliance on hardware Intellectual Property (IP) cores in modern system-on-chip (SoC) design flow, often obtained from untrusted vendors distributed across the globe, can significantly compromise the security of SoCs. While the design could be verified for a specified functionality using existing tools, it is extremely hard to verify its trustworthiness to guarantee that no hidden, and possibly malicious function exists in the form of a hardware Trojan. Conventional verification process and tools fail to verify the trust of a third-party IP, primarily due to the lack of trusted reference design or golden models. In this paper, for the first time to our knowledge, we introduce a systematic framework to apply machine learning based classification for hardware IP trust verification. A supervised classifier could be trained for identifying Trojan nets within a suspect IP, but the detection coverage and accuracy are extremely sensitive to the quality of training set available. Furthermore, reliance on a static training database limits the classifier’s ability in detecting new Trojans and facilitates adversarial learning. The proposed framework includes a Trojan insertion tool that dynamically generates a large number of diverse implementations of Trojan classes for creating a robust training set. It is significantly more difficult for an adversary to evade our classifier using known Trojan classes since the tool dynamically samples the entire Trojan population. To further improve the efficiency of the system, we combined three machine learning models into an average probability Voting Ensemble. Our results for two broad classes of Trojan show excellent classification accuracy of 99.69% and 99.88% with F-score of 86.69% and 88.37% for sequential and combinational Trojans, respectively.