硬件木马的十年：从攻击者的角度进行的调查

IF 1.1 4区计算机科学 Q4 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

IET Computers and Digital Techniques Pub Date : 2020-09-30 DOI:10.1049/iet-cdt.2020.0041

Mingfu Xue, Chongyan Gu, Weiqiang Liu, Shichao Yu, Máire O'Neill

{"title":"硬件木马的十年：从攻击者的角度进行的调查","authors":"Mingfu Xue, Chongyan Gu, Weiqiang Liu, Shichao Yu, Máire O'Neill","doi":"10.1049/iet-cdt.2020.0041","DOIUrl":null,"url":null,"abstract":"<div>\n <p>Hardware Trojan detection techniques have been studied extensively. However, to develop reliable and effective defenses, it is important to figure out how hardware Trojans are implemented in practical scenarios. The authors attempt to make a review of the hardware Trojan design and implementations in the last decade and also provide an outlook. Unlike all previous surveys that discuss Trojans from the defender's perspective, for the first time, the authors study the Trojans from the attacker's perspective, focusing on the attacker's methods, capabilities, and challenges when the attacker designs and implements a hardware Trojan. First, the authors present adversarial models in terms of the adversary's methods, adversary's capabilities, and adversary's challenges in seven practical hardware Trojan implementation scenarios: in-house design team attacks, third-party intellectual property vendor attacks, computer-aided design tools attacks, fabrication stage attacks, testing stage attacks, distribution stage attacks, and field-programmable gate array Trojan attacks. Second, the authors analyse the hardware Trojan implementation methods under each adversarial model in terms of seven aspects/metrics: hardware Trojan attack scenarios, the attacker's motivation, feasibility, detectability (anti-detection capability), protection and prevention suggestions for the designer, overhead analysis, and case studies of Trojan implementations. Finally, future directions on hardware Trojan attacks and defenses are also discussed.</p>\n </div>","PeriodicalId":50383,"journal":{"name":"IET Computers and Digital Techniques","volume":"14 6","pages":"231-246"},"PeriodicalIF":1.1000,"publicationDate":"2020-09-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1049/iet-cdt.2020.0041","citationCount":"30","resultStr":"{\"title\":\"Ten years of hardware Trojans: a survey from the attacker's perspective\",\"authors\":\"Mingfu Xue, Chongyan Gu, Weiqiang Liu, Shichao Yu, Máire O'Neill\",\"doi\":\"10.1049/iet-cdt.2020.0041\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div>\\n <p>Hardware Trojan detection techniques have been studied extensively. However, to develop reliable and effective defenses, it is important to figure out how hardware Trojans are implemented in practical scenarios. The authors attempt to make a review of the hardware Trojan design and implementations in the last decade and also provide an outlook. Unlike all previous surveys that discuss Trojans from the defender's perspective, for the first time, the authors study the Trojans from the attacker's perspective, focusing on the attacker's methods, capabilities, and challenges when the attacker designs and implements a hardware Trojan. First, the authors present adversarial models in terms of the adversary's methods, adversary's capabilities, and adversary's challenges in seven practical hardware Trojan implementation scenarios: in-house design team attacks, third-party intellectual property vendor attacks, computer-aided design tools attacks, fabrication stage attacks, testing stage attacks, distribution stage attacks, and field-programmable gate array Trojan attacks. Second, the authors analyse the hardware Trojan implementation methods under each adversarial model in terms of seven aspects/metrics: hardware Trojan attack scenarios, the attacker's motivation, feasibility, detectability (anti-detection capability), protection and prevention suggestions for the designer, overhead analysis, and case studies of Trojan implementations. Finally, future directions on hardware Trojan attacks and defenses are also discussed.</p>\\n </div>\",\"PeriodicalId\":50383,\"journal\":{\"name\":\"IET Computers and Digital Techniques\",\"volume\":\"14 6\",\"pages\":\"231-246\"},\"PeriodicalIF\":1.1000,\"publicationDate\":\"2020-09-30\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://sci-hub-pdf.com/10.1049/iet-cdt.2020.0041\",\"citationCount\":\"30\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"IET Computers and Digital Techniques\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://onlinelibrary.wiley.com/doi/10.1049/iet-cdt.2020.0041\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Computers and Digital Techniques","FirstCategoryId":"94","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1049/iet-cdt.2020.0041","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 30

摘要

硬件特洛伊木马检测技术已被广泛研究。然而，要开发可靠有效的防御系统，重要的是要弄清楚硬件特洛伊木马是如何在实际场景中实现的。作者试图对近十年来硬件特洛伊木马的设计和实现进行回顾，并对其进行展望。与之前所有从防御者角度讨论特洛伊木马的调查不同，作者首次从攻击者的角度研究特洛伊木马，重点关注攻击者在设计和实现硬件特洛伊木马时的方法、能力和挑战。首先，作者在七个实际的硬件特洛伊木马实现场景中，从对手的方法、对手的能力和对手的挑战方面提出了对抗性模型：内部设计团队攻击、第三方知识产权供应商攻击、计算机辅助设计工具攻击、制造阶段攻击、测试阶段攻击、分发阶段攻击，以及现场可编程门阵列特洛伊木马攻击。其次，作者从硬件特洛伊木马攻击场景、攻击者的动机、可行性、可检测性（抗检测能力）、设计者的保护和预防建议、开销分析和特洛伊木马实施案例研究七个方面/指标分析了每种对抗性模型下的硬件特洛伊木马实施方法。最后，还讨论了硬件特洛伊木马攻击和防御的未来方向。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

Ten years of hardware Trojans: a survey from the attacker's perspective

查看原文本刊更多论文

Ten years of hardware Trojans: a survey from the attacker's perspective

Hardware Trojan detection techniques have been studied extensively. However, to develop reliable and effective defenses, it is important to figure out how hardware Trojans are implemented in practical scenarios. The authors attempt to make a review of the hardware Trojan design and implementations in the last decade and also provide an outlook. Unlike all previous surveys that discuss Trojans from the defender's perspective, for the first time, the authors study the Trojans from the attacker's perspective, focusing on the attacker's methods, capabilities, and challenges when the attacker designs and implements a hardware Trojan. First, the authors present adversarial models in terms of the adversary's methods, adversary's capabilities, and adversary's challenges in seven practical hardware Trojan implementation scenarios: in-house design team attacks, third-party intellectual property vendor attacks, computer-aided design tools attacks, fabrication stage attacks, testing stage attacks, distribution stage attacks, and field-programmable gate array Trojan attacks. Second, the authors analyse the hardware Trojan implementation methods under each adversarial model in terms of seven aspects/metrics: hardware Trojan attack scenarios, the attacker's motivation, feasibility, detectability (anti-detection capability), protection and prevention suggestions for the designer, overhead analysis, and case studies of Trojan implementations. Finally, future directions on hardware Trojan attacks and defenses are also discussed.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

IET Computers and Digital Techniques 工程技术-计算机：理论方法

CiteScore

3.50

自引率

0.00%

发文量

审稿时长

>12 weeks

期刊介绍： IET Computers & Digital Techniques publishes technical papers describing recent research and development work in all aspects of digital system-on-chip design and test of electronic and embedded systems, including the development of design automation tools (methodologies, algorithms and architectures). Papers based on the problems associated with the scaling down of CMOS technology are particularly welcome. It is aimed at researchers, engineers and educators in the fields of computer and digital systems design and test. The key subject areas of interest are: Design Methods and Tools: CAD/EDA tools, hardware description languages, high-level and architectural synthesis, hardware/software co-design, platform-based design, 3D stacking and circuit design, system on-chip architectures and IP cores, embedded systems, logic synthesis, low-power design and power optimisation. Simulation, Test and Validation: electrical and timing simulation, simulation based verification, hardware/software co-simulation and validation, mixed-domain technology modelling and simulation, post-silicon validation, power analysis and estimation, interconnect modelling and signal integrity analysis, hardware trust and security, design-for-testability, embedded core testing, system-on-chip testing, on-line testing, automatic test generation and delay testing, low-power testing, reliability, fault modelling and fault tolerance. Processor and System Architectures: many-core systems, general-purpose and application specific processors, computational arithmetic for DSP applications, arithmetic and logic units, cache memories, memory management, co-processors and accelerators, systems and networks on chip, embedded cores, platforms, multiprocessors, distributed systems, communication protocols and low-power issues. Configurable Computing: embedded cores, FPGAs, rapid prototyping, adaptive computing, evolvable and statically and dynamically reconfigurable and reprogrammable systems, reconfigurable hardware. Design for variability, power and aging: design methods for variability, power and aging aware design, memories, FPGAs, IP components, 3D stacking, energy harvesting. Case Studies: emerging applications, applications in industrial designs, and design frameworks.