基于提高触发效率的硬件木马检测方法研究

发布时间：2018-12-12 21:22

【摘要】：硬件木马是对集成电路中添加的恶意模块的统称,其目的是使集成电路在特定条件下泄露信息或不能正常工作。集成电路由于自身设计和制造的特点很容易被嵌入硬件木马,例如设计中使用不可信的IP核、EDA工具、库单元,或是制造时送到不可信的代工厂,都有可能引入硬件木马到集成电路中。集成电路的应用涉及到国家安全、通信、金融等重要领域的所有关键设备。如果嵌入硬件木马的集成电路被应用到这些领域可能会引起灾难性后果,所以确保集成电路中不含有硬件木马是十分重要的。为了解决这一问题,本文对如何快速、高效地检测制造阶段嵌入的数字型硬件木马进行了研究。本文首先对硬件木马的触发模型进行分析,得出稀有逻辑值出现概率小和内部节点可控性差是制约硬件木马被触发的两个关键因素。在此基础上,本文提出一种提高硬件木马活性的触发方案：利用集成电路的固有扫描链结构将集成电路分割成以芯片输入、输出和扫描链为边界的组合逻辑块,提高内部节点的可控性；对ATPG生成的备选向量再优化,用于提高稀有逻辑值的出现概率。在提高硬件木马活性的触发方案的基础上,本文设计了一种同时使用逻辑测试法和旁路分析法的硬件木马检测方案。最后分别对硬件木马触发与检测的效果进行了仿真验证。实验结果表明：(1)在基于逻辑测试法的检测方案中,与常用的ATPG技术生成的测试向量相比,本文提出的提高木马活性的触发方案能够以更短的时间触发更多的硬件木马,并且这种优势随着硬件木马触发难度的增加而增加,最多可多触发21.96%的组合触发型硬件木马并缩短97.02%的平均触发时间,多触发33.40%的异步计数器触发型硬件木马并缩短94.20%的平均触发时间。(2)在基于旁路分析法的检测实验中,硬件木马的特征可以明显地被识别出来,并且本文提出的提高硬件木马活性的触发方案能够提高硬件木马相连节点的翻转率,增大硬件木马的动态功耗,使硬件木马的功耗特征更加明显。
[Abstract]:The hardware Trojan is a general term for the malicious modules added in the integrated circuits. The purpose of the Trojan is to make the integrated circuits leak information or not work properly under certain conditions. Integrated circuits are easily embedded in hardware Trojans because of their own design and manufacturing characteristics, such as the use of untrusted IP cores, EDA tools, library units, or delivery to untrusted consignors during manufacture. It is possible to introduce hardware Trojans into integrated circuits. The application of integrated circuits involves all the key equipment in important fields such as national security, communication, finance and so on. If integrated circuits embedded in hardware Trojans are applied to these fields, they may have disastrous consequences, so it is very important to ensure that the integrated circuits do not contain hardware Trojans. In order to solve this problem, this paper studies how to detect the digital hardware Trojan embedded in manufacturing phase quickly and efficiently. This paper first analyzes the trigger model of the hardware Trojan horse and concludes that the low probability of rare logic value and the poor controllability of internal nodes are the two key factors restricting the trigger of the hardware Trojan horse. On this basis, this paper proposes a trigger scheme to improve the activity of the hardware Trojan: the integrated circuit is divided into a combinational logic block with the input, output and scan chains as the boundary by using the inherent scan chain structure of the integrated circuit. Improving the controllability of internal nodes; The alternative vectors generated by ATPG are optimized to increase the probability of occurrence of rare logic values. Based on the trigger scheme of improving the activity of the hardware Trojan horse, this paper designs a hardware Trojan horse detection scheme using both logic test and bypass analysis. Finally, the effect of trigger and detection of hardware Trojan horse is simulated and verified. The experimental results show that: (1) in the detection scheme based on logic test, compared with the test vector generated by ATPG technology, the trigger scheme proposed in this paper can trigger more Trojan horses in a shorter time. And this advantage increases with the increase of the trigger difficulty of the hardware Trojan, and can trigger up to 21.96% of the combined trigger hardware Trojan and shorten the average trigger time of 97.02%. The multi-trigger 33.40% asynchronous counter triggers the hardware Trojan and shortens the average trigger time by 94.20%. (2) in the detection experiment based on bypass analysis, the characteristics of the hardware Trojan can be clearly recognized. Furthermore, the trigger scheme proposed in this paper can improve the turnover rate of the connected nodes of the hardware Trojan, increase the dynamic power consumption of the hardware Trojan, and make the power characteristics of the hardware Trojan more obvious.
【学位授予单位】：大连理工大学
【学位级别】：硕士
【学位授予年份】：2015
【分类号】：TP309;TN405

【参考文献】