CN104951698B - The circuit safety design for Measurability method of inactive hardware Trojan horse and the detection method to hardware Trojan horse can be detected - Google Patents
The circuit safety design for Measurability method of inactive hardware Trojan horse and the detection method to hardware Trojan horse can be detected Download PDFInfo
- Publication number
- CN104951698B CN104951698B CN201510355088.3A CN201510355088A CN104951698B CN 104951698 B CN104951698 B CN 104951698B CN 201510355088 A CN201510355088 A CN 201510355088A CN 104951698 B CN104951698 B CN 104951698B
- Authority
- CN
- China
- Prior art keywords
- circuit
- trojan horse
- hardware trojan
- security test
- under
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/567—Computer malware detection or handling, e.g. anti-virus arrangements using dedicated hardware
Abstract
The circuit safety design for Measurability of inactive hardware Trojan horse and the detection method to hardware Trojan horse can be detected the present invention relates to a kind of.Original circuit design and checking are completed first.Secondly it is circuit increase security test pattern, the clock frequency under the pattern is far smaller than circuit work frequency, and completes the design works such as corresponding comprehensive, placement-and-routing, Time-Series analysis.Then the safety in utilization test pattern during chip testing, by using security test clock of the frequency well below functional clock, to reduce dynamic power consumption during whole circuit operation, the ratio accounted in power consumption is consumed in whole circuit so as to improve quiescent dissipation caused by idle condition hardware Trojan horse, so as to realize to this kind of detection in dormant hardware Trojan horse.
Description
Technical field
The present invention relates to a kind of circuit safety design for Measurability method that can detect inactive hardware Trojan horse and to hardware wood
The testing process of horse, it is especially a kind of by adding additional circuit so that hardware Trojan horse is easier quilt in circuit design stage
The design method and testing process detected, it is especially suitable for the hardware Trojan horse of detection for a long time in a dormant state.
Background technology
As IC industry is towards the trend development of global cooperation, in IC industrial chain link, have more next
More third parties participates in so that integrated circuit is more and more with factor uncontrolled in manufacturing process in design, thus triggers
To the worry of Research on Integrated Circuit Security.Due to the participation of the uncontrolled link of third party, integrated circuit is in design and manufacturing process
In be easy to by malicious modification, and be implanted hardware Trojan horse.The meeting that these hardware Trojan horses have changes the function of circuit, reduces electricity
The performance on road, shortens the life-span of circuit, or even the confidential information inside the meeting leakage circuit having, so as to have a strong impact on integrated circuit
And the security of the Informationization Equipment using the integrated circuit, such as Snowdon prism door event.
There is the research of the detection method of many hardware Trojan horses that is directed to and may contain in integrated circuit both at home and abroad at present.
Most study is that detection technique based on bypass analysis and logic-based are tested in current hardware Trojan horse detection method
Detection technique.Detection based on bypass analysis mainly utilizes bypass message during chip operation(Such as electromagnetic radiation, electric current or
The information such as circuit delay)To be detected to hardware Trojan horse.Its principle is because the hardware Trojan horse being implanted into circuit can be to chip
By-passing signal, such as electric current, frequency or path delay have an impact, thus by observe chip by-passing signal and with original core
The bypass message of piece is made comparisons, and then detects the presence for whether having hardware Trojan horse in chip.The hardware wood of logic-based test
Horse detects, and the method mainly tested by function and result, that is, produces various test vectors, by observe test to
Whether the output of amount meets that desired value comes inside decision circuitry whether contain hardware Trojan horse.
Above-mentioned two classes method can detect, but be dependent on to certain a kind of specific hardware Trojan horse to a certain extent
Hardware Trojan horse or hardware Trojan horse is needed to be constantly in working condition so as to influence circuit power consumption and frequency relation in needing to trigger,
And the information such as path delay.But for hardware Trojan horse for a long time in a dormant state, above-mentioned two classes method is more difficult to be had
The detection of effect.
The content of the invention
It is an object of the invention to overcome the deficiencies in the prior art, there is provided one kind can detect difficult flip-over type hardware wood
The circuit safety design for Measurability method of horse, and the detection side to hardware Trojan horse according to the circuit safety design method
Method.The technical solution adopted by the present invention is::
A kind of circuit safety design for Measurability method that can detect inactive hardware Trojan horse, comprises the following steps:
A) Functional Design and the checking of circuit, are completed;
B), according to certain rule, a clock frequency lower than ifq circuit working frequency is determined, is surveyed as security
Clock frequency under die trial formula;
C), by configuring an internal register come the normal mode of operation of selection circuit or security test pattern,
And to should be user invisible for the register address;
D) the circuit rear end design works such as synthesis, scan chain insertion, placement-and-routing, Time-Series analysis, are completed, ensure that circuit exists
Timing closure under normal mode of operation and security test pattern;
E) vector of functional test, is used for security test pattern, ensures circuit under security test pattern, function
Test vector can also pass through.
Further, step b) determines that the clock frequency of security test pattern has the rule of following several respects:
B1 reduced dynamic power consumption value), is wanted according to circuit and determines security test clock frequency;
B2), the ratio-dependent security test clock frequency accounted for according to raising quiescent dissipation is wanted in overall power;
B3), the minimum clock frequency determination for meeting to require along quality according to clock can be obtained;
B4), minimum clock frequency cannot be below the circuit determined by information such as the manufacturing process of circuit and logical paths most
Small normal working frequency.
Further, according to the detection side to hardware Trojan horse of any one of above-mentioned circuit safety design for Measurability method
Method, it is characterised in that comprise the steps:
F), under normal mode of operation and security test pattern, circuit work frequency is respectively adopted and than work frequency
The low security test clock frequency of rate, identical test vector is inputted to circuit, recorded under both of which in certain section of time zone
Interior transient current curve, and the transient power consumption curve obtained under both of which in certain section of time interval is calculated, and with this
Datum curve as both of which;
G), the chip to be measured finished will be made, also according to above-mentioned steps (f) method, in normal mode of operation and security
Under test pattern, input same test vector, the transient current curve under the both of which obtained in same time section is obtained,
And the transient power consumption curve obtained under both of which in same time section is calculated, compared with datum curve, if measured curve
And datum curve deviation is more than threshold value, then it is assumed that contains hardware Trojan horse in chip to be measured.
The technical effects of the invention are that:
Even if the hardware Trojan horse long-time being implanted inside circuit is in a dormant state or in the case of extremely difficult triggering, still
So can effectively it be detected by the present invention.
Brief description of the drawings
Fig. 1 is the schematic flow sheet of the present invention in one embodiment.
Fig. 2 is to have wooden horse and without wooden horse circuit in same test excitation, same time section under function testing mode
Transient power consumption curve synoptic diagram.
Fig. 3 is to have wooden horse and without wooden horse circuit in same test excitation, same time section under security test pattern
Interior transient power consumption curve synoptic diagram.
Embodiment
With reference to specific drawings and examples, the invention will be further described.
Design for Measurability(DFT, Design for Testability)It is in integrated circuit design very important one
Ring, it whether there is manufacturing defect in the fabrication process mainly for detection of chip, so as to have influence on the function of circuit, and finished product
Rate.And it is developed a variety of DFT techniques and carrys out the defects of more effective detection chip manufacture.But for integrated electricity
It whether there is the safety detection of hardware Trojan horse in road, still neither one is general as DFT at present, normal process.And work as
Preceding technology such as logic testing detected for hardware Trojan horse and bypass analysis detection etc., all rely on such a premise bar
Part, i.e., the hardware Trojan horse triggering or in running order in circuit.But there is a kind of hardware Trojan horse not influence function, also not shadow
Circuit performance is rung, usually in sleep state, only can just be activated under the operation of special software instruction, for this type
Hardware Trojan horse, still detected at present without preferable method.
The present invention is directed to the above situation, proposes a kind of similar DFT safe design for Measurability(DFST, Design for
Security Testability)Method, and how inactive type hardware wood is carried out using the circuit of safe design for Measurability
The detection method of horse.
The present invention is further illustrated with reference to the accompanying drawings and examples
Hardware Trojan horse detection technique based on bypass analysis is the hardware Trojan horse detection technique of current most study, and its is main
Principle is that integrated circuit is distorted by malice, and after being implanted hardware Trojan horse, the structure of circuit is changed, circuit logic scale
Increase is reduced, therefore the electric current of circuit, and phase can also occur for the bypass such as path delay and maximum operation frequency parameter
The change answered.Detected by curent change inside circuit with the presence or absence of the technology of hardware Trojan horse, have a supposed premise, i.e.,
The work as much as possible of wooden horse circuit energy is needed, can just detect that the change of electric current comes.Among the composition of electric current, dynamic current
Most ratios are accounted for, but are not worked for a long time for some, for dormant circuit, it is difficult to detect dynamic current
Change come, even if the scale of hardware Trojan horse circuit is quite big.
The power consumption of circuit can be expressed by equation below:
P=(1/2)﹒ C ﹒ VDD 2 ﹒ f ﹒ N+Ileak﹒ VDD
VDDFor supply voltage, C is node loading capacitance, IleakFor quiescent current;As voltage VDDOne timing, influences power consumption
Principal element is exactly f and N.F is exactly the frequency of circuit work, and N is exactly the upset rate of circuit internal node.When hardware Trojan horse is long
Between do not work no dynamic current when producing, by the dynamic power consumption for reducing other circuit modules, it is possible to significantly improve wooden horse
The proportion that quiescent dissipation caused by circuit is occupied in total power consumption, so as to be detected.Reduce dynamic power consumption method from
Intuitively can apparently there are very much two methods in formula:First, reduce the frequency of circuit work;Second, reduce turning over for circuit node
Rate of rotation.The present invention is exactly in circuit design process, a kind of can examined by increasing in the clock frequency far below normal work
When surveying long-term sluggish hardware Trojan horse, the ratio of circuit dynamic power consumption is greatly reduced, significantly improves inactive hardware Trojan horse
Quiescent dissipation ratio shared in overall power, so as to which whether content has hardware Trojan horse inside discrimination circuit.
Fig. 1 is a kind of implementation steps of circuit safety design for Measurability method of the present invention.According to step S100
It is described, complete the design and functional verification of ifq circuit.
Secondly according to described in step S101, according to described in content b), circuit safety is determined according to rule in the present invention
Clock frequency under test pattern.In the present embodiment, checking circuit employs the ALU that a scale is 300
Circuit, work clock step are set to 100MHz, and the technology library used is SMIC 0.13um.Under circuit safety test pattern
Clock frequency be set to 1MHz, i.e., target reduces 100 times of dynamic power consumption.
According to described in step S102, completing the synthesis under SMIC 0.13um, the work such as scan chain insertion and placement-and-routing
Make.Due to the extra clock input pin of no addition, but using register come control function test pattern(The present invention's
It is equal to normal mode of operation during functional test)With security test pattern.Thus while circuit will support two patterns(In work
Operation mode and security test pattern), but placement-and-routing is later, and the design redundancy of circuit almost can be ignored.
According to described in step S103, after circuit completes placement-and-routing, complete in functional test and security test,
Enable same test vector all normal work under above two pattern.
According to described in step S104, by carrying out HSPICE emulation to circuit, circuit is recorded in same test vector
Under excitation, and in same time section, the transient current curve under both of which, according to electric current, supply voltage relation, so that it may
Conversion obtains the transient power consumption curve in certain section of time interval under both of which, and bent in this, as the benchmark of both of which
Line.
Finally as described in S105, when chip manufacturing finishes, when being tested, in mode of operation and security test pattern
Under, encouraged with identical test vector, record chip and the transient current curve in circuit simulation same time section, conversion
Obtain transient power consumption curve;When the transient power consumption curve measured is compared with the transient power consumption curve of emulation, change greatly, beyond threshold
During value, then it is assumed that hardware Trojan horse be present in chip to be measured.
The determination of this threshold value, can be by repeatedly measuring, and experience in test determined in the past.
A preliminary checking, the arithmetical logic list that scale used in this embodiment is about 300 have been done in this example
In member, and about 13% hardware Trojan horse is implanted into, working frequency and security test clock frequency are respectively 100MHz and 1MHz.Fig. 2
It is under 100MHz frequencies, there is wooden horse circuit and the difference without wooden horse circuit on power consumption profile.Can be very clear from Fig. 2
Clear finds out, under 100MHz frequencies, two power consumption profiles essentially coincide, and cannot be distinguished by circuit whether there is wooden horse.Fig. 3 is in 1MHz
Under clock frequency, there is the difference on the transient power consumption curve of the circuit of wooden horse and the circuit without wooden horse.
As can be drawn from Figure 3, for trojan horse detection the normal working frequency of clock frequency ratio it is small must be more, then detect
Effect is better.But one skilled in the art will appreciate that circuit is required for meeting timing closure in the design process.If same electricity
There is the working frequency of two kinds of hundreds times or even thousand times ten thousand times of differences on road, then slower working frequency is directed to, in order to meet in circuit
The requirement for prolonging quality to clock side of portion's register, may dramatically increase requirement of the circuit to clock quality, and increase design is multiple
Miscellaneous degree a, it is therefore desirable to equalization point is found between security test frequency and design complexities.
Claims (2)
- A kind of 1. circuit safety design for Measurability method that can detect inactive hardware Trojan horse, it is characterised in that including following step Suddenly:A) Functional Design and the checking of circuit, are completed;B), according to certain rule, a clock frequency lower than ifq circuit working frequency is determined, as security test mould Clock frequency under formula;C), by configuring an internal register come the normal mode of operation of selection circuit or security test pattern, and should It is invisible that register address should be user;D) circuit rear end design work, is completed, ensures that sequential of the circuit under normal mode of operation and security test pattern is received Hold back;E) vector of functional test, is used for security test pattern, ensures circuit under security test pattern, functional test Vector can also pass through;F), under normal mode of operation and security test pattern, circuit work frequency and lower than working frequency is respectively adopted Security test clock frequency, identical test vector is inputted to the circuit of design, recorded under both of which in certain time Transient current curve in section, and the transient power consumption curve obtained under both of which in certain section of time interval is calculated, and with This datum curve as both of which;G), the chip to be measured finished will be made, also according to above-mentioned steps (f) method, in normal mode of operation and security test Under pattern, input same test vector, the transient current curve under the both of which obtained in same time section is obtained, and count The transient power consumption curve obtained under both of which in same time section is calculated, compared with datum curve, if measured curve and base Directrix curve deviation is more than threshold value, then it is assumed that contains hardware Trojan horse in chip to be measured.
- 2. the circuit safety design for Measurability method as claimed in claim 1 that can detect inactive hardware Trojan horse, its feature exist In:Step b) determines that the clock frequency of security test pattern has the rule of following several respects:B1 reduced dynamic power consumption value), is wanted according to circuit and determines security test clock frequency;B2), the ratio-dependent security test clock frequency accounted for according to raising quiescent dissipation is wanted in overall power;B3), the minimum clock frequency determination for meeting to require along quality according to clock can be obtained;B4), minimum clock frequency cannot be below circuit minimum normal working frequency.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510355088.3A CN104951698B (en) | 2015-06-24 | 2015-06-24 | The circuit safety design for Measurability method of inactive hardware Trojan horse and the detection method to hardware Trojan horse can be detected |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510355088.3A CN104951698B (en) | 2015-06-24 | 2015-06-24 | The circuit safety design for Measurability method of inactive hardware Trojan horse and the detection method to hardware Trojan horse can be detected |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN104951698A CN104951698A (en) | 2015-09-30 |
| CN104951698B true CN104951698B (en) | 2018-03-02 |
Family
ID=54166348
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510355088.3A Active CN104951698B (en) | 2015-06-24 | 2015-06-24 | The circuit safety design for Measurability method of inactive hardware Trojan horse and the detection method to hardware Trojan horse can be detected |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN104951698B (en) |
Families Citing this family (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11068590B2 (en) | 2017-08-02 | 2021-07-20 | Enigmatos Ltd. | System and processes for detecting malicious hardware |
| CN109684881B (en) * | 2017-10-19 | 2021-02-12 | 中国科学院微电子研究所 | Bypass detection method and device |
| CN108629187B (en) * | 2018-05-03 | 2021-08-17 | 电子科技大学 | On-chip multiprocessor safety evaluation method |
| CN109657464B (en) * | 2018-10-29 | 2021-07-02 | 西安电子科技大学 | Hardware Trojan horse detection method based on path delay analysis |
| CN109711204B (en) * | 2018-10-29 | 2021-02-26 | 西安电子科技大学 | Hardware Trojan horse detection method based on path delay fingerprints |
| CN110059504B (en) * | 2019-03-01 | 2021-02-26 | 西安电子科技大学 | Hardware Trojan horse detection method and device |
| CN112904992A (en) * | 2021-01-28 | 2021-06-04 | 珠海奔图电子有限公司 | Image forming apparatus and control method thereof |
| CN112906345B (en) * | 2021-03-30 | 2022-10-04 | 天津飞腾信息技术有限公司 | Method, system, and medium for validating paths in logic circuits |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102592068A (en) * | 2011-09-05 | 2012-07-18 | 工业和信息化部电子第五研究所 | Method for detecting malicious circuit in FPGA (field programmable gate array) chip by power consumption analysis and system thereof |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9081991B2 (en) * | 2011-03-23 | 2015-07-14 | Polytechnic Institute Of New York University | Ring oscillator based design-for-trust |
-
2015
- 2015-06-24 CN CN201510355088.3A patent/CN104951698B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102592068A (en) * | 2011-09-05 | 2012-07-18 | 工业和信息化部电子第五研究所 | Method for detecting malicious circuit in FPGA (field programmable gate array) chip by power consumption analysis and system thereof |
Non-Patent Citations (1)
| Title |
|---|
| 《一种基于区域划分的硬件木马功耗显化方法》;李海燕;《第十八届计算机工程与工艺年会暨第四届微处理器技术论坛》;20140731;第277-281页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN104951698A (en) | 2015-09-30 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN104951698B (en) | The circuit safety design for Measurability method of inactive hardware Trojan horse and the detection method to hardware Trojan horse can be detected | |
| CN104950248B (en) | The circuit safety design for Measurability method and the detection method to hardware Trojan horse of accelerating hardware wooden horse triggering | |
| CN111027270B (en) | Method and circuit for trusted design of integrated circuit design flow | |
| CN102262212B (en) | System for detecting trigger single particle effect in digital application specific integrated circuit | |
| CN106291324B (en) | A kind of on piece differential delay measuring system and recycling integrated circuit recognition methods | |
| CN104950246B (en) | Hardware Trojan horse detection method and system based on delay | |
| CN110988652B (en) | Recovered chip detection method | |
| KR20190121701A (en) | Latch circuitry for memory applications | |
| Yu et al. | An improved automatic hardware trojan generation platform | |
| CN104101828A (en) | Hardware-Trojan-resisting circuit design method based on activation probability analysis | |
| CN101216532A (en) | Method for reducing scanning power consumption in sequence circuit | |
| CN108681669A (en) | A kind of hardware Trojan horse detection system and method based on multi-parameter side Multiple Channel Analysis | |
| US6564360B2 (en) | Static timing analysis method for a circuit using generated clock | |
| CN106601643B (en) | Measurement method, the device and system of the MOS process corner of chip | |
| CN109446708A (en) | A method of checking clock path | |
| CN102663185A (en) | Hardware Trojan-resisting circuit design method based on blurring processing | |
| CN104636687B (en) | Improve the circuit design method and hardware Trojan horse detection method of hardware Trojan horse detection resolution | |
| CN102831934A (en) | Method for entering into internal test mode of ASRAM chip | |
| US20160188772A1 (en) | Method of designing an integrated circuit and computing system for designing an integrated circuit | |
| CN106649959A (en) | Scan chain-based circuit design method and hardware Trojan detection method | |
| CN109711204A (en) | Hardware Trojan horse detection method based on path delay fingerprint | |
| CN102831927B (en) | Circuit capable of entering into internal test mode of ASRAM chip | |
| CN104849648B (en) | A kind of test vector generating method for improving wooden horse activity | |
| Giridharan et al. | A MUX based Latch Technique for the detection of HardwareTrojan using Path Delay Analysis | |
| Mondal et al. | XOR based methodology to detect hardware trojan utilizing the transition probability |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |