基于提高觸發(fā)效率的硬件木馬檢測方法研究
發(fā)布時間:2018-12-12 21:22
【摘要】:硬件木馬是對集成電路中添加的惡意模塊的統(tǒng)稱,其目的是使集成電路在特定條件下泄露信息或不能正常工作。集成電路由于自身設計和制造的特點很容易被嵌入硬件木馬,例如設計中使用不可信的IP核、EDA工具、庫單元,或是制造時送到不可信的代工廠,都有可能引入硬件木馬到集成電路中。集成電路的應用涉及到國家安全、通信、金融等重要領域的所有關鍵設備。如果嵌入硬件木馬的集成電路被應用到這些領域可能會引起災難性后果,所以確保集成電路中不含有硬件木馬是十分重要的。為了解決這一問題,本文對如何快速、高效地檢測制造階段嵌入的數(shù)字型硬件木馬進行了研究。本文首先對硬件木馬的觸發(fā)模型進行分析,得出稀有邏輯值出現(xiàn)概率小和內部節(jié)點可控性差是制約硬件木馬被觸發(fā)的兩個關鍵因素。在此基礎上,本文提出一種提高硬件木馬活性的觸發(fā)方案:利用集成電路的固有掃描鏈結構將集成電路分割成以芯片輸入、輸出和掃描鏈為邊界的組合邏輯塊,提高內部節(jié)點的可控性;對ATPG生成的備選向量再優(yōu)化,用于提高稀有邏輯值的出現(xiàn)概率。在提高硬件木馬活性的觸發(fā)方案的基礎上,本文設計了一種同時使用邏輯測試法和旁路分析法的硬件木馬檢測方案。最后分別對硬件木馬觸發(fā)與檢測的效果進行了仿真驗證。實驗結果表明:(1)在基于邏輯測試法的檢測方案中,與常用的ATPG技術生成的測試向量相比,本文提出的提高木馬活性的觸發(fā)方案能夠以更短的時間觸發(fā)更多的硬件木馬,并且這種優(yōu)勢隨著硬件木馬觸發(fā)難度的增加而增加,最多可多觸發(fā)21.96%的組合觸發(fā)型硬件木馬并縮短97.02%的平均觸發(fā)時間,多觸發(fā)33.40%的異步計數(shù)器觸發(fā)型硬件木馬并縮短94.20%的平均觸發(fā)時間。(2)在基于旁路分析法的檢測實驗中,硬件木馬的特征可以明顯地被識別出來,并且本文提出的提高硬件木馬活性的觸發(fā)方案能夠提高硬件木馬相連節(jié)點的翻轉率,增大硬件木馬的動態(tài)功耗,使硬件木馬的功耗特征更加明顯。
[Abstract]:The hardware Trojan is a general term for the malicious modules added in the integrated circuits. The purpose of the Trojan is to make the integrated circuits leak information or not work properly under certain conditions. Integrated circuits are easily embedded in hardware Trojans because of their own design and manufacturing characteristics, such as the use of untrusted IP cores, EDA tools, library units, or delivery to untrusted consignors during manufacture. It is possible to introduce hardware Trojans into integrated circuits. The application of integrated circuits involves all the key equipment in important fields such as national security, communication, finance and so on. If integrated circuits embedded in hardware Trojans are applied to these fields, they may have disastrous consequences, so it is very important to ensure that the integrated circuits do not contain hardware Trojans. In order to solve this problem, this paper studies how to detect the digital hardware Trojan embedded in manufacturing phase quickly and efficiently. This paper first analyzes the trigger model of the hardware Trojan horse and concludes that the low probability of rare logic value and the poor controllability of internal nodes are the two key factors restricting the trigger of the hardware Trojan horse. On this basis, this paper proposes a trigger scheme to improve the activity of the hardware Trojan: the integrated circuit is divided into a combinational logic block with the input, output and scan chains as the boundary by using the inherent scan chain structure of the integrated circuit. Improving the controllability of internal nodes; The alternative vectors generated by ATPG are optimized to increase the probability of occurrence of rare logic values. Based on the trigger scheme of improving the activity of the hardware Trojan horse, this paper designs a hardware Trojan horse detection scheme using both logic test and bypass analysis. Finally, the effect of trigger and detection of hardware Trojan horse is simulated and verified. The experimental results show that: (1) in the detection scheme based on logic test, compared with the test vector generated by ATPG technology, the trigger scheme proposed in this paper can trigger more Trojan horses in a shorter time. And this advantage increases with the increase of the trigger difficulty of the hardware Trojan, and can trigger up to 21.96% of the combined trigger hardware Trojan and shorten the average trigger time of 97.02%. The multi-trigger 33.40% asynchronous counter triggers the hardware Trojan and shortens the average trigger time by 94.20%. (2) in the detection experiment based on bypass analysis, the characteristics of the hardware Trojan can be clearly recognized. Furthermore, the trigger scheme proposed in this paper can improve the turnover rate of the connected nodes of the hardware Trojan, increase the dynamic power consumption of the hardware Trojan, and make the power characteristics of the hardware Trojan more obvious.
【學位授予單位】:大連理工大學
【學位級別】:碩士
【學位授予年份】:2015
【分類號】:TP309;TN405
本文編號:2375264
[Abstract]:The hardware Trojan is a general term for the malicious modules added in the integrated circuits. The purpose of the Trojan is to make the integrated circuits leak information or not work properly under certain conditions. Integrated circuits are easily embedded in hardware Trojans because of their own design and manufacturing characteristics, such as the use of untrusted IP cores, EDA tools, library units, or delivery to untrusted consignors during manufacture. It is possible to introduce hardware Trojans into integrated circuits. The application of integrated circuits involves all the key equipment in important fields such as national security, communication, finance and so on. If integrated circuits embedded in hardware Trojans are applied to these fields, they may have disastrous consequences, so it is very important to ensure that the integrated circuits do not contain hardware Trojans. In order to solve this problem, this paper studies how to detect the digital hardware Trojan embedded in manufacturing phase quickly and efficiently. This paper first analyzes the trigger model of the hardware Trojan horse and concludes that the low probability of rare logic value and the poor controllability of internal nodes are the two key factors restricting the trigger of the hardware Trojan horse. On this basis, this paper proposes a trigger scheme to improve the activity of the hardware Trojan: the integrated circuit is divided into a combinational logic block with the input, output and scan chains as the boundary by using the inherent scan chain structure of the integrated circuit. Improving the controllability of internal nodes; The alternative vectors generated by ATPG are optimized to increase the probability of occurrence of rare logic values. Based on the trigger scheme of improving the activity of the hardware Trojan horse, this paper designs a hardware Trojan horse detection scheme using both logic test and bypass analysis. Finally, the effect of trigger and detection of hardware Trojan horse is simulated and verified. The experimental results show that: (1) in the detection scheme based on logic test, compared with the test vector generated by ATPG technology, the trigger scheme proposed in this paper can trigger more Trojan horses in a shorter time. And this advantage increases with the increase of the trigger difficulty of the hardware Trojan, and can trigger up to 21.96% of the combined trigger hardware Trojan and shorten the average trigger time of 97.02%. The multi-trigger 33.40% asynchronous counter triggers the hardware Trojan and shortens the average trigger time by 94.20%. (2) in the detection experiment based on bypass analysis, the characteristics of the hardware Trojan can be clearly recognized. Furthermore, the trigger scheme proposed in this paper can improve the turnover rate of the connected nodes of the hardware Trojan, increase the dynamic power consumption of the hardware Trojan, and make the power characteristics of the hardware Trojan more obvious.
【學位授予單位】:大連理工大學
【學位級別】:碩士
【學位授予年份】:2015
【分類號】:TP309;TN405
【參考文獻】
相關期刊論文 前2條
1 于宗光;黃偉;;中國集成電路設計產業(yè)的發(fā)展趨勢[J];半導體技術;2014年10期
2 周麗;李清寶;樊敏;趙巖;;邏輯未知PLD的安全性漏洞檢測方法[J];計算機工程;2010年18期
,本文編號:2375264
本文鏈接:http://sikaile.net/kejilunwen/dianzigongchenglunwen/2375264.html
教材專著
