Hardware Security: Hardware Trojan Detection, Test and Debug Security Infrastructure IP

Abstract

This dissertation consists of two parts. The first part focuses on pre-silicon detection of hardware Trojans and second part presents a Test and Debug Security Infrastructure IP (TDS-IP) which address the several address hardware security issues like counterfeiting and debug security. The SoC design house integrates IP cores from 3rd party IP (Intellectual Property) core vendors (3PIP) into system on chip (SoC) devices. Different service providers and consultants will take part in SoC design process. 3PIP core sourced from an untrusted company may have HT (Hardware Trojan) and also in-house adversary can insert HT in RTL (Register Transfer Logic) code, synthesized netlist, scan inserted netlist and post layout netlist. Several HT detection schemes proposed in the past are standalone methods, which are not enough for SoC design house to detect HT. The past techniques are able to detect HT in 3PIP, RTL code and fabrication. In the first part of this dissertation, we propose a secure design flow for HT detection which uses several stages of ASIC (Application Specific Integrated Circuit) design flow to isolate the HT in different phases of chip design. The proposed scheme can be easily adopted into design flow by SoC integrator/ODM (Original Design Manufacturer) companies. The proposed work use all stages of chip design flow from functional verification, synthesis, formal verification, timing and power analysis in a coordinated way to find suspicious sections in the design. AES and microprocessor (PIC16F84) benchmarks from trust-hub are used to validate the proposed framework. The detailed analysis of proposed technique is presented and the proposed secure design flow is able to detect malicious inclusions in benchmarks successfully. The proposed technique detects HT and also gives concrete proof on their malicious activity. The major requirement for the success of this HT detection scheme is trusted team of security verification engineers.
In the second part of this dissertation, we propose a novel security infrastructure IP for test and debug (TDS-IP) which includes a novel anti-counterfeiting solution called secure split test and security framework for three major test protocols: JTAG (Joint Test Action Group), IEEE 1500 and IEEE 1687 (IJTAG(Internal JTAG))). Earlier access control based JTAG security techniques are further enhanced to support Over the Air (OTA) firmware update. The Physical unclonable function (PUF) based security techniques are proposed for IEEE 1500 core testing standard and IEEE IJTAG. In a novel security scheme proposed for IEEE 1500 based core based testing, PUF challenge response pairs are more secured than earlier techniques as PUF data is not shared with offshore OSAT (Outsourced Assembly and Test) centre. IJTAG viii (Internal JTAG or IEEE 1687) is a standard defined to streamline the access to on-chip instrumentation which is useful in debug and diagnosis. The PUF based security framework for IJTAG cluster the on-chip instruments according to requirement and place the security checks at entry points of clusters safeguard the on-chip instruments against scan based side channel attacks and IP piracy. Secure split test (SST) techniques proposed in the past does not support functional testing and we propose a novel SST scheme which support functional testing to mitigate the counterfeits coming out from the untrusted foundries and OSAT centres. Finally the novel anti-counterfeiting and debug security techniques are stitched together to create the Test and Debug Security Infrastructure IP (TDS-IP). The reliability issues connected with PUF responses is addressed in TDS-IP. The workflow to use and integrate the TDS-IP with openmsp430 microprocessor core is presented. In summary, contributions of this dissertation are as follows: -
• To design the novel secure split test (SST) technique which support both structural testing and functional testing with RMA analysis (Return Material Authorization) capability to prevent counterfeiting.
• To design the security framework to detect the HT at pre-silicon stage without adding an extra tool into ASIC design flow.
• Development of Security IP which includes novel SST technique as anti-counterfeiting solution and secure test/debug structure.