Skip to main content
OSTI.GOVU.S. Department of Energy Office of Scientific and Technical Information
U.S. Department of Energy
Office of Scientific and Technical Information
 

Detecting Hardware Trojans in PCBs Using Side Channel Loopbacks

Journal Article · · IEEE Transactions on Very Large Scale Integration (VLSI) Systems
 [1];  [1];  [1];  [2];  [1];  [1]
  1. New York Univ. (NYU) Tandon School of Engineering, Brooklyn, NY (United States)
  2. Kansas City National Security Campus (KCNSC), Kansas City, MO (United States)
+ Show Author Affiliations

Malicious modifications to printed circuit boards (PCBs) are known as hardware Trojans. These may arise when malafide third parties alter PCBs premanufacturing or postmanufacturing and are a concern in safety-critical applications, such as industrial control systems. In this research, we examine how data-driven detection can be utilized to detect such Trojans at run-time. We develop a flexible and reconfigurable PCB test bed derived from the popular open-source programmable logic controller (PLC) platform “OpenPLC.” We then develop a Trojan detection framework, which utilizes and analyzes multimodal side channels (e.g., timing, magnetic signals, power, and hardware performance counters). We consider defender-configurable input/output (I/O) loopback test, comparison with design-document baselines, and magnetometer-aided monitoring of system behavior under defender-chosen excitations. Our approach can extend to golden-free environments. Golden (known-good) versions of the PCBs are assumed not available, but design information, datasheets, and component-level data are available. We demonstrate the efficacy of our approach on a range of Trojans instantiated in the test bed.

Research Organization:
Kansas City Nuclear Security Campus (KCNSC), Kansas City, MO (United States)
Sponsoring Organization:
USDOE National Nuclear Security Administration (NNSA)
Grant/Contract Number:
NA0002839
OSTI ID:
1877019
Report Number(s):
NSC-614-4221; DE-NA0002839
Journal Information:
IEEE Transactions on Very Large Scale Integration (VLSI) Systems, Journal Name: IEEE Transactions on Very Large Scale Integration (VLSI) Systems Journal Issue: 7 Vol. 30; ISSN 1063-8210
Publisher:
IEEECopyright Statement
Country of Publication:
United States
Language:
English

References (43)

Toward Network Configuration Randomization for Moving Target Defense book January 2011
Golden-Free Hardware Trojan Detection with High Sensitivity Under Process Noise journal December 2016
Analysis of point-to-point packet delay in an operational network journal September 2007
A machine learning based golden-free detection method for command-activated hardware Trojan journal November 2020
Chaum's protocol for detecting man-in-the-middle: Explanation, demonstration, and timing studies for a text-messaging scenario journal May 2016
Hardware Trojan Detection Using Controlled Circuit Aging journal January 2020
Toward Proactive, Adaptive Defense: A Survey on Moving Target Defense journal April 2020
A Modbus/TCP Fuzzer for testing internetworked industrial systems conference September 2015
Anomaly Detection in Embedded Systems Using Power and Memory Side Channels conference May 2020
Temperature tracking: An innovative run-time approach for hardware Trojan detection conference November 2013
Towards a comprehensive and systematic classification of hardware Trojans
  • Rajendran, J.; Gavas, E.; Jimenez, J.
  • 2010 IEEE International Symposium on Circuits and Systems - ISCAS 2010, Proceedings of 2010 IEEE International Symposium on Circuits and Systems https://doi.org/10.1109/ISCAS.2010.5537869
conference May 2010
Active protection against PCB physical tampering conference March 2016
Trustworthy Hardware: Identifying and Classifying Hardware Trojans journal October 2010
How Secure Are Printed Circuit Boards Against Trojan Attacks? journal April 2015
A Survey of Hardware Trojan Taxonomy and Detection journal January 2010
Protection Against Hardware Trojan Attacks: Towards a Comprehensive Solution journal June 2013
Detecting Man-in-the-Middle Attacks by Precise Timing conference June 2009
Practical Timing Side Channel Attacks against Kernel Space ASLR conference May 2013
Trojan Detection in Embedded Systems With FinFET Technology journal January 2022
Exposing Hardware Trojans in Embedded Platforms via Short-Term Aging
  • Surabhi, Virinchi Roy; Krishnamurthy, Prashanth; Amrouch, Hussam
  • IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, Vol. 39, Issue 11 https://doi.org/10.1109/TCAD.2020.3012649
journal November 2020
Towards a New Thermal Monitoring Based Framework for Embedded CPS Device Security journal January 2022
Run-time hardware trojan detection using performance counters conference October 2017
Hardware Trojan Detection on a PCB Through Differential Power Monitoring journal January 2020
Anomaly Detection in Real-Time Multi-Threaded Processes Using Hardware Performance Counters journal January 2020
Brain-Inspired Golden Chip Free Hardware Trojan Detection journal January 2021
Hardware Trojan Detection Through Chip-Free Electromagnetic Side-Channel Statistical Analysis journal October 2017
Hardware Trojan Detection Using Changepoint-Based Anomaly Detection Techniques journal December 2019
PCB Hardware Trojans: Attack Modes and Detection Strategies conference April 2019
Utilizing electromagnetic emanations for out-of-band detection of unknown attack code in a programmable logic controller conference May 2018
Are hardware performance counters a cost effective way for integrity checking of programs conference January 2011
SAGE: Whitebox Fuzzing for Security Testing: SAGE has had a remarkable impact at Microsoft. journal January 2012
Openflow random host mutation: transparent moving target defense using software defined networking conference January 2012
Detecting man-in-the-middle attacks on non-mobile systems conference January 2014
Information Leaks Without Memory Disclosures: Remote Side Channel Attacks on Diversified Code
  • Seibert, Jeff; Okhravi, Hamed; Söderström, Eric
  • CCS'14: 2014 ACM SIGSAC Conference on Computer and Communications Security, Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security https://doi.org/10.1145/2660267.2660309
conference November 2014
The SDN Shuffle: Creating a Moving-Target Defense using Host-based Software-Defined Networking
  • MacFarland, Douglas C.; Shue, Craig A.
  • CCS'15: The 22nd ACM Conference on Computer and Communications Security, Proceedings of the Second ACM Workshop on Moving Target Defense https://doi.org/10.1145/2808475.2808485
conference October 2015
Hardware Trojans: Lessons Learned after One Decade of Research journal December 2016
Confidentiality Breach Through Acoustic Side-Channel in Cyber-Physical Additive Manufacturing Systems
  • Chhetri, Sujit Rokka; Canedo, Arquimedes; Faruque, Mohammad Abdullah Al
  • ACM Transactions on Cyber-Physical Systems, Vol. 2, Issue 1 https://doi.org/10.1145/3078622
journal January 2018
The Big Hack Explained: Detection and Prevention of PCB Supply Chain Implants
  • Mehta, Dhwani; Lu, Hangwei; Paradis, Olivia P.
  • ACM Journal on Emerging Technologies in Computing Systems, Vol. 16, Issue 4 https://doi.org/10.1145/3401980
journal October 2020
Countering code-injection attacks with instruction-set randomization
  • Kc, Gaurav S.; Keromytis, Angelos D.; Prevelakis, Vassilis
  • CCS '03 Proceedings of the 10th ACM conference on Computer and communications security, p. 272-280 https://doi.org/10.1145/948109.948146
conference January 2003
Randomized instruction set emulation to disrupt binary code injection attacks
  • Barrantes, Elena Gabriela; Ackley, David H.; Palmer, Trek S.
  • CCS '03 Proceedings of the 10th ACM conference on Computer and communications security, p. 281-289 https://doi.org/10.1145/948109.948147
conference January 2003
A Novel Fuzzing Method for Zigbee Based on Finite State Machine journal January 2014
Random domain name and address mutation (RDAM) for thwarting reconnaissance attacks journal May 2017
Peach Improvement on Profinet-DCP for Industrial Control System Vulnerability Detection
  • Zhang, Dianbo; Wang, Jianfei; Zhang, Hua
  • 2015 2nd International Conference on Electrical, Computer Engineering and Electronics, Advances in Computer Science Research https://doi.org/10.2991/icecee-15.2015.305
conference January 2015

Similar Records

PRISTINE: An Emulation Platform for PCB-Level Hardware Trojans
Journal Article · Mon Apr 01 00:00:00 EDT 2024 · IEEE Access · OSTI ID:2340739
An Integrated Testbed for Trojans in Printed Circuit Boards with Fuzzing Capabilities
Conference · Sat Jul 01 00:00:00 EDT 2023 · OSTI ID:1985594
A Survey on the Design, Detection, and Prevention of Pre-Silicon Hardware Trojans
Journal Article · Wed Mar 26 00:00:00 EDT 2025 · IEEE Access · OSTI ID:2554136

Related Subjects

42 ENGINEERING
97 MATHEMATICS AND COMPUTING
Anomaly detection
Trojan detection
golden-free
machine learning (ML)
printed circuit board (PCB)
timing loopback