Explore the vast range of titles available.

In modern chip designs, shared resources are used extensively. Arbiters usage is crucial to settle conflicts when multiple requests compete for these shared resources. Making sure these arbiter circuits work correctly is vital not just for their proper functionality, but also for security reasons. The work in this paper introduces a method based on formal verification to thoroughly assess the proper functional aspects of various arbiter setups. This is achieved through SystemVerilog assertions and model checking. Additionally, we explore a non-invasive method for the modeling and insertion of different types of hardware Trojans. These Trojans, with their unique triggers and payloads, are modeled formally without the need for any alterations to the actual circuit. The results provide a detailed analysis of the cost involved in running the formal verification environment on versions of arbiters that are free from Trojans. This analysis is carried out using Questa PropCheck formal analysis tool, which offers valuable insights into the time and memory resources required. Furthermore, the results highlights how the formally modeled and inserted Trojans interfere with hold criteria of the arbiters’ properties, where at least a single property fires due to the inserted Trojan. This work can be extended to be a generic approach with the potential to validate both the proper operation and security aspects of complex systems.

Field-Programmable Gate Arrays (FPGAs) play a significant and evolving role in various industries and applications in the current technological landscape. They are widely known for their flexibility, rapid prototyping, reconfigurability, and design development features. FPGA designs are often constructed as compositions of interconnected modules that implement the various features/functionalities required in an application. This work develops a novel tool FEINT, which facilitates this module composition process and automates the design-level modifications required when introducing new modules into an existing design. The proposed methodology is architected as a “template” insertion tool that operates based on a user-provided configuration script to introduce dynamic design features as plugins at different stages of the FPGA design process to facilitate rapid prototyping, composition-based design evolution, and system customization. FEINT can be useful in applications where designers need to tailor system behavior without requiring expert FPGA programming skills or significant manual effort. For example, FEINT can help insert defensive monitoring, adversarial Trojan, and plugin-based functionality enhancement features. FEINT is scalable, future-proof, and cross-platform without a dependence on vendor-specific file formats, thus ensuring compatibility with FPGA families and tool versions and being integrable with commercial tools. To assess FEINT’s effectiveness, our tests covered the injection of various types of templates/modules into FPGA designs. For example, in the Trojan insertion context, our tests consider diverse Trojan behaviors and triggers, including key leakage and denial of service Trojans. We evaluated FEINT’s applicability to complex designs by creating an FPGA design that features a MicroBlaze soft-core processor connected to an AES-accelerator via an AXI-bus interface. FEINT can successfully and efficiently insert various templates into this design at different FPGA design stages.

More and more manufacturers outsource parts of the design and fabrication of integrated circuits (ICs) for cost reduction. Recent publications show that such outsourcing can pose serious threats to governments and corporations, as they lose control of the development process. Until now, the threat of hardware Trojans is mostly considered during fabrication. Third party intellectual properties (IPs) are also gaining importance as companies wish to reduce costs and shorten the time-to-market. Through this study, the authors argue that the threat of Trojans is spread throughout the whole IC development chain. They give a survey of both hardware Trojan insertion possibilities and detection techniques. Furthermore, they identify the key vulnerabilities at each stage of IC development and describe costs of hardware Trojan insertion and detection. This way, the threat level based on feasibility of Trojan insertion and the practicability of Trojan detection techniques is evaluated. Lately, detection techniques address the issue of including third party IP. However, those techniques are not sufficient and need more research to effectively protect the design. In this way, the authors’ analysis provides a solid base to identify the issues during IC development, which should be addressed with higher priority by all entities involved in the IC development.

A hardware Trojan (HT) is an extra circuitry inserted into a chip design with the malicious aim of functionality alteration, reliability degradation or secret information leakage. It is normally very hard to find HT activation signals since such signals are intended to activate upon occurring very rare conditions on specific nets of the infected circuit. A security engineer would have to search among thousands of gates and modules to make sure about the non-existence of design-time HTs in the circuit. The authors propose efficient net susceptibility metrics to significantly speedup functional-HT detection in gate-level digital designs. The proposed metrics perform a computationally low overhead analysis on the controllability and observability parameters of each net of the under HT-test circuit. Then, using a proposed net classifier method, a very low percentage of circuit nets is determined as HT trigger suspicious nets. To show practicality and detection accuracy of the proposed metrics, gate-level circuits of Trust-HUB benchmark suite are examined by the proposed metrics. Results confirm a 100% HT trigger detection with a low false positive as compared with previous metrics. More importantly, unlike previously proposed methods, the authors detection accuracy is totally independent of the switching probability of circuit inputs.

Insertion of malicious circuits commonly known as Hardware Trojans into an original integrated circuit (IC) design to alter the functionality has been a major concern in recent years. As a result, over the years multiple techniques have been suggested by researchers to combat these malicious threats. Hard to test nets in any logic circuit are the most vulnerable to insertion of Hardware Trojans. Testability analysis is the process of identification of these hard to test nets in a logic circuit. Testability analysis is achieved through the testability metrics namely controllability and observability. Testability metrics can be used as a yardstick in devising efficient Hardware Trojan detection methods. The crux of this study is a novel method for identification of susceptible nets that are prone to Hardware Trojan insertions in a logic circuit. The study also presents a comprehensive analysis of the impact on testability parameters as a result of Hardware Trojans in the identified susceptible nets. The method utilises the testability parameters of nets to define threshold values for isolating susceptible nets in a design. The study details out the impact of the number of trigger inputs as well as the distribution of trigger nets on the testability metrics of digital circuits.

We generated two new genetic tools to efficiently tag genes in Drosophila. The first, Double Header (DH) utilizes intronic MiMIC/CRIMIC insertions to generate artificial exons for GFP mediated protein trapping or T2A-GAL4 gene trapping in vivo based on Cre recombinase to avoid embryo injections. DH significantly increases integration efficiency compared to previous strategies and faithfully reports the expression pattern of genes and proteins. The second technique targets genes lacking coding introns using a two-step cassette exchange. First, we replace the endogenous gene with an excisable compact dominant marker using CRISPR making a null allele. Second, the insertion is replaced with a protein::tag cassette. This sequential manipulation allows the generation of numerous tagged alleles or insertion of other DNA fragments that facilitates multiple downstream applications. Both techniques allow precise gene manipulation and facilitate detection of gene expression, protein localization and assessment of protein function, as well as numerous other applications. Organisms have tens of thousands of genes, but finding out exactly what they all do is one of the greatest challenges of modern genetics. To understand a gene’s job, it’s necessary to find out what gene is active in which tissue, where their proteins are located within the cell, and what happens when the sequence of a gene is altered or removed. This multi-step process of ‘annotating’ genes can be challenging in practice. One common approach is to make use of a DNA pattern called a MiMIC and insert it in a specific part of the gene called an intron. A tag for a protein that glows green under the microscope can then be added to a MiMIC to help visualize where and when the protein is being expressed. MiMICs can also be used to integrate a system called T2A-GAL4, which typically creates a severe mutation in the gene and allows to track the timing of when and where the gene is expressed. This helps to discover the role of the gene in cells and tissues. However, a problem with this approach is that when either the protein tag or the T2A-GAL4 system is added, half of the time they point into the wrong direction. This is because each DNA strand is read in one direction only. Now, Li-Kroeger et al. created a so-called ‘Double Header’ system, which includes T2A-GAL4 coding in one direction and the protein tag in the other. Therefore, when the system integrates, there will always be one tag pointing in the correct direction. This makes the system twice as efficient. Not all genes have introns though. To access genes that do not contain introns, Li-Kroeger et al. developed another system, which uses the genome editing tool CRISPR-Cas9 to introduce a different kind of visible marker. Here, the whole gene is typically removed and replaced by a visible marker, which can then be replaced by any DNA, including protein tags and the T2A-GAL4 system. With these approaches, all genes in the fruit fly can now be targeted. The systems perform several tasks, including detecting gene activity and the location of proteins in the cell, and analyzing the role of the protein. The findings will be relevant to researchers interested in fruit fly genetics and cell function.

Current hardware Trojan (HT) detection techniques are mostly developed based on a limited set of HT benchmarks. Existing HT benchmark circuits are generated with multiple shortcomings, i.e., (i) they are heavily biased by the designers’ mindset when created, and (ii) they are created through a one-dimensional lens, mainly the signal activity of nets. We introduce the first automated reinforcement learning (RL) HT insertion and detection framework to address these shortcomings. In the HT insertion phase, an RL agent explores the circuits and finds locations best for keeping inserted HTs hidden. On the defense side, we introduce a multi-criteria RL-based HT detector that generates test vectors to discover the existence of HTs. Using the proposed framework, one can explore the HT insertion and detection design spaces to break the limitations of human mindset and benchmark issues, ultimately leading toward the next generation of innovative detectors. We demonstrate the efficacy of our framework on ISCAS-85 benchmarks, provide the attack and detection success rates, and define a methodology for comparing our techniques.

Soft errors and Hardware Trojans (HTs) constitute major reliability concerns, and in combination they can pose an even greater threat to circuit security. The main aim of this research is to develop and implement a reliability-based HT and to identify the optimal regions for its injection, enabling the creation of challenging benchmarks for evaluating detection techniques. In this context, a reliability-based HT is designed and evaluated using different components to achieve the required time overhead. Next, a method that combines the generation and propagation of Single-Event Transients (SETs), while accounting for both masking effects and the design’s timing constraints, is employed to efficiently identify the most vulnerable and critical gates. The sensitive gates selected for HT insertion exhibit 50–70% vulnerability to soft errors. At the same time, their insertion and the resulting path delay overhead must not violate the design’s timing constraints, and the additional area must remain below 10% of the total area. These three conditions ensure that the inserted HTs remain stealthy and, therefore, challenging to detect. The experimental results demonstrate that selecting this category of gates is highly effective, as it leads to a significant increase in the number of soft errors and, consequently, aggravates circuit vulnerability with minimal impact on the design. On average, the targeted gates exhibit a 130% increase in sensitivity, and the overall Soft Error Rate (SER) increases by 78%, confirming the importance of providing robust benchmarks to combat potential attacks of this kind.

Effective resistance to intellectual property theft, reverse engineering, and hardware Trojan insertion in integrated circuit supply chains is increasingly essential, for which many solutions have been proposed. Accordingly, strong attacks are also designed in this field. One way to achieve the above goal is obfuscation. The hardware obfuscation method hides the primary function of the circuit and the normal Netlist from the attacker by adding several key gates in the original Netlist. The functionality circuit is correct only if the correct key is applied; otherwise, the circuit is obfuscated. In recent years, various obfuscation methods have been proposed. One is logic locking, the most prominent hardware protection technique since it can protect against untrusted items. Logic locking induces functional and structural changes to a design even before the layout generation. We secured the circuit against hardware Trojan insertion with a secure logic locking method based on the insertion of key gates in interference mode. We call our proposed method Secure Interference Logic Locking, SILL. SILL is based on minimum controllability in paths with maximum fan-out. In this method, we have reduced the number of key gates required for circuit obfuscation and created the maximum Hamming distance between normal and obscure outputs. In addition, the key gates are added to the circuit’s complete interference, and the AES algorithm is used to generate the key. Our proposed method, SILL, was simulated in the Vivado simulation environment; the algorithms used in this method were prepared in VHDL language and designed to allow parallel execution, then applied on the original Netlist of the ISCAS85 benchmark circuits. By analyzing and comparing the results of this simulation to recent works, the amount of hardware consumption has decreased (about 5% space consumption and about a 0.15-nanosecond time delay). Then, the SAT attack algorithm was tested on ISCAS85 benchmark circuits that were obfuscated with SILL. The execution time of the attack in the second attempt was 0.24 nanoseconds longer compared to similar recent works, and it timed out in the fourth attempt. The resistance of our proposed method, having less hardware overhead and higher speed is more effective against SAT attacks than the existing conventional methods.