Due to the proliferation of semiconductor and embedded devices in all areas of industry including telecommunications, e-commerce and security, the threat from hardware trojans has never been greater or more menacing. Learn what they are and what you can do about them.
A hardware trojan is a hidden function in an IC formed from a trigger and a payload. It is malicious in nature can can be used for a variety of purposes.
How are hardware trojans created?
Malicious functionality is introduced during the design process and it deliberately create side channels in IC’s to leak information to the outside world to either expose the inner workings of an algorithm or expose data such as cryptographic keys.
They can be introduced via purchased IP, test insertion, edited foundry library files and also at the mask level. Their main use is to either destroy the chip or leak information and this occurs in various ways for various reasons:
simple malfunction (can be used by competitors to gain market share by negatively affecting the reputation of a market leader,
kill switch to disable, for example, military equipment,
confidential information leak such as cryptographic keys from smart cards,
creation of a backdoor (to allow unlimited access whenever required)
Various configurations of Trojan architecture have been suggested by researchers
Detection of hardware trojans is extremely difficult due in part to their size which can be as little as a few gates. They are infrequently activated and are designed to have low observability and controlability making detection by test vectors also difficult. Research into trjoan detection has focused on the change in power consumption and electromagnetic characteristics. This reflects the construction of the most simple Trojan horse and its modus operandi. The simple addition of two inverters placed strategically can alter the power characteristics of the device forming a side channel for data leakage. More sophisticated logic produces kill switches or changes in functionality invoked by a trigger event.