Hardware Trojans in incompletely specified on-chip bus systems

• Published in: 2016 Design, Automation & Test in Europe Conference & Exhibition (DATE) pp. 527 - 530
• Main Authors: Fern, Nicole, San, Ismail, Koc, Cetin Kaya, Kwang-Ting Cheng
• Format: Conference Proceeding Journal Article
• Language: English
• Published: EDAA 01.03.2016
• Subjects: Buses (vehicles); Channels; Communication channels; Data buses; Design engineering; Electric circuits; Exhibitions; Hardware; Integrated circuit interconnections; Protocols; Receivers; Topology; Trojan horses
• ISSN: 1558-1101

The security, functionality, and performance of the on-chip bus system is critical in an SoC design. We highlight the susceptibility of current bus implementations to Hardware Trojans hiding in unspecified functionality. Unlike existing Trojans which aim to disrupt normal bus behavior and are often designed for a specific protocol and topology, we present a general model for creating a covert Trojan communication channel between SoC components. From our channel model, which is applicable to any topology and protocol, one can create circuitry allowing information to flow covertly by altering existing bus signals only when they are unspecified. We give the specifics of this circuitry for AMBA AXI4, then create a system comprised of several master and slave units connected by an AXI4-Lite interconnect to quantify the overhead of the Trojan channel and illustrate the ability of our Trojans to evade a suite of protocol compliance checking assertions from ARM.