ISIS Blogs

This paper by Agrawal et al proposes a mechanism for chip designers to detect when an untrusted chip fabrication service has inserted Trojan functionality into their chip design. They do this by profiling the power consumption of a good chip and then comparing the power consumption profiles of other chips from the untrusted fabrication service against the known-good profile. The idea is that if they are all faithful realizations of the same design, they should all have similar power profiles. The difficulty is that the Trojan circuitry is much smaller than the legitimate circuitry. Detecting an anomaly in the power consumption would seem to suffer from a bad signal-to-noise ratio. Furthermore, there are chip-to-chip variations that far exceed the variations caused by the introduction of Trojan circuitry. The authors cope with this by using principal components analysis to find a subspace that captures most of the variability that is seen in the non-hacked chips. The basis vectors that span that subspace are the directions of benign variability. Variations in the power profile of a chip that are not in the directions of benign variability are considered suspicious.

The best part of this paper is that it demonstrates a nice technique for pulling tiny signals (the differential power consumption of the Trojan circuitry) from much stronger noise (the power consumption of the legitimate circuitry).