Automated hardware trojan detection

Student thesis: Doctoral ThesisDoctor of Philosophy


A Hardware Trojan (HT) is a malicious circuit inserted into an Integrated Circuit (IC) or a malicious modification of a circuit to change its behaviour or leak secret information. As the production of ICs is now distributed globally through the use of third parties in the outsourcing of design services, the use of off-the-shelf intellectual property (IP) and different foundry services, there are many more opportunities for untrusted entities to gain access to the supply chain. Therefore, it is clear that HTs are a major threat to the security of the IC design process and can be inserted at both the design and manufacture stages.

Over the past decade there has been a significant amount of research into HT detection techniques including simulation-based, logic testing based, side channel analysis and reverse engineering approaches. With advances in machine learning and computational capability, machine learning (ML)-based and neural network (NN)-based HT detection methods have been proposed to detect and prevent HT-insertion at design-time without the requirement for additional pre-processing or overhead. However, existing ML/NN-based HT detection methods depend on prior knowledge of the characteristics of a circuit netlist (referred to as knowledge-driven) to extract effective features for the model training. Hence, knowledge of the circuits, including the circuit topology, types of components, and HT characteristics is essential for the detection and determines the accuracy of detection results. However, it is difficult to ensure accurate feature extraction for different circuits that may include a variety of HTs in practice.

To address the challenges with knowledge-driven HT detection, the overall goal of this thesis is to achieve automated data-driven HT detection, which only depends on the data obtained from circuit netlists without the need to have prior knowledge of the circuit characteristics.

Firstly, an improved automatic HT generation platform is proposed. This platform improves by employing transition probability to identify the rarely activated internal nodes to target for HT insertion. This method can provide a good estimation of the switching activity for each net in the gate-level netlist without requiring a large number of test patterns and a long simulation time. The platform is highly configurable in terms of the HT trigger condition, trigger type, payload type and in the number of HTs it can generate. Furthermore, user-defined Trojans are permitted and the host circuits for HT insertion can be freely defined by the users according to their requirements.

Secondly, a novel feature extraction strategy for HT detection based on gate-level circuit netlists is proposed. The HT features are automatically extracted from the circuit topology in “netlist blocks” rather than gate-level feature statistics as used in previous research. A commonly utilized support vector machine (SVM)-based HT detection model is employed for data training and testing using the extracted features on HT benchmarks from both an open-sourced library (Trust-Hub) and the proposed HT generation platform to prove the feasibility and efficiency of the proposed HT feature extraction strategy.

Finally, an automated data-driven HT detection system using deep learning (DL) technology is proposed. The method only utilizes the circuit netlists from which the DL algorithm automatically extracts features and then learns the HT detection models. Therefore, the proposed HT detection system provides an extremely simplified detection process without the need for any pre-processing or extra circuit overhead and it is also effective for various types of circuits. The experimental results show that the proposed HT detection system can achieve high true positive rate (TPR) and high true negative rate (TNR) for both combinational Trojan and sequential Trojan detection using the open-source Trust-Hub HT benchmarks.
Date of AwardDec 2021
Original languageEnglish
Awarding Institution
  • Queen's University Belfast
SponsorsEngineering & Physical Sciences Research Council
SupervisorMaire O'Neill (Supervisor), Chongyan Gu (Supervisor) & Weiqiang Liu (Supervisor)


  • Hardware Trojan
  • generation
  • detection
  • automated
  • deep learning
  • machine learning
  • natural language processing
  • hardware security

Cite this