Trojan Insertion versus Layout Defenses for Modern ICs: Red-versus-Blue Teaming in a Competitive Community Effort

Johann Knechtel; Mohammad Eslami; Peng Zou; Min Wei; Xingyu Tong; Binggang Qiu; Zhijie Cai; Guohao Chen; Benchao Zhu; Jiawei Li; Jun Yu; Jianli Chen; Chun-Wei Chiu; Min-Feng Hsieh; Chia-Hsiu Ou; Ting-Chi Wang; Bangqi Fu; Qijing Wang; Yang Sun; Qin Luo; Anthony W. H. Lau; Fangzhou Wang; Evangeline F. Y. Young; Shunyang Bi; Guangxin Guo; Haonan Wu; Zhengguang Tang; Hailong You; Cong Li; Ramesh Karri; Ozgur Sinanoglu; Samuel Pagliarini

Paper 2024/1440

Trojan Insertion versus Layout Defenses for Modern ICs: Red-versus-Blue Teaming in a Competitive Community Effort

Johann Knechtel

, New York University Abu Dhabi

Mohammad Eslami, Tallinn University of Technology

Peng Zou, Fudan University

Min Wei, Fudan University

Xingyu Tong, Fudan University

Binggang Qiu, Fudan University

Zhijie Cai, Fudan University

Guohao Chen, Fudan University

Benchao Zhu, Fudan University

Jiawei Li, Fudan University

Jun Yu, Fudan University

Jianli Chen, Fudan University

Chun-Wei Chiu, National Tsing Hua University

Min-Feng Hsieh, National Tsing Hua University

Chia-Hsiu Ou, National Tsing Hua University

Ting-Chi Wang, National Tsing Hua University

Bangqi Fu, Chinese University of Hong Kong

Qijing Wang, Chinese University of Hong Kong

Yang Sun, Chinese University of Hong Kong

Qin Luo, Chinese University of Hong Kong

Anthony W. H. Lau, Chinese University of Hong Kong

Fangzhou Wang, Chinese University of Hong Kong

Evangeline F. Y. Young, Chinese University of Hong Kong

Shunyang Bi, Xidian University

Guangxin Guo, Xidian University

Haonan Wu, Xidian University

Zhengguang Tang, Xidian University

Hailong You, Xidian University

Cong Li, Xidian University

Ramesh Karri, New York University

Ozgur Sinanoglu, New York University Abu Dhabi

Samuel Pagliarini, Tallinn University of Technology, Carnegie Mellon University

Abstract

Hardware Trojans (HTs) are a longstanding threat to secure computation. Among different threat models, it is the fabrication-time insertion of additional malicious logic directly into the layout of integrated circuits (ICs) that constitutes the most versatile, yet challenging scenario, for both attackers and defenders. Here, we present a large-scale, first-of-its-kind community effort through red-versus-blue teaming that thoroughly explores this threat. Four independently competing blue teams of 23 IC designers in total had to analyze and fix vulnerabilities of representative IC layouts, whereas a red team of 3 experts in hardware security and IC design continuously pushed the boundaries of these defense efforts through different HTs and novel insertion techniques. Importantly, we find that, despite the blue teams’ commendable efforts, even highly-optimized layouts retained at least some exploitable vulnerabilities. Our effort follows a real-world setting for a modern 7nm technology node and industry-grade tooling for IC design, all embedded into a fully-automated and extensible benchmarking framework. To ensure the relevance of this work, strict rules that adhere to real-world requirements for IC design and manufacturing were postulated by the organizers. For example, not a single violation for timing and design-rule checks were allowed for defense techniques. Besides, in an advancement over prior art, neither red nor blue teams were allowed to use any so-called fillers and spares for trivial attack or defense approaches. Finally, we release all methods and artifacts: the representative IC layouts and HTs, the devised attack and defense techniques, the evaluation metrics and setup, the technology setup and commercial-grade reference flow for IC design, the encompassing benchmarking framework, and all best results. This full release enables the community to continue exploring this important challenge for hardware security, in particular to focus on the urgent need for further advancements in defense strategies.

Note: Conditionally accepted for TCHES 2025. Version of manuscript is as submitted, except for non-anonymous author list.

Metadata

Available format(s): PDF
Category: Applications
Publication info: Preprint.
Keywords: Hardware Security Trojans IC Design Red-versus-Blue Teaming
Contact author(s): johann @ nyu edu
History: 2024-09-18: approved; 2024-09-15: received; See all versions
Short URL: https://ia.cr/2024/1440
License: CC BY

BibTeX

@misc{cryptoeprint:2024/1440,
      author = {Johann Knechtel and Mohammad Eslami and Peng Zou and Min Wei and Xingyu Tong and Binggang Qiu and Zhijie Cai and Guohao Chen and Benchao Zhu and Jiawei Li and Jun Yu and Jianli Chen and Chun-Wei Chiu and Min-Feng Hsieh and Chia-Hsiu Ou and Ting-Chi Wang and Bangqi Fu and Qijing Wang and Yang Sun and Qin Luo and Anthony W. H. Lau and Fangzhou Wang and Evangeline F. Y. Young and Shunyang Bi and Guangxin Guo and Haonan Wu and Zhengguang Tang and Hailong You and Cong Li and Ramesh Karri and Ozgur Sinanoglu and Samuel Pagliarini},
      title = {Trojan Insertion versus Layout Defenses for Modern {ICs}: Red-versus-Blue Teaming in a Competitive Community Effort},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1440},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1440}
}