Software Variants for Hardware Trojan Detection and Resilience in COTS Processors

by   Mahmudul Hasan, et al.

The commercial off-the-shelf (COTS) component based ecosystem provides an attractive system design paradigm due to the drastic reduction in development time and cost compared to custom solutions. However, it brings in a growing concern of trustworthiness arising from the possibility of embedded malicious logic, or hardware Trojans in COTS components. Existing trust-verification approaches are typically not applicable to COTS hardware due to the absence of golden models and the lack of observability of internal signals. In this work, we propose a novel approach for runtime Trojan detection and resilience in untrusted COTS processors through judicious modifications in software. The proposed approach does not rely on any hardware redundancy or architectural modification and hence seamlessly integrates with the COTS-based system design process. Trojan resilience is achieved through the execution of multiple functionally equivalent software variants. We have developed and implemented a solution for compiler-based automatic generation of program variants, metric-guided selection of variants, and their integration in a single executable. To evaluate the proposed approach, we first analyzed the effectiveness of program variants in avoiding the activation of a random pool of Trojans. By implementing several Trojans in an OpenRISC 1000 processor, we analyzed the detectability and resilience during Trojan activation in both single and multiple variants. We also present delay and code size overhead for the automatically generated variants for several programs and discuss future research directions to reduce the overhead.


A survey of hardware-based malware detection approach

Malware is the most significant threat to computer security. This paper ...

RanStop: A Hardware-assisted Runtime Crypto-Ransomware Detection Technique

Among many prevailing malware, crypto-ransomware poses a significant thr...

Cycle-Accurate Evaluation of Software-Hardware Co-Design of Decimal Computation in RISC-V Ecosystem

Software-hardware co-design solutions for decimal computation can provid...

CIDPro: Custom Instructions for Dynamic Program Diversification

Timing side-channel attacks pose a major threat to embedded systems due ...

Lightweight Soft Error Resilience for In-Order Cores

Acoustic-sensor-based soft error resilience is particularly promising, s...

DMON: A Distributed Heterogeneous N-Variant System

N-Variant Execution (NVX) systems utilize software diversity techniques ...

Please sign up or login with your details

Forgot password? Click here to reset