In Terms of Hardware security, It is a malicious modification of the circuitry of an IC chip. It is done during the design or fabrication of chip (i.e. The chip is modified without the possible knowledge of the person who designed it. )
It is sometimes also known as ‘HT’. A Hardware Trojan or HT is something, a piece of hardware, which is hiding inside another larger piece of hardware. It wakes up at an unpredictable times and does something which is again unpredictable with respect to user.
A Hardware Trojan (HT) is categorized by two things –
- Physical Representation (i.e. how it behaves, how it looks like)
- It’s behavior (i.e. how it shows up and what are its effects)
Properties of a Hardware Trojan –
- It can take place pre or post manufacturing.
- It is inserted by some intellectual adversary.
- It is extremely small hardware overhead.
- It is Stealthy and nearly Impossible to detect
- It causes IC to malfunction in-field.
Affects if a Hardware Trojan if it’s placed inside a chip –
- Potentially disastrous consequences.
- Loss of human life or property.
Whenever the HT wakes up , the entire activity that the Trojan performs or executes is known as payload.
Components of a Hardware Trojan –
It contains a trigger and a payload
- Trigger – Trigger decides when the Hardware Trojan or HT will wake up and
- Payload – Payload decides what will happen when the Trojan will wake up.
It is maliciously placed in the original circuit. User doesn’t know about this because most of the time circuit will behave normally, but sometimes it behaves unpredictably / maliciously whenever it wakes up. As shown in the above diagrams.
Reasons why it might get inserted into a chip –
- Prevalence of IP(Intellectual Property Core) based design.
- Routine use of CAD tools for EDA Vendors.
- Fabless manufacturing model (i.e. We do not design it ourselves we give someone to design it, there might something happen)
- Loss of control over design and manufacture, etc.
Do Hardware Trojan Really Exists ?
- No Concrete proof of Hardware Trojan is obtained as yet.
- Tampering masks in fab is not easy, it is a complex process.
- Reverse engineering of a single IC can take months
But there are some evidences that they do exist –
- Numerous suspect military / commercial cases (as early as 1976!!)
- Reverse engineering of IC’s is believed to be widely performed by reputed Companies (IBM has patents )
Attention reader! Don’t stop learning now. Get hold of all the important CS Theory concepts for SDE interviews with the CS Theory Course at a student-friendly price and become industry ready.