1. Introduction
With the advancement in today’s technology, both simple appliances in daily life and precision instruments in the military and industrial fields are trying to achieve higher application values by inserting better performance chips [
1]. Since ICs manufactured by third-party companies have tremendous advantages in terms of manufacturing costs and time to market, many foundries have emerged, making the design, manufacturing, packaging, and testing stages of ICs separate from each other [
2]. A hardware Trojan refers to the intentional modification of an original circuit or the implantation of dangerous codes by an attacker during the designing and manufacturing of an integrated circuit chip. A hardware Trojan causes a circuit chip to have redundant circuits that do not belong to the function of the chip, such that its circuit has some uncontrollable behaviors, such as destroying the original circuit logic structure of the underlying chip and modifying the parameters. Hardware Trojans have the characteristics of destructiveness, latency, mutability, and parasitism [
3,
4]. Once a hardware Trojan attacks an IC, it can lead to device function and performance changes, the leakage of sensitive information, and even system paralysis, which can seriously threaten production life [
5].
The production chain of modern chip circuits is shown in
Figure 1 [
6]. The first and most crucial step in IC design is the specification. The requirements analysis of the chip and the definition of the product specifications are conducted to determine the overall direction of the design to ensure that the design of the chip will not include any mistakes, and so that there will not be the need to spend extra time modifying it. Subsequently, a hardware description language (HDL) is used to describe the circuit, and the specification is converted into the behavior level of the circuit. The commonly used HDL is Verilog, VHDL, etc. Next, a computer converts the HDL code into a logic circuit and the behavior level into a logic gate design. Following this, the synthesized code is put into another EDA tool for circuit layout and winding. Finally, a digital graphics database system (GDSII) is provided to the foundry for IC development so that the presilicon manufacturing stage is completed. The postsilicon stage includes three steps: factory manufacturing, chip packaging testing, and market entry [
7,
8,
9,
10,
11,
12]. The production process involves several third-party foundries, significantly increasing the risk of hardware Trojan insertion, and chip circuit security detection is urgent.
There have been various studies carried out to date to attempt to overcome the HT problem. Rongzhen Bian et al. [
13] used unsupervised clustering algorithms to identify hardware Trojans, which gather structural data from a collection of unlabeled ICs and then separate the suspect ICs from the test ICs. Kyle Worley et al. [
14] objectively compared four supervised machine learning techniques (FPR) to increase the accuracy and decrease the false positive rate. Using unlabeled manufactured ICs and imprecise simulation models, Mingfu Xue et al. [
15] offered a cotraining-based hardware Trojan detection system that trains two classification algorithms using simulated ICs. Hau Sim Choo et al. [
16] proposed utilizing machine learning and features to detect RTL Trojans using four branching-statement-related characteristics. The identification approach can categorize a branch as either a Trojan branch or a regular branch. Tomotaka Inoue et al. [
17] generated six different types of hardware Trojans at the gate-level netlist level and used an approach based on a neural network (NN) to detect them. Antonios Pavlidis et al. [
18] proposed a runtime monitoring approach for HT attack methods that impact the analog and mixed-signal (AMS) parts of an integrated circuit, which can identify different HT assaults.
The attention mechanism calculates the difference in the importance of each piece of input information, allocates computing resources according to their importance, uses the execution effect to reverse the information weight update, and finally completes the task efficiently and accurately [
19]. In recent years, the attention mechanism has been widely used in deep learning, such as in fault detection, target detection, face recognition, text classification, and so on, and has achieved excellent results.
In order to extract the compelling features of side-channel information, improve the detection accuracy, and at the same time reduce the network model parameters, this paper proposes a deep learning method based on the attention mechanism for hardware Trojan detection. By analyzing the obtained side-channel information and improving the two different neural network models, the attention mechanism is introduced to further improve the network discrimination ability and achieve higher-precision detection tasks. This paper’s method validation experiments were carried out based on collected side-channel datasets. The results show that, compared with other machine learning methods and network-related methods, the accuracy, precision, recall, and F1 value of this method are improved. In addition, it also has high accuracy when dealing with multiclassification tasks.
The organizational structure of this paper is as follows: the second part is the background, the third part introduces the hardware Trojan detection method proposed in this paper, the fourth part is the analysis of the algorithm flow, the fifth part is the analysis of the experimental results, and the sixth part is the conclusion.
4. Hardware Trojan Detection Flow
The specific flow of the proposed deep learning method based on the attention mechanism for hardware Trojan detection is shown in
Figure 6, and the implementation steps are as follows:
Collecting raw side-channel information data and normalizing it using a side-channel information collection device. The normalized data are divided into a labeled training set and an unlabeled test set in a ratio of 7:3. The training set is used for model training, and the test set is used for the subsequent testing of the model’s performance.
The maximum number of iterations, epoch values, and weights in the loss function are set empirically to initialize the parameters of the neural network and attention layers. Input the training set data, calculate the classification loss, and update the weights as well as bias parameters layer-by-layer by using backpropagation. Repeat the above steps until the maximum number of iterations is reached to stop training and obtain the trained classification model.
Input the test-set data of the chip to be tested, use the trained classification model to classify and judge them, and detect whether the chip contains a hardware Trojan.
6. Conclusions
Hardware Trojan detection is essential for the manufacturing and safe use of IC chips. In this paper, we propose a deep learning method based on the attention mechanism for hardware Trojan detection in a multilayer perceptron and convolutional neural network to verify the impact of this method on hardware Trojan classification performance. The experiments show that, compared with other machine learning classification methods and network-related methods, the proposed method in this paper has significantly improved detection accuracy, precision, recall, and F1 value, and is also applicable to multiclassification tasks. However, the improved method proposed in this paper has a significant time overhead in finding the optimal parameters and requires relatively high hardware computing power, memory bandwidth, and data storage. The detection cost is magnified to some extent. In later work, we will further analyze the characteristics of the experimental data, explore more available information on the existing bases, reduce the detection costs in many aspects, and further improve the generality of the hardware Trojan detection method.