Trojan Insertion versus Layout Defenses for Modern ICs: Red-versus-Blue Teaming in a Competitive Community Effort

Authors

  • Johann Knechtel New York University Abu Dhabi, Abu Dhabi, UAE
  • Mohammad Eslami Tallinn University of Technology, Tallinn, Estonia
  • Peng Zou Fudan University, Shanghai, China
  • Min Wei Fudan University, Shanghai, China
  • Xingyu Tong Fudan University, Shanghai, China
  • Binggang Qiu Fudan University, Shanghai, China
  • Zhijie Cai Fudan University, Shanghai, China
  • Guohao Chen Fudan University, Shanghai, China
  • Benchao Zhu Fudan University, Shanghai, China
  • Jiawei Li Fudan University, Shanghai, China
  • Jun Yu Fudan University, Shanghai, China
  • Jianli Chen Fudan University, Shanghai, China
  • Chun-Wei Chiu National Tsing Hua University, Hsinchu, Taiwan
  • Min-Feng Hsieh National Tsing Hua University, Hsinchu, Taiwan
  • Chia-Hsiu Ou National Tsing Hua University, Hsinchu, Taiwan
  • Ting-Chi Wang National Tsing Hua University, Hsinchu, Taiwan
  • Bangqi Fu Chinese University of Hong Kong, Hong Kong, China
  • Qijing Wang Chinese University of Hong Kong, Hong Kong, China
  • Yang Sun Chinese University of Hong Kong, Hong Kong, China
  • Qin Luo Chinese University of Hong Kong, Hong Kong, China
  • Anthony W. H. Lau Chinese University of Hong Kong, Hong Kong, China
  • Fangzhou Wang Chinese University of Hong Kong, Hong Kong, China
  • Evangeline F. Y. Young Chinese University of Hong Kong, Hong Kong, China
  • Shunyang Bi Xidian University, Xi’an, China
  • Guangxin Guo Xidian University, Xi’an, China
  • Haonan Wu Xidian University, Xi’an, China
  • Zhengguang Tang Xidian University, Xi’an, China
  • Hailong You Xidian University, Xi’an, China
  • Cong Li Xidian University, Xi’an, China
  • Ramesh Karri New York University, New York City, USA
  • Ozgur Sinanoglu New York University Abu Dhabi, Abu Dhabi, UAE
  • Samuel Pagliarini Carnegie Mellon University, Pittsburgh, USA

DOI:

https://doi.org/10.46586/tches.v2025.i1.37-77

Keywords:

Hardware Security, Trojans, IC Design, Red-versus-Blue Teaming

Abstract

Hardware Trojans (HTs) are a longstanding threat to secure computation. Among different threat models, it is the fabrication-time insertion of additional malicious logic directly into the layout of integrated circuits (ICs) that constitutes the most versatile, yet challenging scenario, for both attackers and defenders.
Here, we present a large-scale, first-of-its-kind community effort through red-versus-blue teaming that thoroughly explores this threat. Four independently competing blue teams of 23 IC designers in total had to analyze and fix vulnerabilities of representative IC layouts at the pre-silicon stage, whereas a red team of 3 experts in hardware security and IC design continuously pushed the boundaries of these defense efforts through different HTs and novel insertion techniques. Importantly, we find that, despite the blue teams’ commendable design efforts, even highly-optimized layouts retained at least some exploitable vulnerabilities.
Our effort follows a real-world setting for a modern 7nm technology node and industrygrade tooling for IC design, all embedded into a fully-automated and extensible benchmarking framework. To ensure the relevance of this work, strict rules that adhere to real-world requirements for IC design and manufacturing were postulated by the organizers. For example, not a single violation for timing and design-rule checks were allowed for defense techniques. Besides, in an advancement over prior art, neither red nor blue teams were allowed to use any so-called fillers and spares for trivial attack or defense approaches.
Finally, we release all methods and artifacts: the representative IC layouts and HTs, the devised attack and defense techniques, the evaluation metrics and setup, the technology setup and commercial-grade reference flow for IC design, the encompassing benchmarking framework, and all best results. This full release enables the community to continue exploring this important challenge for hardware security, in particular to focus on the urgent need for further advancements in defense strategies.

Downloads

Published

2024-12-09

Issue

Vol. 2025 No. 1

Section

Articles

License

Copyright (c) 2024 Johann Knechtel, Mohammad Eslami, Peng Zou, Min Wei, Xingyu Tong, Binggang Qiu, Zhijie Cai, Guohao Chen, Benchao Zhu, Jiawei Li, Jun Yu, Jianli Chen, Chun-Wei Chiu, Min-Feng Hsieh, Chia-Hsiu Ou, Ting-Chi Wang, Bangqi Fu, Qijing Wang, Yang Sun, Qin Luo, Anthony W. H. Lau, Fangzhou Wang, Evangeline F. Y. Young, Shunyang Bi, Guangxin Guo, Haonan Wu, Zhengguang Tang, Hailong You, Cong Li, Ramesh Karri, Ozgur Sinanoglu, Samuel Pagliarini

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

How to Cite

Trojan Insertion versus Layout Defenses for Modern ICs: Red-versus-Blue Teaming in a Competitive Community Effort. (2024). IACR Transactions on Cryptographic Hardware and Embedded Systems, 2025(1), 37-77. https://doi.org/10.46586/tches.v2025.i1.37-77