Is your FPGA bitstream Hardware Trojan-free? Machine learning can provide an answer

Abstract

Software exploitable Hardware Trojan Horses (HTHs) inserted into commercial CPUs allow the attacker to run his/her own software or to gain unauthorized privileges. Recently a novel menace raised: HTHs inserted by CAD tools. A consequence of such scenario is that HTHs must be considered a serious threat not only by academy but also by industry. In this paper we try to answer to the following question: can Machine Learning (ML) help designers of microprocessor softcores implemented onto SRAM-based FPGAs at detecting HTHs introduced by the employed CAD tool during the generation of the bitstream? We present a comparative analysis of the ability of several ML models at detecting the presence of HTHs in the bitstream by exploiting a previously performed characterization of the microprocessor softcore and an associated ML training. An experimental analysis has been carried out targeting the IBEX RISC-V microprocessor running a set of benchmark programs. A detailed comparison of multiple ML models is conducted, showing that many of them achieve accuracy above 98%, and kappa values above 0.97. By identifying the most effective ML models and the best features to be employed, this paper lays the foundation for the integration of a ML-based bitstream verification flow.