부산대학교 도서관

Field Programmable Gate Arrays (FPGAs) provide a flexible compute platform for quick prototyping or hardware acceleration in diverse application domains. However, similar to the global semiconductor life-cycle in the modern supply chain, FPGA-based product development includes processes and interactions with potentially untrusted parties outside the traditional scrutiny of a completely in-house development cycle. An untrusted party/software can maliciously alter hardware intellectual property (IP) blocks mapped to an FPGA device during various stages of the FPGA life-cycle. Such malicious alterations, also known as hardware Trojans, have garnered significant research into their detection and prevention in the context of application-specific integrated circuit (ASIC) design flow. However, Trojan attacks in FPGAs have not enjoyed this same attention. Designers often rely on mapping ASIC-specific solutions and benchmarks to the FPGA domain, leaving much of the FPGA-specific Trojan space uncovered. The distinctive business model and architectural configurations of FPGAs also present unique Trojan attack opportunities for adversaries. To this end, we introduce a framework to automatically explore the hardware Trojan attack space in FPGA netlists, which can insert different FPGA-specific Trojans in a netlist enabling rapid exploration of potential Trojan attacks in an FPGA design: soft-template, monolithic and distributed dark silicon. The dark silicon Trojans use the under-utilized input space in FPGA primitives and other optimizations to realize Trojans with effectively zero area, delay, and power footprint. We generate over 1300 Trojan-inserted benchmarks using the introduced FPGA Trojan classes, and compare their impact on utilization, delay, and power and evaluate their stealthiness against Trojan detection.