阅读说明：本技术 一种基于工艺偏差型tdc的硬件木马检测方法 (Hardware Trojan horse detection method based on process deviation type TDC ) 是由 赵毅强 蒯钧 马浩诚 刘燕江 叶茂 于 2020-05-19 设计创作，主要内容包括：本发明公开了一种基于工艺偏差型TDC的硬件木马检测方法。该方法采用一种两条链延迟一致的双链TDC作为片上传感结构,通过码密度测试确定工艺偏差选取配置向量,然后采集旁路信号数据,分析数据差异性以进行硬件木马检测。相较于传统的片上检测方法,由于该种TDC结构将信号在延迟链上传播距离作为采样值,传感结构不出现振荡,因而提升了检测的稳定性。由于该种TDC结构单次采样周期较短,具有较好的瞬时性,因而提升了对激活周期短的硬件木马的检出效果。此外,由于其采用了工艺偏差造成的延迟差作为延迟链每级的延迟,因而大大提升了对硬件木马的检测精度。该方法可以应用于基于旁路分析的硬件木马检测领域,具有一定的实际意义和参考价值。(The invention discloses a hardware Trojan horse detection method based on a process deviation type TDC. The method adopts a double-chain TDC with two consistent chain delays as an on-chip sensing structure, determines process deviation selection configuration vectors through code density testing, then collects bypass signal data, and analyzes data differences to perform hardware Trojan horse detection. Compared with the traditional on-chip detection method, the TDC structure takes the propagation distance of the signal on the delay chain as the sampling value, and the sensing structure does not oscillate, so that the detection stability is improved. The TDC structure has a short single sampling period and good instantaneity, so that the detection effect of the hardware Trojan horse with a short activation period is improved. In addition, the delay difference caused by process deviation is adopted as the delay of each stage of the delay chain, so that the detection precision of the hardware Trojan horse is greatly improved. The method can be applied to the field of hardware Trojan horse detection based on bypass analysis, and has certain practical significance and reference value.)

1. A hardware Trojan horse detection method based on a process deviation type TDC is characterized by comprising the following steps:

the method comprises the following steps: TDC structural design: the TDC delay chain is realized by adopting a TDC design with a double-chain structure and selecting a multiplexer as a basic unit, and selection signals of the MUXs form a configuration vector;

step two: layout adjustment matching delay: adjusting the layout wiring mode of the TDC to ensure that the device delay between two delay chains of the TDC is consistent with the line delay;

step three: determining the process deviation: inputting a configuration vector, and performing code density test on an actual chip through a large number of random signals to determine the process deviation condition of two delay chains under the configuration vector;

step four: determining an optimal configuration vector: adjusting the configuration vector to repeat the code density test to find an optimal configuration vector, so that the delay difference of each stage on two delay chains of the TDC, which is caused by the process deviation, is a positive value;

step five: collecting bypass information: configuring an optimal configuration vector for a TDC structure, and continuously inputting jump edges to two chains of the TDC with an interval of T₁And reading sampling data k of the TDC for the interval₀Real-time bypass information reflecting the operating state of the circuit;

when the transition edge interval of the two input delay chain inputs of the TDC is T₁With a delay of T₂After the delay unit, the interval T of the jump edges of the actually input two TDC chain signals is:

T＝T₁-T₂

the delay difference for each stage is then τ₀TDC of (1), number of stages k of state on delay chain₀Comprises the following steps:

step six: and (3) analyzing the difference of bypass information: and analyzing the difference of the TDC sampling data, and if the TDC measurement value is detected to have the drop exceeding the noise range, determining that the hardware Trojan horse activation behavior occurs in the circuit.

2. The hardware Trojan detection method based on the process deviation type TDC as claimed in claim 1, wherein the TDC structural design includes design of a delay chain part and a signal readout part,

the delay chain adopts a multi-path selector as a basic unit, all input ports of each MUX are connected with the same signal, namely the output of the previous-stage MUX, the selection signal Sel of each MUX is used as a configuration signal, and the process deviation on the two delay chains is controlled by configuring different gates of the MUXs;

the signal reading part is realized by a D trigger at each stage, for the TDC structure, two corresponding MUXs on two chains jointly form one stage of the TDC, the output value of the stage is obtained by judging the sequence of the signals transmitted to the outputs of the two MUXs, wherein the output of the MUX of the chain A is connected to the D end of the D trigger, the output of the MUX of the chain B is connected to the clk end of the D trigger, when the rising edge of the chain A reaches the stage later than the chain B, the D trigger outputs high level, otherwise, the D trigger outputs low level which is used as the reading signal of the stage of the TDC.

3. The hardware Trojan detection method based on the process deviation type TDC according to claim 1, wherein a code density test method is adopted to determine the delay of each stage on the two delay chains, and further compare the delay difference of each stage on the two delay chains caused by the process deviation, and the specific process is as follows:

the method comprises the following steps: an external clock which is irrelevant to a chip main clock and is not integral multiple is adopted, and is in phase connection with the chip main clock, so that a random pulse signal with the pulse width smaller than half clock period t is generated and is used as the input of a TDC delay chain;

step two: counting the times N from each stage of sampling to the pulse jump edge on two delay chains of the TDC under a large number of input times N;

step three: the delay of each stage of the delay chain is t x (N/N), and the delay difference of each stage on the two delay chains under the configuration vector caused by the process deviation can be determined by comparing the delay of the two MUXs of each stage of the TDC under the current configuration vector.

Technical Field

The invention relates to the technical field of integrated circuit safety detection, in particular to a hardware Trojan horse detection method based on a process deviation type TDC.

Background

With the rapid development of the integrated circuit industry, the functions of the monolithic digital integrated circuit chip are more and more complex, the circuit scale and complexity are increased day by day, and the monolithic digital integrated circuit chip is more and more widely applied to various fields of modern technology, in particular to sensitive fields of financial equipment, mobile communication, transportation, governments, energy sources and the like. Integrated circuits have been a major push to social progress and economic development, and have become a strategic, fundamental and leading industry supporting socioeconomic development.

In today's global business model, due to the advancement and complexity of the integrated circuit industry, designers in the industry need to combine the design/manufacturing services of multiple countries or regions around the world with the intellectual property (3PIP) core of an untrusted third party to complete the four stages of design, manufacture, packaging and testing of an integrated circuit, so as to eventually realize the marketing of an integrated circuit chip. The separation of design and manufacturing processes brought by the cooperation of an industrial chain brings great hidden dangers to the safety of the integrated circuit, the third-party IP core adopted in the design stage, the mask used in the manufacturing stage and the redundant encapsulation possibly existing in the encapsulation stage can cause the hidden dangers threatening the safety of the integrated circuit, and the safety threats are collectively called as hardware trojans. Through ingenious design, an attacker can hide a hardware trojan at the bottom layer of the circuit to become a security hole. By utilizing the security vulnerabilities, an attacker can achieve functions of tampering, reducing circuit performance, revealing key information, denying service and the like, and even can directly cause irreversible damage to a chip.

The hardware trojan problem is a prominent potential safety hazard in the integrated circuit industry, and becomes a problem to be solved urgently in the field of integrated circuit design and manufacture. Once the chip with the hardware Trojan horse is applied to military equipment and the national economic core field, serious disasters and unpredictable economic losses can be brought, so that the research on the detection and protection technology of the hardware Trojan horse is developed, and the security and credibility of the integrated circuit are the common concern of all countries in the world.

In recent years, with the progress of research, excellent results are obtained in the aspect of hardware Trojan horse detection technology. The bypass signal analysis is one of the methods, has low implementation cost, high detection precision and good portability and ductility, shows a more optimistic application prospect once being proposed, and becomes the mainstream of the current detection method.

However, in the process of detecting the hardware trojan by using the bypass signal analysis technology, off-chip noise is introduced by using an off-chip analysis method such as an oscilloscope (namely, the detection of the bypass signal is realized by using chip external equipment), so that the detection precision is reduced. Furthermore, the use of off-chip detection methods requires modifications to the printed circuit board to bring out the side channel detection interface, which is not allowed in circuit design and space in advanced complex systems such as servers. In a bypass analysis scheme using an on-chip sensor (i.e., a sensor for detecting a bypass signal by using an internal circuit of a chip), a Ring Oscillator (RO) used in the current mainstream scheme has poor stability due to high oscillation frequency, thereby limiting the detection accuracy. In addition, one detection data of the ring oscillator is a result obtained by operating the circuit for a period of time, and cannot reflect the instantaneous working state of the circuit, so that the detection effect on the hardware Trojan horse with a short activation period is poor.

Disclosure of Invention

The hardware Trojan horse detection method based on the process deviation type TDC is provided for solving the problems of poor stability, poor instantaneity, low precision and the like of the traditional hardware Trojan horse bypass analysis method.

In order to realize the purpose of the invention, the invention provides a hardware Trojan horse detection method based on a process deviation type TDC, which comprises the following steps:

the method comprises the following steps: TDC structural design: the TDC delay chain is realized by adopting a TDC design with a double-chain structure and selecting a multiplexer as a basic unit, and selection signals of the MUXs form a configuration vector;

step two: layout adjustment matching delay: adjusting the layout wiring mode of the TDC to ensure that the device delay between two delay chains of the TDC is consistent with the line delay;

step three: determining the process deviation: inputting a configuration vector, and performing code density test on an actual chip through a large number of random signals to determine the process deviation condition of two delay chains under the configuration vector;

step four: determining an optimal configuration vector: adjusting the configuration vector to repeat the code density test to find an optimal configuration vector, so that the delay difference of each stage on two delay chains of the TDC, which is caused by the process deviation, is a positive value;

step five: collecting bypass information: configuring an optimal configuration vector for a TDC structure, and continuously inputting jump edges to two chains of the TDC with an interval of T₁And reading sampling data k of the TDC for the interval₀Real-time bypass information reflecting the operating state of the circuit;

when the transition edge interval of the two input delay chain inputs of the TDC is T₁With a delay of T₂After the delay unit, the interval T of the jump edges of the actually input two TDC chain signals is:

T＝T₁-T₂

the delay difference for each stage is then τ₀TDC of (1), number of stages k of state on delay chain₀Comprises the following steps:

step six: and (3) analyzing the difference of bypass information: and analyzing the difference of the TDC sampling data, and if the TDC measurement value is detected to have the drop exceeding the noise range, determining that the hardware Trojan horse activation behavior occurs in the circuit.

Wherein, the TDC structure design comprises the design of a delay chain part and a signal reading part,

the delay chain adopts a multi-path selector as a basic unit, all input ports of each MUX are connected with the same signal, namely the output of the previous-stage MUX, the selection signal Sel of each MUX is used as a configuration signal, and the process deviation on the two delay chains is controlled by configuring different gates of the MUXs;

the signal reading part is realized by a D trigger at each stage, for the TDC structure, two corresponding MUXs on two chains jointly form one stage of the TDC, the output value of the stage is obtained by judging the sequence of the signals transmitted to the outputs of the two MUXs, wherein the output of the MUX of the chain A is connected to the D end of the D trigger, the output of the MUX of the chain B is connected to the clk end of the D trigger, when the rising edge of the chain A reaches the stage later than the chain B, the D trigger outputs high level, otherwise, the D trigger outputs low level which is used as the reading signal of the stage of the TDC.

The method for testing the code density is adopted to determine the delay of each level on the two delay chains, and then the delay difference of each level on the two delay chains caused by the process deviation can be obtained through comparison, and the specific process is as follows:

the method comprises the following steps: an external clock which is irrelevant to a chip main clock and is not integral multiple is adopted, and is in phase connection with the chip main clock, so that a random pulse signal with the pulse width smaller than half clock period t is generated and is used as the input of a TDC delay chain;

step two: counting the times N from each stage of sampling to the pulse jump edge on two delay chains of the TDC under a large number of input times N;

step three: the delay of each stage of the delay chain is t x (N/N), and the delay difference of each stage on the two delay chains under the configuration vector caused by the process deviation can be determined by comparing the delay of the two MUXs of each stage of the TDC under the current configuration vector.

Compared with the prior art, the invention has the beneficial effects that the TDC-based hardware Trojan on-chip detection structure is adopted, compared with the traditional mainstream ring oscillator on-chip detection structure, the structure reduces the time of one-time sampling from ten thousand clock cycles to several clock cycles, so that the detection structure can reflect the instantaneous bypass information of a circuit, and the detection effect of the hardware Trojan with a short activation period is greatly improved. In the selection of the TDC structure, the TDC is realized by adopting a process deviation mode. The implementation method based on the process deviation enables the measurement precision of the TDC to be reduced from device delay to delay difference caused by the process deviation, and improves the sensitivity of the TDC to bypass signal change caused by hardware Trojan activation, so that the precision of hardware Trojan detection is greatly improved. In addition, the detection structure based on the TDC does not need to work under high-frequency oscillation, so that the detection stability is improved, and the detection precision of the hardware Trojan horse is further improved.

Drawings

Fig. 1 is a flowchart of a hardware Trojan horse detection method based on a process deviation type TDC according to the present application.

Fig. 2 is a schematic diagram of a process deviation type TDC circuit according to the present application.

Detailed Description

It should be noted that the embodiments and features of the embodiments in the present application may be combined with each other without conflict.

The invention is described in further detail below with reference to the figures and specific examples. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.

The patent provides a hardware Trojan horse detection method based on a process deviation type TDC. Firstly, designing a double-chain type TDC with two delay chains with consistent delay, then determining the process deviation condition through a code density test to select a configuration vector, and finally, detecting a bypass signal through the TDC, analyzing the data difference and carrying out hardware Trojan horse detection. The method utilizes the TDC as an on-chip sensing structure, so that the stability of on-chip detection is improved, and the detection effect on the hardware Trojan horse with short activation period is improved. In addition, the TDC structure is realized by utilizing the process deviation, and the precision of the TDC on the hardware Trojan horse activation behavior detection is greatly improved.

Fig. 1 is a flowchart of a hardware Trojan horse detection method based on a process deviation type TDC, which mainly includes the following steps:

the method comprises the following steps: TDC structural design: a TDC design with a double-chain structure is adopted, a Multiplexer (MUX) is selected as a basic unit to realize a TDC delay chain, and selection signals of the MUXs form a configuration vector.

Step two: layout adjustment matching delay: and adjusting the layout wiring mode of the TDC to ensure that the device delay between two delay chains of the TDC is consistent with the line delay.

Step three: determining the process deviation: inputting a configuration vector, and performing code density test on an actual chip through a large number of random signals to determine the process deviation condition of two delay chains under the configuration vector.

Step four: determining an optimal configuration vector: the code density test is repeated by adjusting the configuration vector to find the optimal configuration vector, so that the delay difference (chain B delay-chain A delay) of each stage on two delay chains of the TDC caused by the process deviation is a positive value.

Step five: collecting bypass information: configuring an optimal configuration vector for a TDC structure, and continuously inputting jump edges to two chains of the TDC with an interval of T₁And reading sampling data k of the TDC for the interval₀To reflect the real-time bypass information of the circuit operation state.

When the transition edge interval of the two input delay chain inputs of the TDC is T₁With a delay of T₂After the Delay Unit (Delay Unit), the interval T of the two actually input TDC chain signal transition edges is:

T＝T₁-T₂

the delay difference for each stage is then τ₀TDC of (1), number of stages k of state on delay chain₀Comprises the following steps:

step six: and (3) analyzing the difference of bypass information: and analyzing the difference of the TDC sampling data. If a drop in the TDC measurement is detected that exceeds the noise range, a hardware Trojan activation behavior is considered to be present in the circuit.

When there is a hardware trojan activation activity, the voltage of the chip supply network may drop, causing the device delay to decrease. T is₂Decreasing causes T to increase, and τ₀Decrease, ultimately resulting in k₀And is increased.

When designing the TDC structure, the design is mainly divided into a delay chain section and a signal readout section. Fig. 2 is a circuit configuration diagram of the high-precision TDC based on the process variation.

The delay chain adopts a Multiplexer (MUX) as a basic unit, and all input ports of each MUX are connected with the same signal, namely the output of a previous-stage MUX. And the selection signal Sel of each MUX is used as a configuration signal, and the process deviation on the two delay chains is controlled by configuring different-path gating of the MUX.

The sensing part of the TDC signal is realized by one D flip-flop at each stage. For the TDC structure, two MUXs corresponding to two chains jointly form a stage of the TDC, and the output value of the stage is obtained by judging the sequence of the signals transmitted to the two MUXs. Wherein, the output of the MUX of the chain A is connected to the D end of the D trigger, and the output of the MUX of the chain B is connected to the clk end of the D trigger. When the rising edge of the chain A reaches the stage later than the chain B, the D flip-flop outputs a high level, otherwise, the D flip-flop outputs a low level as a read signal of the stage of the TDC.

The code density test is a common technology used for calibration step by step in the TDC field, and is mainly used for accurately calibrating the delay of each stage on a TDC delay chain according to the statistical result of the edge jump of a TDC sampling pulse signal by inputting a large number of random pulse signals smaller than a certain width into the TDC chain. The invention adopts a code density test method to determine the delay of each level on the two delay chains, and further can compare the delay difference of each level on the two delay chains caused by the process deviation. The specific process is as follows:

the method comprises the following steps: and generating a random pulse signal with the pulse width less than half clock period t by taking the external clock which is irrelevant to the chip main clock and is not in integral multiple with the chip main clock and taking the random pulse signal as the input of the TDC delay chain.

Step two: and counting the times N from each stage sampling to the pulse edge of the TDC on two delay chains under a large number of input times N.

Step three: the delay of each stage of the delay chain is t x (N/N), and the delay difference of each stage on the two delay chains under the configuration vector caused by the process deviation can be determined by comparing the delay of the two MUXs of each stage of the TDC under the current configuration vector.

When the input configuration vector is adjusted, all stages are independent. For a TDC with N stages of delay chains implemented by M-1 MUX, there are M test vectors with bit width of MUX selecting signal bit width x 2 Nbit.

The patent provides a hardware Trojan detection method based on process deviation type TDC, aiming at the problems of poor stability, poor instantaneity, low precision and the like of the traditional hardware Trojan bypass analysis method. The method adopts a double-chain TDC with two consistent chain delays as an on-chip sensing structure, determines process deviation selection configuration vectors through code density testing, then collects bypass signal data, and analyzes data differences to perform hardware Trojan horse detection. Compared with the traditional on-chip detection method, the TDC structure takes the propagation distance of the signal on the delay chain as the sampling value, and the sensing structure does not oscillate, so that the detection stability is improved. The TDC structure has a short single sampling period and good instantaneity, so that the detection effect of the hardware Trojan horse with a short activation period is improved. In addition, the delay difference caused by process deviation is adopted as the delay of each stage of the delay chain, so that the detection precision of the hardware Trojan horse is greatly improved. The method can be applied to the field of hardware Trojan horse detection based on bypass analysis, and has certain practical significance and reference value.

The technical means not described in detail in the present application are known techniques.

The foregoing is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.