The paper ” Exciting FPGA Cryptographic Trojans using Combinatorial Testing” by Paris Kitsos (TEI of Western Greece), Dimitris. E. Simos (SBA Researh), Jose Torres-Jimenez (CINVESTAV-Tamaulipas) and Artemios Voyiatzis (SBA Research) has been accepted for publication in the 26th IEEE International Symposium on Software Reliability Engineering (ISSRE 2015). ISSRE is one of the leading conference for software reliability and testing. The results of this work establish a new research field for combinatorial testing and hardware malware detection.
Abstract: Contemporary hardware design shares many similarities with software development. The injection of malicious functionality (Trojans) in FPGA designs is a realistic threat.
Established techniques for testing correctness do not cope well with Trojans, since Trojans are not captured in the system model. Furthermore, a well-designed Trojan activates under rare conditions and can escape detection during testing. Such conditions cannot be exhaustively searched, especially in the case of cryptographic core implementations with hundreds of inputs.
In this paper, we explore the applicability of a prominent combinatorial strategy, namely combinatorial testing, for FPGA Trojan detection. We demonstrate that combinatorial testing provides the theoretical guarantees for exciting a Trojan of specific lengths by covering all input combinations. Our findings indicate that combinatorial testing constructs can improve the existing FPGA Trojan detection capabilities by reducing significantly the number of tests needed. Besides the foundations of our approach, we also report on first experiments that indicate its practical use.
Conference Website: http://issre.net/