loading page

Layout-Only Hardware Trojans: Attack Vectors and a Non-Golden Model Reverse Engineering-Based Counterstrategy
  • Matthias Ludwig ,
  • Ann-Christin Bette ,
  • Bernhard Lippmann
Matthias Ludwig
Infineon Technologies AG

Corresponding Author:[email protected]

Author Profile
Ann-Christin Bette
Author Profile
Bernhard Lippmann
Author Profile


Globally distributed microelectronic supply chains have disrupted trust in silicon hardware and have drawn academia’s attention toward different scenarios of malicious circuit modifications, i.e., hardware Trojans. This dynamic hardware environment, including open-source approaches and evermore outsourcing, requires constant reassessment of offensive and defensive aspects. Based on an untrusted foundry model, this work assesses the concrete technical realizations of layout-only modifications via design file editing, mask editing, or in-line alterations. Furthermore, the attack possibility on different modules within a system on a chip is qualitatively evaluated. Consequently, a modification is demonstrated on an SRAM-’PUF’ module. To link the attack point-of-view with a defensive measure, we propose a hardware reverse engineering-based countermeasure, which is non-reliant on a golden layout. Through a novel approach relying on inherent polygon properties, potentially occurring modifications are detected via clustering and a statistical evaluation of the intra-cluster distributions.  Finally, the approach is demonstrated on samples from 7 nm to 150 nm, for which a modification detection rate between 95% and 100% is reached for all evaluated samples.