Reference-Free EM Validation Flow for Detecting Triggered Hardware Trojans

Hardware Trojans (HTs) threaten the trust and reliability of integrated circuits (ICs), particularly when triggered HTs remain dormant during standard testing and activate only under rare conditions. Existing electromagnetic (EM) side-channel-based detection techniques often rely on golden references or labeled data, which are infeasible in modern distributed manufacturing. This paper introduces a reference-free, design-agnostic framework for detecting triggered HTs directly from post-silicon EM emissions. The proposed flow converts each EM trace into a time-frequency scalogram using Continuous Wavelet Transform (CWT), extracts discriminative features through a convolutional neural network (CNN), reduces dimensionality with principal component analysis (PCA), and applies Bayesian Gaussian Mixture Modeling (BGMM) for unsupervised probabilistic clustering. The framework quantifies detection confidence using posterior-based metrics (alpha_{post}, beta_{post}), Bayesian information criterion (Delta BIC), and Mahalanobis cluster separation (D), enabling interpretable anomaly decisions without golden data. Experimental validation on AES-128 designs embedded with four different HTs demonstrates high separability between HT-free and HT-activated conditions and robustness to PCA variance thresholds. The results highlight the method’s scalability, statistical interpretability, and potential for extension to runtime and in-field HT monitoring in trusted microelectronics.

💡 Research Summary

The paper addresses the pressing problem of detecting triggered hardware Trojans (HTs) in a post‑silicon environment where golden reference designs or labeled training data are unavailable—a realistic scenario in today’s distributed semiconductor supply chains. Triggered HTs remain dormant during normal operation and only activate under rare input or state conditions, making them invisible to conventional functional tests. Existing electromagnetic (EM) side‑channel detection methods typically rely on golden references or supervised learning, which are impractical for black‑box chips.

To overcome these limitations, the authors propose a fully reference‑free, design‑agnostic detection flow that operates directly on raw EM emissions. The workflow consists of five main stages:

1. EM Trace Acquisition & Pre‑processing – Using a ChipWhisperer NAE‑CW305 FPGA platform equipped with an AES‑128 core, EM signals are captured with a 1.25 mm probe and a 500 MS/s oscilloscope. Each trace is normalized (zero‑mean, unit‑variance) and optionally band‑limited to mitigate session‑to‑session drift and environmental noise.

2. Time‑Frequency Representation (CWT) – Each normalized trace is transformed by a Continuous Wavelet Transform (CWT) employing a complex Morlet wavelet. The CWT produces a scalogram (a 2‑D time‑frequency energy map) that highlights transient energy bursts associated with HT activation while preserving the overall spectral content of digital switching activity.

3. Deep Feature Extraction (CNN) – The scalograms are fed into a VGG‑16‑based convolutional neural network. Early layers are frozen (transfer learning) to retain generic edge/texture filters, while later layers are fine‑tuned on the unlabeled scalograms using self‑supervised pre‑text tasks (e.g., rotation prediction). The network outputs a 512‑dimensional high‑level feature vector that captures localized bursts, harmonic side‑bands, and other subtle patterns indicative of a Trojan event.

4. Dimensionality Reduction (PCA) – To avoid the curse of dimensionality in the subsequent clustering step, Principal Component Analysis (PCA) is applied. The authors retain enough components to explain 90 % of the total variance (the threshold is tunable). A weighted sum of the retained principal component scores, where each component is scaled by its explained‑variance ratio, yields a compact one‑dimensional descriptor for each trace.

5. Unsupervised Probabilistic Modeling (BGMM) – The reduced descriptors are modeled with a Bayesian Gaussian Mixture Model (BGMM). Dirichlet priors prune unnecessary mixture components, which is crucial because triggered HTs may appear in only 2–5 % of the traces. The BGMM provides mixture weights (π), posterior responsibilities (rᵢₖ), and sample likelihoods.

Anomaly Validation & Confidence Metrics
The BGMM may split a single population into several overlapping Gaussians; therefore, the authors introduce a two‑step validation:

• Identify the dominant cluster (largest π) as the “normal” cluster.
• Evaluate secondary clusters against two criteria: (i) mixture weight > 2–5 % of total traces, and (ii) sufficient separation from the dominant cluster measured by Mahalanobis or Bhattacharyya distance.

If no secondary cluster passes both checks, the device is declared HT‑free and α≈1, β≈0. Otherwise, posterior‑based confidence scores are computed:

• For each trace, p_normᵢ = rᵢ,ₖ* (probability of belonging to the dominant cluster) and p_anormᵢ = 1 − p_normᵢ.
• Aggregate over N traces: α_post = (1/N) Σ p_normᵢ, β_post = (1/N) Σ p_anormᵢ.

Decision thresholds combine three statistics:

• ΔBIC (difference in Bayesian Information Criterion) ≥ 10 indicates statistically significant multimodality.
• β_post ≥ 0.30 → high confidence HT‑suspect; 0.20 ≤ β_post < 0.30 → moderate confidence; β_post < 0.20 → not suspicious.
• Mahalanobis distance D ≥ 3 (≈99 % χ² contour) serves as a soft indicator of cluster separation.

Experimental Validation
The authors implement four representative HTs in the AES‑128 core:

• HT#1: Information‑leakage Trojan activated by a specific plaintext; leaks key bits via a CDMA‑style spread‑spectrum channel.
• HT#2: Variant of HT#1 with multi‑trigger capability.
• HT#3: Denial‑of‑Service (DoS) Trojan that bypasses encryption for a particular plaintext.
• HT#4: Generalized DoS Trojan that bypasses encryption for any plaintext from a predefined set.

Using the described measurement setup, thousands of EM traces are collected for each scenario, with HT activation occurring in roughly 2–5 % of the traces. The CWT scalograms clearly show energy redistribution when a Trojan fires. The CNN extracts discriminative patterns, and PCA retains 90 % variance while producing a stable one‑dimensional descriptor. BGMM clustering consistently yields a dominant “normal” cluster and a well‑separated secondary cluster when HTs are present. Across all four HTs, ΔBIC values exceed 12, β_post values are above 0.35, and D values range from 4 to 5, satisfying the high‑confidence criteria. Sensitivity analysis demonstrates that varying the PCA variance threshold (80 %–95 %) does not materially affect ΔBIC or β_post, confirming robustness to dimensionality choices.

Insights & Contributions

• Reference‑free operation: No netlist, layout, or golden chip is required; the method works purely on measured EM data.
• Design‑agnostic: The pipeline does not rely on any knowledge of the underlying circuit, making it applicable to a wide range of SoCs.
• Unsupervised learning: By combining CWT, CNN feature extraction, PCA, and BGMM, the approach eliminates the need for labeled datasets, reducing cost and scaling barriers.
• Quantitative confidence: The use of ΔBIC, posterior‑based α/β, and Mahalanobis distance provides interpretable metrics rather than binary decisions.
• Robustness: Experiments show stability against variations in PCA variance thresholds and measurement noise, indicating practical resilience.

Limitations & Future Work

• High‑quality EM measurement equipment and careful probe placement are still prerequisites; deployment in field environments may require automated probe positioning or alternative side‑channel modalities.
• Extremely low activation rates (< 1 %) could demand impractically large trace collections to achieve statistical significance.
• BGMM may over‑split normal data; thus, the selection of mixture‑weight and distance thresholds needs careful calibration for each platform.
• Extending the framework to real‑time runtime monitoring, integrating other side‑channels (power, temperature), and exploring lightweight models for on‑chip deployment are promising directions.

In summary, the paper delivers a practical, fully unsupervised EM‑based detection flow that can reliably uncover triggered hardware Trojans without any golden reference, offering a valuable tool for post‑silicon trust verification and supply‑chain security.