OS Support for Detecting Trojan Circuit Attacks

Rapid advances in integrated circuit (IC) development predicted by Moore's Law lead to increasingly complex, hard to verify IC designs. Design insiders or adversaries employed at untrusted locations can insert malicious Trojan circuits capable of launching attacks in hardware or supporting software-based attacks. In this paper, we provide a method for detecting Trojan circuit denial-of-service attacks using a simple, verifiable hardware guard external to the complex CPU. The operating system produces liveness checks, embedded in the software clock, to which the guard can respond. We also present a novel method for the OS to detect a hardware-software (HW/SW) Trojan privilege escalation attack by using OS-generated checks to test if the CPU hardware is enforcing memory protection (MP). Our implementation of fine-grained periodic checking of MP enforcement incurs only 2.2% overhead using SPECint 2006.