Is it possible for attackers to equip integrated circuits with hardware Trojans that will not change the area or power consumption of the IC, making them thus indiscernible through power-based post fabrication analysis?
A group of researchers from the National University of Sciences and Technology (Islamabad, Pakistan), the Vienna University of Technology and New York University have proven it is.
They have also demonstrated that hardware Trojans (HTs) can be implanted not only by adding logical gates to the original circuit, but also by identifying and safely removing expendable, redundant gates and embedding malicious circuitry at the appropriate locations.
The TrojanZero approach
To implant undetectable hardware Trojans in the circuits, they have:- Devised a scheme to identify rarely-activated nodes in the circuit
- Devised an algorithm to explore the space of circuit modifications that leave the circuit’s functionality on the defender’s test patterns unchanged
- Devised a methodology to embed HTs in the target circuit without increasing area and power consumption
- Implemented an HT with a low triggering probability during the functional testing phase.
https://www.helpnetsecurity.com/2018/12/10/hardware-trojans/