Detecting Hardware Trojans with Machine Learning
By Anna McCowan, Software Marketing Engineer
The Internet of Things (IoT) is changing everything – from smart devices to smart infrastructure. Unfortunately, along with it comes the threat of malware and cybersecurity attacks. Because IoT devices can contain components from multiple sources, their hardware and software can include security schemes that range from very sophisticated to nonexistent. Detecting malicious circuitry – or hardware Trojans – becomes more difficult as the number of electronic components increases. As more and more IoT devices enter our everyday lives, engineers must consider new methods to detect hardware Trojans.
Analyzing device current waveforms is one method to identify hardware Trojans in the circuitry. However, today, with fast clock rates and wide, dynamic ranges, engineers must take quick, continuous measurements to capture the waveform in full detail. This can generate huge data files, potentially greater than 1 Terabyte for measurements taken over 24 hours. Sifting through such a massive database manually is a daunting task. It’s easy for hardware Trojans to slip through unnoticed.
Until recently, there wasn’t really a solution to this. Data loggers can capture large amounts of data, but they don’t have the bandwidth to capture high-frequency signals. Oscilloscopes can handle the bandwidth, but they have limited data storage. And neither hardware solution has a built-in way to visualize the data, making it difficult to identify unexpected patterns.
Many technology companies are exploring a new solution for handling these big data challenges: machine learning. Keysight researchers have developed a solution that could analyze terabyte-sized waveform databases orders of magnitude more quickly than conventional techniques. (Figure 1).
Figure 1. Overview of anomalous waveform analytics capabilities
Users can immediately locate questionable signals that cannot be identified by traditional methods. In real-time, the system uses machine learning technology to sort the incoming data and tag waveform segments based on their similarity. It should be noted that the sorting doesn’t have to be perfect; it just requires enough information to detect trends and identify outliers.
As the complexity of our devices continues to increase, the software tools used to evaluate them need to keep pace. In cases where devices are used in mission-critical systems, such as IoT, understanding waveform behavior can make or break the security of your system or device. Security in IoT is important to both the users and the developers. Whether you are designing IoT devices in the industry, home, medical, or education sector, the device’s security must be analyzed prior to product deployment. With machine learning, this analysis has become much easier.
