基於SCOAP於閘級層評估經結構轉換之硬體木馬基準電路

Abstract

隨著現代積體電路（IC）設計日益仰賴委外製造與第三方智慧財產權（3PIP）的整合，硬體木馬（Hardware Trojans, HTs）已成為一項重要的系統安全威脅。機器學習被視為具潛力的木馬偵測方法，然而，其偵測效能高度依賴訓練資料的結構多樣性。Seeker1 是近期提出的基準電路生成方法，利用邏輯合成工具產生功能等效但結構上有所差異的電路變體。惟其評估流程建立於暫存器傳輸層級（RTL）模型之上，難以有效分析經結構轉換後已喪失高階語意資訊的電路設計。 為彌補此一落差，本研究提出一套基於 SCOAP（Sandia Controllability/Observability Analysis Program）指標的閘級評估方法。我們重建經結構轉換之硬體木馬基準電路，並從其閘級電路中提取可控制性（controllability）與可觀測性（observability）數值，以訓練隨機森林（Random Forest）分類器進行木馬與正常電路之辨識。實驗結果顯示：僅以原始設計訓練之模型在面對結構轉換電路時表現明顯下滑；相較之下，於具結構多樣性之資料集訓練所得之模型，則能於各類測試組合中維持穩定且高準確率。此結果驗證了結構多樣性在提升閘級硬體木馬偵測模型之泛化能力與穩健性方面的重要性。

As modern integrated circuit (IC) design increasingly relies on outsourcing and third-party intellectual property (3PIP), the threat of hardware Trojans (HTs) has become a major security concern. Machine learning has emerged as a promising approach for Trojan detection, yet the performance of such models largely depends on the structural diversity of the training data. Seeker1, a recently proposed benchmark generation method, utilizes a logic synthesis tool to produce functionally equivalent but structurally different circuit variants. However, its evaluation applies on an RTL-level model, which is incompatible for analyzing structurally transformed designs that lack high-level constructs. To address this gap, this thesis proposes a gate-level evaluation methodology using SCOAP (Sandia Controllability/Observability Analysis Program) metrics. We regenerate structurally transformed Trojan benchmarks, extract controllability and observability values from their gate-level netlists and train a Random Forest classifier to distinguish Trojan and benign nets. Experimental results show that models trained solely on original designs perform poorly when evaluated on structurally transformed circuits, while those trained on structurally diverse datasets—including transformed variants—achieve consistently high accuracy. These findings validate the importance of structural diversity in enhancing the generalization and robustness of gate-level Trojan detection models.