A Method to Detect and Avoid Hardware Trojan for Network-on-Chip Architecture based on Error Correction Code and Junction Router (ECCJR)

Modern technologies has changed our life, such as everywhere computing communication and internet. Number of transistors increasing in a system day by day and this trend will continue further. The wire connection is easily breakable and not a reliable technology in field of networks. In conventional network dedicated wired path is used among the intellectual property (IP) core for the purpose of communication and due to this wired connection network is not reliable and not scalable. Network-on-Chip Architecture was introduced to solve these problems and gave notable improvements over conventional bus and crossbar communication architectures. Many companies prefer third party vendors for the development of their design in order to reduce the cost. It gives advantage but due to the access of design anyone can do changes at any stage of development cycle. This type of malicious modification of hardware during design or fabrication process is known as Hardware Trojan (HT). It can change the functional behavior of a system or may leak the secret information of critical application which results in degradation of system performance. The proposed research is based on combination of Error Correcting Code and Junction router to detect and avoid HT which can be used for reliable communication in NoC architecture. Simulation results showed good performance of proposed algorithm in term of Packet Latency and Reliability. Keywords—Hardware trojan; network-on-chip; intellectual property; error correcting code; junction router


I. INTRODUCTION
In a conventional network of System on Chip, dedicated wired path is used among the Intellectual property (IP) core for communication. This type of communication medium is not reliable not scalable and has a lot limitations. To solve this problem a new architecture named Network on Chip is introduced which is network based on communication subsystem on an integrated circuit. When we put multiple processors, peripherals, memories on to a chip to build a networked multiprocessor system on Chip (MPSoC) then this is known as NoC [1]. A traditional NoC consists of Processing Element (PE), Network Interface (NI), Link and a router as shown in Fig. 1. NI is a communication interface between IP core because it helps to packetize and de-packetize the data while links are used for travelling of packets in network. Packets are moved in a given network on the basis of routing algorithms.
NoC has three major types of routing algorithm one is knows as deterministic second is adaptive and third is oblivious. In deterministic routing path between two IP cores are already defined and during communication no one can use this path [2]. In adaptive routing different path can be selected by considering the state of network. While in case of oblivious different path are available but packet don't consider the state of network which can be result in deadlock state. The router architecture depends upon the design of NoC and a Topology which is very important feature. NoC supports many network topologies like mesh, torus, butterfly, polygon, mesh, tree, star and ring. Moreover NoC also helps to overcome the packet delays, reliability and cost which are primary problems in MPSoC. Many organizations prefer third party vendors for fabrication of their designs in order to reduce the cost but it can be harmful. During the development cycle of hardware malicious modification is possible at any stage. This activity is known as Hardware Trojan (HT) [4]. The addition of HT in hardware can change the behavior of system, may affect the performance or even can leak the secret information [18]. For example a 32bit vector data can be inverted by adding a sample NOT gate due to which whole output can be changed. Similarly if the connection is established maliciously between output and a Wi-Fi module during any phase of development cycle then confidential data will be compromised [3].  Vol. 11, No. 4, 2020 582 | P a g e www.ijacsa.thesai.org The entire activity of the Trojan is determined when it is triggered and it is termed as its payload [16]. A simple Trojan is given in Fig. 2 in which the Trojan comprises of a single multiplexer. An encrypted data is sent as an output during its normal functioning. When Trojan is active the plain text bypasses the crypto-hardware and is sent on output.
HT is very harmful as it reduces the overall performance of a system. To solve this problem this research proposed a method to detect and avoid HT efficiently for reliable communication in NoC architecture.

II. LITERATURE REVIEW
In this section detail study of Trojan, comparison with faults and different detection methods is presented. After this section proposed methodology and experimental results are discussed in later section.

A. Trojan vs Fault
Trojan is intentionally addition of hardware in a given design at any stage of development cycle. While in case of faults it can be possible due to any reason [4]. Table I describes more details about the comparison of Trojan and Faults.

1) Activation mechanisam of trojan:
Activation mechanism of a Trojan can be categorized into two ways internally triggered and externally triggered [5]. a) Internally Triggered: In this case Trojan is activated without the disturbance of external environment and based on an internal event. This event may be physical or timer or based on the value of different parameters like temperature, power etc.
b) Externally Triggered: There is need of external input for externally triggered Trojan to start its malicious activity. Any of the component that interact with the target device may be an external component trigger.
2) Trojan detection method: Many Researchers proposed different methods to detect the HT. The classification of detection methods are given in Fig. 3.
In destructive approach reverse engineering of IC is done and functionality of given design is compared with golden IC [6]. In non destructive logic is tested by using different input combinations. While different parameters like power, temperature can be used in side channel analysis for Trojan detection. Idea of encryption scheme in NI was introduced by Sajesh and Kappor for secure communication in NoC architecture. In this method when a secure core wanted to communicate with other core data was encrypted first then it was sent in a given network [7]. To increase the security of NoC [8] Gebotys introduced the method based on security wrapper in which data was encrypted, decrypted and message authentication code (MAC) was generated by security wrapper [8]. A lot of work is done for avoiding the DoS Trojan model like a method proposed in [9] consists of two block one is DoS security block and second is ED security block. In this method researcher used Linear Feedback shift register and burs error control unit to detect the Trojan.
In [13] Basim Shanyour Proposed standard cell placement method for the detection of Low power Trojan. This method proves low area overhead. A data packet authentication scheme was also presented in [14] which is based on bandwidth awareness. In this method packets is assigned tags at source routers but aggressively authenticated thorough out the packet transmission. The researcher's results showed 36% saving of bandwidth and 56% low area over head. In [15] researchers gave a method for the detection and avoidance of snooping data. In this method they used snooping invalidator module at NI to discard the duplication of packets. Their experimental results showed the 48.4% increase of performance. For the avoidance of Denial of Services attack by misrouting of packet is given in [17]. In this method secure routing is used in such a way that if router is directed in wrong direction the neighbor router will automatically detect it. This method is quite efficient with only 0.4% area overhead. A secure Wireless NoC architecture is introduced in [19]. www.ijacsa.thesai.org Researchers worked on three Trojan related to snooping, denial of services and eaves dropping. This algorithm is based on message authentication code (MAC) and observation of channel capacity.

3) Error Correcting Codes (ECC) a) Cross Talk Avoidance Double Error Correction CADEC: This is combination of Hamming Code and Dual
Add parity (DAP) technique. First of all hamming is implemented on 32 bit input data and 38 bit output data is generated with 6 parity bits. Then DAP is implemented which gives 77 bits including parity bit. In decoding two copies of data are separated and parity of each copy is calculated and different decisions are made by comparison as shown in Fig. 4  [10].

b) Joint Cross Talk Avoidance Triple Error Correction (JTEC):
This algorithm is similar to CADEC but it gives triple error correction. The steps of encoding are similar to CADEC but decoding steps are little bit different. In decoding after the separation of copies Syndrome is calculated and all decisions are made on the basis of comparison of syndrome. The detail of decoding steps is given in Fig. 5 [10].

A. Threat Model
For simulation purpose mesh topology of 6x6 was selected on which different applications were running. There is no restriction of application type it can be simple or complex. For distinction of packets, an application ID field was introduced in flit. The mesh network is shown in Fig. 6.

B. Activation Mechanism of Trojan
A combinational circuit's output was used as a medium for activation of Trojan model as shown in Fig. 7. In this four inputs are given which are randomly selected data bits form packets. The motivation for adopting this Trojan model was taken from Yu, Q. and Frey [11].

C. Payload of HT
Payload is an activity performed by HT after it is activated. As discussed in literature review payload can be denial of resource or latency in packets or corrupted data. The corrupted data packets were taken as a payload of thread model.

D. Proposed Algorithm
Everything was going perfectly as data packets of application was reaching at their actual destination but after some time the data packets of application start corrupting. For the solution of this problem error correction code ECC named as Joint cross talk avoidance triple error correction JTEC is used. A threshold vale of 20% for corrupted packets was selected. In other words we can say if 20% of data packets are corrupted then JTEC will be enabled. JTEC has capability of 3bit error correction. Some routers were selected as junction routers on which ECC decoder and encoder will be implemented. Transmitter (TX) has ECC encoder which will add redundancy bits with data while at receiver (RX) side syndrome is calculated to detect which links are controlled by HT. JTEC decoder is implemented on inputs ports of junction router while JTEC encoder implemented on output ports. Selection of junction routers for 6x6 mesh topology is given in Fig. 8. Black boxes are those routers which are selected as Junction Router.   For packet movements modified XY dimension order routing was used in such a way that after 2 hops packet will pass through junction router. Whenever corrupted packets entered in a Junction router, JTEC corrects errors and sets out in network from output ports. This algorithm will help to detect and avoid 3 bit error. The flow chart of proposed method is shown in Fig. 9.

E. Routing Algorithm
Oblivious routing algorithm is used in proposed method for the movements of packets in a given network. In oblivious routing algorithm the condition of network is considered before the sending of packets from the output ports to avoid the problem of traffic congestion. Error correcting code JTEC is used in Junction router which has capability of 3 bit error correction. Example of proposed algorithm is shown in Fig. 10 in which packet path from router 7 to 29 is highlighted.

IV. EXPERIMENTAL RESULTS
For the simulation results of proposed algorithm Booksim 2.0 was used. This simulator allows us to use different traffic pattern for analysis. Like Uniform, Tornado and neighbor. In Uniform traffic source S sends an equal amount of packet to each destination d. For traffic pattern tornado and neighbor, equations 2 and 3 are given, respectively [12].
dx= Sx + [k/2] -1 mod k (2) dx= Sx+1 mod k Where dx is destination, Sx is source and k is Total numbers of routers. Running of simulation is shown in Fig. 11.
Latency is defined as time taken by the packet to reach from source to destination. It is very important parameter to be considered for performance evaluation.
In booksim a file "mesh_lat" is available in which configuration parameters can be set as shown in Fig. 12. In proposed algorithm default values of parameters were used only changes were made to "routing_function" for routing packets, "traffic" for different types of traffic to analyze the behavior of proposed algorithm. The "injection_rate" varied from 0.01 to 0.1 per cycles and calculated different latencies for performance evaluation. Fig. 13 shows the packet latency of packet for uniform traffic pattern when HT is active and JTEC is enabled. Fig. 14 shows the Network Latency when HT is active and JTECT is enabled for tornado traffic. Fig. 15 Show Average hop count for uniform traffic pattern when Trojan is active.
From Fig. 13 and 14 it is clearly shown when HT is active latency of packets is increased as packets are unable to reach their destination. When JTEC is enabled no data is corrupted www.ijacsa.thesai.org and destination fields will remain same as it was on the time of packet generation. Since after implementation of proposed algorithm packets will reach at their destination on time so latency will be reduced.     This research includes the detection and avoidance of Hardware Trojan in Network-on-Chip Architecture. Proposed algorithm is basically the combination of error correcting code which is Joint cross talk avoidance triple error correction JTEC and junction router (ECCJR). JTEC having the capability of 3 bit error correction and it is implemented only on junction routers. The Trojan model is based on the output of combinational circuit and payload of hardware Trojan is packets corruption. The selected value for the threshold of faulty packets was 20%. Whenever it meets the threshold value proposed algorithm will be started. After the implementation of proposed algorithm ECCJR no packet was corrupted and reliability reaches to 100%. In future different routing algorithms can be used to reduce the latency of packets per cycle which will increase the performance of whole system. Different error correction code can also be used in router other than Junction routers for error free communication of a network.