Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Cross-Scale Persistence Analysis of EM Side-Channels for Reference-Free Detection of Always-On Hardware Trojans

Mahsa Tahghigh, Hassan Salmani

Abstract

Always-on hardware Trojans pose a serious challenge to integrated circuit trust, as they remain active during normal operation and are difficult to detect in post-deployment settings without trusted golden references. This paper presents a reference-free detection framework based on cross-scale persistence analysis of electromagnetic (EM) side-channels, targeting always-on parasitic hardware behavior. The proposed method analyzes EM emissions across multiple time-frequency resolutions and constructs stability maps that capture the consistency of spectral features over repeated executions. Gaussian Mixture Models (GMMs) with Bayesian Information Criterion (BIC) based model selection are used to characterize statistical structure at each scale. We introduce cross-scale saturation, variability, and median mixture complexity metrics that quantify whether statistical structure evolves naturally or remains persistently anchored across resolutions. Experimental results on AES implementations show that Trojan-free designs exhibit scale-dependent variability consistent with transient switching behavior, while always-on Trojans produce persistent statistical signatures that suppress cross-scale evolution. Furthermore, different Trojan classes, such as workload-correlated leakage-information Trojans and independent ring-oscillator Trojans, exhibit distinct persistence patterns. These findings demonstrate that cross-scale persistence provides a physically interpretable and robust assurance signal for unsupervised, reference-free detection of always-on hardware Trojans.

Cross-Scale Persistence Analysis of EM Side-Channels for Reference-Free Detection of Always-On Hardware Trojans

Abstract

Always-on hardware Trojans pose a serious challenge to integrated circuit trust, as they remain active during normal operation and are difficult to detect in post-deployment settings without trusted golden references. This paper presents a reference-free detection framework based on cross-scale persistence analysis of electromagnetic (EM) side-channels, targeting always-on parasitic hardware behavior. The proposed method analyzes EM emissions across multiple time-frequency resolutions and constructs stability maps that capture the consistency of spectral features over repeated executions. Gaussian Mixture Models (GMMs) with Bayesian Information Criterion (BIC) based model selection are used to characterize statistical structure at each scale. We introduce cross-scale saturation, variability, and median mixture complexity metrics that quantify whether statistical structure evolves naturally or remains persistently anchored across resolutions. Experimental results on AES implementations show that Trojan-free designs exhibit scale-dependent variability consistent with transient switching behavior, while always-on Trojans produce persistent statistical signatures that suppress cross-scale evolution. Furthermore, different Trojan classes, such as workload-correlated leakage-information Trojans and independent ring-oscillator Trojans, exhibit distinct persistence patterns. These findings demonstrate that cross-scale persistence provides a physically interpretable and robust assurance signal for unsupervised, reference-free detection of always-on hardware Trojans.
Paper Structure (4 sections, 7 figures)

This paper contains 4 sections, 7 figures.

Table of Contents

  1. Introduction
  2. Technical Approach
  3. Results and Discussion
  4. Conclusions and Future Work

Figures (7)

  • Figure 1: Overview of the proposed reference-free EM side-channel analysis framework for detecting always-on HTs. EM traces are collected during repeated executions and transformed into multi-scale time–frequency representations. Stability maps are constructed to capture persistent spectral structure across executions and window sizes. Gaussian Mixture Models (GMMs) with bounded model order are used to characterize the statistical structure at each scale. Detection is based on cross-scale persistence analysis, where always-on HTs produce persistent or saturated mixture structures with reduced variability across resolutions, in contrast to HT-free designs that exhibit adaptive, scale-dependent statistical behavior.
  • Figure 2: Experimental setup.
  • Figure 3: FPGA implementation of the AES-128 core with two always-on hardware Trojans: a workload-correlated leakage-information Trojan (LI-HT) and an independent ring-oscillator Trojan (RO-HT). The figure illustrates circuit placement and representative EM signal activity when each Trojan is active.
  • Figure 4: Spectrogram analysis of HT-free AES-128 after applying a fixed key and 500 plaintexts with the segment length of 138 for STFT.
  • Figure 5: Spectrogram analysis of RO-inserted AES-128 after applying a fixed key and 500 plaintexts with the segment length of 138 for STFT.
  • ...and 2 more figures