Revisiting Capacitor-Based Trojan Design

Among the various strategies for hiding malicious capabilities in integrated circuits (ICs), analog circuit design techniques have recently drawn increased attention due their lower area, power and delay footprints, which make their detection significantly more challenging. Specifically, switched capacitors have been used for creating stealthy trigger circuits based on toggling activity on a victim wire. Various methodologies for detecting such culprits have been investigated; however, recent literature in this area contains several misconceptions or inaccuracies regarding the topologies of these trigger circuits and the effectiveness of previously proposed detection methods. Therefore, in this paper, we first revisit the design of switched capacitor-based trigger circuits and we present several design configurations which are not encompassed by previously demonstrated models, but which can also serve the same malevolent purpose. We, then, discuss the effectiveness and the shortcomings of existing defense methodologies, and we point towards additional research that is needed in this area.