Black-Hat High-Level Synthesis: Myth or Reality?

Hardware Trojans are a major concern for integrated circuits. All parts of the electronics supply chain are vulnerable to this threat. Trojans can be inserted directly by a rogue employee or through a compromised computer-aided design tool at each step of the design cycle, including an alteration of the design files in the early stages and the fabrication process in a third-party malicious foundry. While Trojan insertion during the latter stages has been largely investigated, we focus on high-level synthesis (HLS) tools as a likely attack vector. HLS tools are used to generate intellectual property blocks from high-level specifications. To demonstrate the threat, we compromised an open-source HLS tool to inject three examples of HLS-aided hardware Trojans with functional and nonfunctional effects. Our results show that a black-hat HLS tool can be successfully used to maliciously alter electronic circuits to add latency, drain energy, or undermine the security of cryptographic hardware cores. This threat is an important security concern to address.