Hardware Trojan Insertion by Direct Modification of FPGA Configuration Bitstream

In this work, we have demonstrated the feasibility of hardware Trojan insertion in circuits mapped on FPGAs by direct modification of the FPGA configuration bitstream. The main challenge of this attack proved to be the lack of sufficient information in the public domain about the bitstream format and the internal architecture and configurability of the FPGA. Nevertheless, we were able to show that under certain constraints on the functionality, size and placement of the Trojan on the FPGA, it is possible to modify the configuration bitstream by a software program to insert a hardware Trojan in the design. The main strength of the attack lies in the fact that since the modification is at the configuration bitstream level, it bypasses all predeployment design validation mechanisms. We also propose some techniques to prevent the demonstrated attack. We hope that this work will raise awareness among FPGA users about the potency of the threat posed by this relatively simple attack and its improved variants. .