Hardware Trojan (HT) has emerged as an impending security threat to hardware systems. However, conventional functional tests fail to detect HT since Trojans are triggered by rare events. Most of the existing side-channel based HT detection techniques just simply compare and analyze circuit's parameters and offer no signal calibration or error correction properties, so they suffer from the challenge and interference of large process variations (PV) and noises in modern nanotechnology which can completely mask Trojan's contribution to the circuit. This paper presents a novel HT detection method based on subspace technique which can detect tiny HT characteristics under large PV and noises. First, we formulate the HT detection problem as a weak signal detection problem, and then we model it as a feature extraction model. After that, we propose a novel subspace HT detection technique based on time domain constrained estimator. It is proved that we can distinguish the weak HT from variations and noises through particular subspace projections and reconstructed clean signal analysis. The reconstructed clean signal of the proposed algorithm can also be used for accurate parameter estimation of circuits, e.g. power estimation. The proposed technique is a general method for related HT detection schemes to eliminate noises and PV. Both simulations on benchmarks and hardware implementation validations on FPGA boards show the effectiveness and high sensitivity of the new HT detection technique.

We propose a new security model based on MLS Policy to achieve a better security performance on confidentiality, integrity and availability. First, it realizes a combination of BLP model and Biba model through a two-dimensional independent adjustment of integrity and confidentiality. And, the subject's access range is adjusted dynamically according to the security label of related objects and the subject's access history. Second, the security level of the trusted subject is extended to writing and reading privilege range respectively, following the principle of least privilege. Third, it adjusts the objects' security levels after adding confidential information to prevent the information disclosure. Fourth, it uses application-oriented logic to protect specific applications to avoid the degradation of security levels. Thus, it can ensure certain applications operate smoothly. Lastly, examples are presented to show the effectiveness and usability of the proposed model.