Skip to Main Content
This paper proposes a novel minimal test point insertion methodology that provisions a provably complete detection of hardware Trojans by noninvasive timing characterization. The objective of test point insertion is to break the reconvergent paths so that target routes for Trojan delay testing are specifically observed. We create a satisfiability-based input vector selection for sensitizing and characterizing each single timing path. Evaluations on benchmark circuits demonstrate that the test point-based Trojan detection can cover all circuit locations and can detect Trojans accurately with less than 5% performance overhead.