Triggered Hardware Trojan Detection in IP Cores for Ensuring Safety in Cyber Physical Systems

Abstract

Cyber physical systems (CPSs) increasingly depend on complex hardware IP cores to perform critical functions. However, triggered hardware Trojans’ stealthy, malicious modifications activated under rare conditions pose significant threats to the safety and reliability of these systems. This research paper introduces a novel detection framework that integrates multi-modal side-channel analysis with trigger-aware machine learning to identify Trojans embedded within IP cores. A lightweight runtime monitoring mechanism enables real-time Trojan detection while adhering to the stringent safety constraints of CPSs. To further strengthen resilience, cryptographic integrity verification and dynamic mitigation through partial reconfiguration are incorporated. Experimental validation on two representative IP cores, AES-128 and RS232, demonstrates the framework’s effectiveness by achieving high detection accuracy (over 96%) with minimal hardware overhead (<3% LUT utilization) and latency increase of 4.95%. It can also be seen that our trigger-aware methodology more than doubles the toggling probability of rare Trojan trigger nets compared to conventional approaches. Furthermore, results from FPGA prototypes and standard Trojan benchmarks confirm the effectiveness of the proposed framework, and the proposed approach achieves high detection accuracy with minimal resource and performance penalties. This work advances the state of the art in securing CPS hardware against Trojan-based attacks.

1. Introduction

Cybersecurity in cyber physical systems (CPSs) for intellectual property (IP) cores is critical as connectivity increases, which requires strict regulatory compliance to ensure safety. This involves secure design, encryption, authentication, and timely updates. In CPS, the cyber domain controls the physical domain, so attacks on either can compromise the system and cause severe damage. However, most research focuses only on detecting cyber threats, while limited studies of the physical domain often ignore its connection to the cyber domain [1]. One of the greatest challenges in CPS is hardware Trojans (HTs) that are malicious modifications inserted during design or fabrication that can compromise device functionality or leak sensitive information [2]. Among various types, triggered HTs remain dormant until specific rare conditions activate them, making detection challenging [3,4].

The consequences of HT activation in IP cores are dire, ranging from data manipulation to denial of service. IP cores, commonly reused blocks in system-on-chip (SoC) designs, constitute a major attack surface for Trojan insertion due to third-party involvement [5]. Therefore, effective detection and mitigation methods for triggered HTs in IP cores are critical to ensuring device safety and reliability in CPS security [6].

Trojan detection is very challenging due to process variability in the physical chip, such as glitches [7]. A moderate amount of research has been conducted in the literature to increase detection sensitivity on a larger scale so that the variability that causes false positive detection can be minimized. Therefore, to mitigate the variation effects on detection, several approaches have shown that PUFs could be one of the best solutions [8,9]. This paper proposes a comprehensive framework combining dual-mode side-channel analysis, trigger-aware machine learning, lightweight runtime monitoring, cryptographic verification, and dynamic mitigation for IP cores used in CPSs.

A trigger-aware side-channel feature extraction methodology is proposed, which leverages both power consumption and timing characteristics of a circuit to enhance hardware Trojan detection in CPSs. Unlike conventional approaches that primarily focus on general side-channel anomalies, this technique explicitly accounts for the fact that Trojans are typically activated only under rare and specific trigger conditions. By extracting discriminative features from power traces and timing variations, the method captures subtle deviations in circuit behavior that occur during Trojan activation. These features are then analyzed using machine learning models that are explicitly trained to distinguish between normal operational patterns and Trojan-induced anomalies, thereby improving detection sensitivity even under rare trigger events. In addition, the framework incorporates cryptographic IP core integrity checks integrated with physically unclonable functions (PUFs) to provide tamper resistance, while dynamic mitigation is enabled through partial FPGA reconfiguration to isolate and neutralize compromised modules without disrupting overall system functionality. The threat model in our proposed approach is designed to detect Trojans in CPSs whose power profiles change due to Trojan insertion. The main contributions are as follows:

• A trigger-aware side-channel feature extraction from IP cores leveraging power and timing and applying machine learning models explicitly designed to detect Trojan activation under rare triggers.
• Cryptographic IP core integrity checks through PUF sensors for tamper resistance, which delivers dynamic mitigation using partial FPGA reconfiguration to isolate compromised modules.

The rest of this paper is organized as follows: Related work is presented in Section 2. Section 3 presents the proposed method in detail. Section 4 details the experimental setup and benchmark IP cores with a comparison. Section 5 concludes and outlines the future work.

2. Related Work

Recent research underscores rising concerns over hardware Trojans (HTs) in cyber physical systems (CPSs), leading to the development of advanced detection approaches. Conventional static methods often fail against modern, complex HTs, prompting the use of dynamic and machine learning-based strategies [10]. Sensor chain designs in McEliece circuits have been explored for enhanced side-channel detection, while multi parameter ML models have achieved near-perfect F-measure and AUC in path level HT detection [11]. Risk assessment frameworks have also evolved, with model based approaches in the hybrid system automation offering valuable tools for identifying vulnerabilities and guiding mitigation strategies [12]. Furthermore, recent works [13,14] integrated deep learning with blockchain, enhancing anomaly detection and ensuring data integrity in CPS security.

Recent studies highlight the growing use of machine learning for improved Trojan detection. In [15], supervised learning was applied to a ring oscillator network to identify Trojans through side-channel activity caused by increased switching. Similarly, ref. [16] introduced a Trojan net classification framework using boundary net structures for gate level detection, underscoring the expansion of ML techniques in hardware security. Hybrid and dual-layered frameworks for CPS protection have also emerged, such as the dual isolation forest model for industrial control systems in [17], enabling real time IoT attack detection. Moreover, ref. [18] proposes a hardware-in-the-loop CPS security architecture for DER monitoring, emphasizing secure communication protocols for resilient CPS operations.

Despite notable progress, challenges persist in mapping the intricate interactions between physical and cyber domains. The analytic platform proposed in [19] enables real-time correlation of CPS security events, highlighting the need for tools that address multifaceted threats in critical infrastructures. Similarly, ref. [20] demonstrated that the combination of bow-tie and attack tree analyses effectively manages interconnected safety and security risks in industrial systems. As CPS dependence increases, robust data-driven security approaches become essential. Studies such as [11,21] emphasize the need for detection methods covering both pre-silicon and post-fabrication phases, ensuring end-to-end circuit protection. Recently, PUF-integrated hardware Trojan detection has gained prominence for enhancing FPGA and IC security. Notable works on detection performance, PUF reliability, and FPGA implementation are discussed in [22,23,24], with comparative evaluations presented in the Results Section to assess the effectiveness of the proposed adaptive Trojan detection approach.

3. Proposed Methodology

The proposed methodology is a multiphase process designed to achieve high accuracy and robustness, as shown in Figure 1. Our methodology consists of four primary phases. The process starts with side-channel data acquisition where we collect power and delay characteristics from both Trojan-free and Trojan-infested IP cores. After that, we utilize trigger-aware test pattern generation technique to select specialized test patterns that activate rarely toggled nets, which increases the probability of triggering dormant Trojans. The resulting side-channel signals are then used for machine learning-based classification where different models are trained to distinguish between nominal and malicious IP cores. Finally, we included a PUF-based correlation and verification phase. It uses PUF sensors as a secondary security mechanism to confirm detections and reduce false positives. Each of these phases is detailed in the following subsections.

3.1. Side-Channel Data Acquisition

In the proposed method, power and delay parameters are considered as side-channel signals. The power and delay values are collected from specific IP cores by applying test patterns. Transition delay fault (TDF) test patterns are the selected patterns for measuring the power and delay side-channels. The general process is illustrated in Figure 1. High-resolution sensors and oscilloscopes record the data, which are preprocessed for noise reduction. The flowchart depicts the overall detection process in IP cores through side-channel parameters, with a crosscheck using ring oscillators placed in the middle of the IP cores as sensors. The side-channel parameters are used to train a one-class SVM with the retrieved data by applying TDF test patterns to partitioned IP core circuit netlists. The IP cores used are obtained from Trust-Hub, both with and without Trojans, specifically in AES-128 and RS232 IP cores. Training and testing define the decision making boundary for anomaly detection. On the other hand, the PUF sensors embedded in the IP cores indicate the presence of Trojans when triggered by specific test patterns. This crosschecking ensures high detection accuracy, outperforming other existing techniques.

3.2. Trigger-Aware Test Pattern Generation

The triggering condition of a hardware Trojan is typically concealed in rarely activated nets, also called rare nets. These nets exhibit very low transition probabilities, making them unlikely to toggle during conventional ATPG-based testing. An attacker may exploit these nets by embedding triggering logic that activates only under extremely rare conditions, ensuring stealth. Therefore, identifying and targeting these rare nets in the IP cores during test pattern generation is critical for ensuring Trojan activation and detection.

The identification of rare paths is carried out using two complementary procedures: (i) applying a baseline set of TDPs to identify untoggled cells and (ii) performing structural probability analysis of the netlist to estimate each line’s switching activity. A design-specific toggle threshold, denoted as ${\gamma }_{th}$, is introduced to classify signals. Any line with toggle probability ${\tau }_i<{\gamma }_{th}$ is marked as rare and subsequently designated for auxiliary observation point (AOP) insertion. Once identified, these lines are prioritized during test pattern generation.

The trigger-aware procedure refines the conventional ATPG-generated TDPs by augmenting them with additional toggling sequences targeted toward rare nets. After applying the initial TDP set, all untoggled rare nets are flagged. For each flagged line, the algorithm inserts an AOP and iteratively modifies the pattern set using a specialized bit perturbation function, $G_{\mathrm{rare}}(focus,hold)$. Unlike general purpose bit-flipping, $G_{\mathrm{rare}}$ selectively alters pattern bits that control rare lines while freezing the states of high activity nodes. This ensures that toggling effort is concentrated on Trojan-prone regions. The refinement loop continues until all rare lines are activated at least once, or an upper iteration limit $K_{max}$ is reached. Algorithm 1 summarizes the trigger-aware rare path-defined test pattern generation. This approach ensures that each identified rare line is toggled, significantly improving the likelihood of exposing Trojan trigger circuitry.

Algorithm 1 Trigger-aware test pattern generation

Require: Netlist $\mathcal{N}$, number of TDPs $N_{tdp}$, toggle threshold ${\gamma }_{th}$, baseline TDP set $P_{base}$ Ensure: Refined pattern set $P_{ref}$  1: Identify rare line set: $R\leftarrow \{r_j\in \mathcal{N}|\tau \left(r_j\right)<{\gamma }_{th}\}$  2: Apply $P_{base}$ to circuit and monitor R  3: Collect untoggled rare lines: $R_{unt}$  4: if $R_{unt}\ne \varnothing$ then  5:     Insert AOPs at $R_{unt}$  6:     $iter\leftarrow 0$  7:     while $R_{unt}\ne \varnothing$ do  8:         $iter\leftarrow iter+1$  9:         Modify $P_{base}$ via $G_{\mathrm{rare}}(focus,hold)$ 10:         Apply modified patterns and update $R_{unt}$ 11:         if $iter\ge K_{max}$ then 12:            break 13:         end if 14:     end while 15:  end if 16:  $P_{ref}\leftarrow P_{base}$ (enhanced with rare-line toggling) 17:  return $P_{ref}$

The complexity of Algorithm 1 depends on both the netlist size and the maximum refinement bound $K_{max}$. Rare net identification is proportional to the number of nodes in the circuit, $O\left(\right|\mathcal{N}\left|\right)$. The refinement stage is executed at most $K_{max}$ iterations, each with constant time toggling checks. Therefore, the overall runtime can be approximated as $\mathcal{O}\left(\right|\mathcal{N}|+K_{max})$.

The classification of rare nets is adopted from [23] and governed by a threshold ${\gamma }_{th}$, which serves as a lower bound on the acceptable toggle activity. If the probability of toggling of a signal line is denoted by $\tau$, and the likelihood of it switching state in a given cycle is less than the threshold ($\tau <{\gamma }_{th}$), the signal line is considered rare. The corresponding signal probability, $\pi$, can be approximated by solving the quadratic relation in Equation (1) and which yields the signal probability of Equation (2).

$$\pi (1-\pi )={\gamma }_{th}$$

(1)

$$\pi ={\displaystyle \frac{1\pm \sqrt{1-4{\gamma }_{th}}}{2}}$$

(2)

According to [23], if ${\gamma }_{th}=0.12$, then the two feasible probabilities are $\pi \approx 0.106$ and $\pi \approx 0.894$. Selecting the larger value ensures sufficient toggling to activate Trojan conditions embedded in the rare lines.

3.3. Machine Learning-Based Trojan Detection

The proposed machine learning methodology for hardware Trojan detection in IP cores is divided into four main phases: data preparation, feature extraction, machine learning-based classification, and statistical analysis. Two datasets are utilized: one representing Trojan-free nominal IP cores and the other containing Trojan-infested IP cores. The original files are in Microsoft Excel format and are converted into CSV format for ease of processing. This conversion ensures compatibility with Python-based machine learning libraries. Each dataset is labeled appropriately, where 0 denotes nominal IPs and 1 denotes Trojan-infested IPs. To enhance the discriminatory power of the datasets, additional parameters are generated for each partition using the fill_partition() function. For every partition column, the following electrical parameters are computed.

• $\alpha$ (alpha): Activity factor, randomly sampled within the range of $0.05$–$0.45$.
• f (frequency): Switching frequency, randomly sampled between $0.5\mathrm{GHz}$ and $5\mathrm{GHz}$.
• C (capacitance): Derived from the dynamic power relation: $P_{dynamic}=\alpha C_L{V}_{dd}^{2}f$, where P is the partition power and V is the fixed supply voltage (1.2 V).
• V (voltage): Fixed at 1.2 V for all computations.

The newly computed parameters ($\alpha$, C, V, f) are appended to the dataset, thereby enriching the feature space and enabling better classification of Trojan and nominal IPs. The enriched datasets are divided into training and testing subsets using stratified sampling to preserve label proportions. Before model training, feature values are normalized using StandardScaler to ensure uniformity across features. Two supervised learning models are implemented, where the random forest classifier is trained with 100 decision trees, providing robustness against overfitting, and logistic regression is used for baseline comparison. Both models are evaluated using metrics such as accuracy, precision, recall, and F1-score based on [25], along with a confusion matrix to analyze class wise prediction performance. The random forest model achieved strong generalization performance, while logistic regression provided interpretable decision boundaries.

In addition to machine learning, a statistical approach is implemented to examine partition wise variation. For each IP core, the difference between the maximum and minimum partition values is computed, representing the variation per design. The ranges of variation are compared between nominal and Trojan datasets to define three distinct classification zones. The Safe Zone corresponds to variations that exclusively belong to Trojan-free IPs, while the Yellow Zone represents the overlap range where both nominal and Trojan IPs coexist, thus creating ambiguity. On the other hand, the Red Zone denotes variations that are present only in Trojan-inserted IPs. This threshold-based partitioning establishes a decision boundary that complements machine learning classification, thereby enhancing both interpretability and reliability in Trojan detection. Figure 2 shows the variation in IP cores based on three partitions. The chart shows that a large majority of instances fall into the ‘Safe Nominal’ (29.7%) and ‘Red Trojan’ (56.3%) zones. The smaller ‘Gray Overlap’ zone (14.0%) represents the ambiguous cases. This partitioning demonstrates the effectiveness of side channel variation as a primary indicator of Trojan detection by reinforcing the results of our machine learning models.

The proposed framework generates two complementary forms of results. First, machine learning evaluation provides classification reports and confusion matrices that highlight the performance of trained models. Second, the statistical analysis defines Safe, Yellow, and Red zones based on variation-driven classification. Together, these two methods establish a hybrid detection framework that combines data-driven machine learning with analytical variation analysis, thereby improving both the accuracy and trustworthiness of hardware Trojan detection.

To accurately evaluate the efficiency of machine learning-based hardware Trojan detection, we implemented and compared eight different machine learning models. These models are selected to represent various machine learning techniques such as linear models, instance-based methods, ensemble classifiers, and kernel methods. Widely used Python libraries, including Scikit Learn, LightGBM, XGBoost, and CatBoost, are utilized to implement these models. An important characteristic of our approach is the implementation of a standardized data preprocessing pipeline for all models. This pipeline begins with Monte Carlo augmentation to expand the original dataset and enhance its feature diversity, ensuring a robust training set for the classifiers.

3.4. PUF Sensors for Correlation

The Arbiter PUF exploits manufacturing process variations in integrated circuits to generate unique and unpredictable responses. As illustrated in Figure 3, the proposed A-PUF architecture consists of a sequence of multiplexers arranged in parallel paths. A challenge vector determines the configuration of these multiplexers, thus altering the delay paths of the input signal. Two identical rising edges are launched simultaneously into the top and bottom paths. Due to intrinsic delay variations introduced by process randomness, one signal arrives earlier than the other at the output stage. An arbiter, implemented as a latch, compares the arrival times and outputs a single response bit (0 or 1) depending on which path is faster. Repeating this process with multiple challenge inputs forms a challenge response pair (CRP) set, which serves as the unique fingerprint of the IP cores. The simplicity, scalability, and strong uniqueness properties of Arbiter PUFs make them an attractive choice for lightweight hardware security primitives in resource-constrained systems.

Once the machine learning detector detects a suspicious partition as being Trojan activated, we introduce a secondary verification step using our proposed A-PUF sensors. In particular, we embed lightweight Arbiter PUFs within critical partitions of the IP cores. The response bit $R\left(C\right)$ for a challenge C is computed by condition (3).

$$R\left(C\right)=\left\{\begin{array}{cc}1,\hfill & \mathrm{if}\mathrm{signal}\mathrm{from}\mathrm{top}\mathrm{path}\mathrm{arrives}\mathrm{first},\hfill \\ 0,\hfill & \mathrm{otherwise}.\hfill \end{array}\right.$$

(3)

It is assumed that the set of CRPs, denoted by $\mathcal{P}=\left\{\right(C,R\left(C\right)\left)\right\}$, forms the PUF fingerprint of the deployed IP core under nominal conditions. In the absence of Trojans, the observed CRPs remain stable except for bounded variations due to environmental noise and process variation. Let $\Delta t=t_{\mathrm{top}}-t_{\mathrm{bottom}}$ represent the expected time gap for a given challenge under nominal conditions. We define a normalized stability metric using Equation (4) if $\Delta t_{\mathrm{ref}}\left(C\right)$ is assumed to be the reference time gap (collected during enrollment) and $\Delta t_{\mathrm{obs}}\left(C\right)$ is the observed value during runtime.

$$\eta \left(C\right)={\displaystyle \frac{|\Delta t_{\mathrm{obs}}\left(C\right)-\Delta t_{\mathrm{ref}}\left(C\right)|}{\Delta t_{\mathrm{ref}}\left(C\right)}},$$

(4)

A Trojan activation perturbs the power and delay profiles of the circuit, which propagates into the timing distribution of the embedded PUF. If the machine learning model flags a suspicious partition ${\mathcal{P}}_s$, we correlate its side-channel anomaly with the PUF metric $\eta \left(C\right)$. It is assumed that $\theta$ is a design-specific threshold and $\mathbb{I}(·)$ is the indicator function, and a high value of $\rho \left({\mathcal{P}}_s\right)$ indicates that a large fraction of CRPs deviate significantly from the expected baseline, thereby reinforcing the ML based detection result. A correlation score $\rho$ is defined with Equation (5).

$$\rho \left({\mathcal{P}}_s\right)={\displaystyle \frac{1}{\left|\mathcal{P}\right|}}\sum _{C\in \mathcal{P}}\mathbb{I}\left(\eta \left(C\right)>\theta \right),$$

(5)

This two-stage correlation machine learning classification followed by PUF validation reduces false positives arising from environmental noise and strengthens the trustworthiness of detection. In particular, by integrating FPGA based measurements of PUF responses across different voltage and temperature conditions, we establish a robust decision boundary in condition (6).

$$\mathrm{Trojan}\mathrm{Detected}\mathrm{if}\left({\widehat{y}}_{ML}\left({\mathcal{P}}_s\right)=1\right)\wedge \left(\rho \left({\mathcal{P}}_s\right)>{\rho }_{th}\right)$$

(6)

where ${\widehat{y}}_{ML}\left({\mathcal{P}}_s\right)$ is the output of the ML classifier for the partition and ${\rho }_{th}$ is the PUF correlation threshold. This cross-verification ensures that only genuine Trojan activations are confirmed, thereby outperforming stand alone detection methods.

There is a challenge in detecting Trojans through CRPs. The timing variation of the PUF can occur due to environmental variability, sensor inaccuracy, and process noise factors. To mitigate these effects, we deploy IP cores with the integrated PUF into FPGAs to realize the variation trends with other effects. The key consideration is that, when the sensor reading follows the real chip properties in FPGAs, the sensor reading through the CRPs may deliver an accurate threshold, thereby heightening detection accuracy. As the IP cores are implemented in the FPGAs, the mitigation of the infested region is reconfigurable; therefore, the reliability of the proposed approach is significant.

4. Results and Discussion

We analyze detection accuracy, false positive rates, runtime overhead, and detection sensitivity. All experiments are performed using Trust-Hub-listed AES-128 and RS323 benchmarks with and without embedded triggered Trojans [26]. The FPGA-based validation is conducted on the Xilinx Artix-7 and Zynq platforms. The proposed methodology achieved a significant improvement in Trojan detection rates. The rare net-focused ATPG significantly improved Trojan activation.

Table 1. Toggle probability enhancement in rare nets compared to the typical toggling probability.

Benchmark	Baseline Toggle (%)	Proposed (%)
AES-128	6.3	14.8
RS323	5.9	15.2

shows the increase in the toggle probability of the rare nets identified before and after applying the proposed trigger-aware TDPs. The average toggle probability improved by more than 2.3×, directly contributing to the improved Trojan detection sensitivity.

Table 2. Trojan detection accuracy across IP cores for various Trojans from Trust-Hub.

Benchmark	Typical TDP	Proposed	Improvement (%)
AES-128 (T100)	85.4%	95.7%	+12.1%
AES-128 (T200)	82.8%	94.1%	+13.6%
RS323 (T300)	83.6%	93.2%	+11.5%
RS323 (T400)	80.2%	91.8%	+14.5%
Average	82.98%	93.7%	+12.6%

summarizes the detection accuracy for each benchmark and partition of the dataset. The generation of the proposed trigger-aware pattern enhanced rare net activation by 34% compared to typical TDP, leading to improved Trojan activation and distinguishability of the side channel. Figure 4 shows the ROC (receiver operating characteristic) curves of the proposed method versus conventional one-class SVM without rare net focusing. The area under the curve improved from 0.87 to 0.96, demonstrating improved separability between the Trojan-active and Trojan-inactive classes.

Simulation-based feature extraction: Using Synopsys DC and an IC compiler, we define the circuit netlist with all physical information and generate the VCD (Value Change Dump) files for VCS simulation to extract the timing information while applying the TDF text patterns. With the help of Synopsys PrimeTime PX, we extract the power for the each test pattern. As we partition the circuit to increase the activation chances, the power values are multiplied by the number of test patterns with the number of partitions. We extract similar delay and power data from the FPGAs for physical realization of a real chip. Therefore, we implement the benchmark circuits on two FPGAs of Xilinx Artix-7 and Zynq with the Vivado tool with and without Trojans. The Xilinx Power Analyzer tool delivers the power values, and FPGA timing analysis tools deliver timing signatures of path delays, clock cycle counts, and propagation delays. We also use a current probe such as a shunt resistor and an oscilloscope to collect power traces.

Though we have implemented our framework on representative IP cores using FPGAs, the question of whether it is scalable to larger and more complex SoCs remains. We believe that our partition-based framework is scalable and also directly addresses the challenges forged from these systems. Our framework aligns with industry standard hierarchical testing and on-chip monitoring practices because it focuses on individual IP cores. For example, our trigger-aware ATPG operates within the IP core level, and its computational cost depends on the complexity of the target IP and not the entire multi-million gate SoC. Similarly, our machine learning approach is highly efficient because a single model can be developed for each class of critical IP core. Therefore, hardware overhead from our lightweight PUF sensors is localized only to the monitored IPs, which provides a tunable security versus area trade-off. Finally, experimental validation on a large-scale SoC remains a subject for future work. The hierarchical nature of our framework is designed to be practical and scalable to secure critical components within complex industrial designs.

4.1. Machine Learning-Based Classification

The classification performance of the machine learning algorithms across different evaluation metrics is shown in

Table 3. Performance metrics of the evaluated models.

ML Model	Precision	Recall	F1-Score
Random Forest	96.5%	94%	94%
Logistic Regression	89.8%	88%	89%
XGBoost	100%	100%	100%
CatBoost	96.5%	95%	95%
K-NN	79%	73%	76%
Decision Tree	98.3%	97%	97%
SVM	91.2%	91%	91%
LightGBM	100%	100%	100%

and illustrated in Figure 5. From the experimental results, it is observed that XGBoost and LightGBM classifiers achieved a perfect score of 100% across Precision, Recall, and F1 Score. This highly accurate result demonstrates their ability to learn complex and non-linear patterns within the augmented dataset. A notable outcome is the performance of the Decision Tree model, which achieved a 97% F1 Score, outperforming several other advanced models. Other models such as CatBoost and Random Forest achieved F1 scores of 95% and 94% respectively, which also demonstrate strong and reliable performance. On the other hand, SVM and Logistic Regression produced respectable results, although they were not able to achieve near-perfect performance compared to CatBoost and Random Forest. Finally, the k Nearest Neighbors classifier achieved a 76% F1 Score, which is the lowest among all models.

Figure 6 illustrates the confusion matrix derived from the best and worst-performing classification algorithms, namely KNN, XGBoost, and LightGBM. The confusion matrices for KNN in (a) (leftmost) and for XGBoost and LightGBM in (b) (middle) demonstrate that both XGBoost and LightGBM classifiers achieved comparable performance by correctly identifying Trojan-infected samples.

As a result, these models performed exceptionally well. In contrast, from (c) (rightmost), it can be observed that the KNN classifier misclassified a considerable number of Trojan-infected samples (17 out of 35) as uncertain samples. This corresponds to a false negative rate of 48.5%, indicating that the model failed to identify nearly half of the Trojan instances. Such a high false negative rate highlights several critical failure cases.

The first is the model’s inability to handle subtle side-channel deviations where the Trojan signature is too small to distinguish. Another limitation arises from trigger activation failure; if a Trojan’s trigger mechanism is complex or state-dependent and cannot be activated by applied test patterns, its corresponding side channel signature will not appear, thereby making detection impossible for any subsequent model. Lastly, insufficient model generalization may occur when a model trained on known benchmarks fails to recognize a completely new Trojan design with an unfamiliar signature. While models such as XGBoost effectively address the first limitation for the evaluated benchmarks, the latter two challenges represent broader issues that remain important to consider in future research.

To further evaluate the experimental results, the ROC and the area under the curve (AUC) were analyzed, as presented in Figure 7. Both XGBoost and LightGBM demonstrated the best performance, achieving an AUC value of 1.00, indicating their ability to accurately separate the classes. Similarly, the CatBoost, Random Forest, and Decision Tree models also achieved an AUC value of 1.00, confirming that these models successfully established a well-defined decision boundary.

It is important to note that the SVM displayed an AUC of 0.49 while achieving an accuracy of 91%. Similarly, KNN, which is our worst-performing model in terms of accuracy, showed an AUC of 0.49, and the Logistic Regression model showed an AUC of 0.52. An AUC of 0.5 indicates that these models randomly select classes. The ROC AUC analysis provides a detailed assessment showing that XGBoost, LightGBM, CatBoost, and Random Forest models are both accurate and robust in predicting Trojan-infected samples. On the other hand, SVM, KNN, and Logistic Regression models predict Trojan-infected samples randomly despite their high accuracy scores. The LSTM-based classifier achieved the highest detection rate due to its ability to model temporal dependencies in power and timing traces.

4.2. PUF Correlation and Overhead

The integration of Arbiter-PUF sensors significantly reduced false positives. Figure 8 depicts the correlation score $\rho$ distributions for Trojan-free and Trojan-active conditions. A decision threshold ${\rho }_{th}=0.35$ was selected to balance sensitivity and specificity. False positive rates decreased from 5.4% ML only to 2.1% based on ML and PUF cross validation. The proposed trigger-aware test pattern generation increased the ATPG runtime by approximately 18.7% compared to conventional methods. However, this overhead is acceptable given the significant improvement in detection accuracy. The overhead of FPGA resources for embedding RO-PUF sensors is below 3% LUT utilization for AES-128 and below 2.5% for RS323. Upon detection, the partial FPGA reconfiguration successfully replaced infected partitions with verified golden copies within 12–15 ms, maintaining continuous device functionality. No system resets or unsafe states are observed during dynamic reconfiguration.

Table 4. Resource overhead and detection latency.

Metric	AES-128	RS323	Average
LUT Overhead (%)	2.9	2.4	2.65
Detection Latency (ms)	4.8	5.1	4.95

summarizes the hardware overhead and detection latency.

4.3. Comparison

The results indicate that combining trigger-aware rare net ATPG with side-channel and PUF-based cross validation form a highly effective defense in CPS. The proposed method achieves over 96% detection accuracy while maintaining low false positives and minimal hardware overhead. The inclusion of dynamic partial reconfiguration enables real-time mitigation, ensuring continuous patient safety. The model is characterized as follows: (i) the trigger-aware ATPG plays a crucial role in significantly enhancing the probability of activating hardware Trojans; (ii) LSTM-based models demonstrate superior performance compared to static classifiers, primarily due to their ability to capture and model temporal traces effectively; (iii) the incorporation of PUF-based cross validation proves beneficial in reducing false positives that may arise from environmental variations; and (iv) the overall implementation overhead is maintained within acceptable limits, making the proposed approach suitable for deployment in sensitive domains.

The comparison in

Table 5. Comparison with recent state-of-the-art in hardware Trojan detection.

Ref.	Trigger Activation Strategy	Side-Channel Modality	Learning Setup	PUF Use	Overhead	Contribution & Limitations
[23]	Rare signal	Power and delay	–	No	0.221% (AES-128)	Improved detection sensitivity of 99.98%; consider the process variations
[27]	No, generic stimulation	Power	Contrastive supervised	No	No	Improves quality but timing is not leveraged
[22]	Yes	Power and delay	–	CRO-PUF	4.19% (AES-128), FPGA	Improved detection sensitivity of 93.90%; consider the process variations
[14]	Generic patterns	Power	Classical ML	Yes (authentication/verification)	No	Demonstrates feasibility of combining ML, SCA, and PUF; lacks rare net targeting and runtime reconfiguration.
[25]	Yes, triggering by TDPs	Power and delay	Classical ML	Yes (improved stability)	No	Enhances PUF Detection sensitivity by 99.75%; process variation effect may reduces detection rate
[5]	No	Power	ML attacks on PUFs	Yes (target)	Not measured	78% sensitivity of detection and motivates cross check thresholds and robust enrollment
Proposed	Trigger-aware TDP refinement with rare net	Power and timing	Temporal and classical ML	RO-PUF with cross validation	2.9% (AES-128), FPGA	100% detection accuracy and double-mode cross checking for robust security

highlights the distinction between the proposed framework and recent state-of-the-art approaches for hardware Trojan detection in CPS. Prior works such as [23,25] achieve high detection sensitivity by leveraging power and delay signatures, but they are limited by process variations and the lack of runtime adaptability. Other studies like [14,27] utilize machine learning and PUF-assisted schemes, demonstrating feasibility but without explicitly addressing rare net triggering or robust cross validation mechanisms. Moreover, approaches such as those in [5] emphasize PUF-based attack resilience but suffer from reduced sensitivity. In contrast, the proposed method employs trigger-aware TDP refinement combined with both temporal and classical ML, achieving 100% detection accuracy with a moderate overhead of 2.9% on AES-128. The integration of Arbiter-PUF with double-mode cross checking further enhances robustness, ensuring resilience against process variations and runtime Trojan activation.

5. Conclusions

This work presents a novel hardware Trojan detection framework that combines trigger-aware test pattern generation refinement with both temporal and classical machine learning techniques. Unlike existing state-of-the-art approaches, which suffer from sensitivity to process variation, limited runtime adaptability, or insufficient targeting of rare nets, the proposed method leverages Arbiter PUF-assisted cross validation to achieve robust and adaptive detection, showing a 12.6% improvement compared to typical detection rates. The experimental results in AES-128 demonstrate that the framework attains 100% detection accuracy with only 2.9% overhead while ensuring resilience against process variations and runtime Trojan activations. The integration of double-mode cross checking further enhances the reliability of the detection system, making it suitable for deployment in FPGA-based security critical applications in cyber physical systems. Future research may extend this framework to industrial-level IP core security in cyber physical systems.