This paper presents BLADEI, a system that screens FPGA configuration bitstreams for hardware Trojans (malicious circuits) in real time, without needing source code or design files—just the raw bitstream. The authors combine machine learning on byte sequences with statistical features to detect anomalies, achieving 0.91 F1-score on 1,383 bitstreams. However, 92% of the 16-second detection latency comes from software preprocessing, so they propose a hardware-accelerated streaming engine on the FPGA itself to drop preprocessing time to milliseconds, enabling "just-in-time" security checks before loading a configuration into the FPGA.
Main takeaways:
- Detects malicious FPGA configurations from raw bitstreams alone—no access to the original design or toolchain needed.
- Software-based feature extraction is the bottleneck (15 seconds out of 16), not the ML model (1.4 seconds).
- Proposes moving the preprocessing step onto the FPGA's programmable logic to reach millisecond-scale latency.
- Achieves 0.91 F1-score on a dataset of over 1,300 bitstreams, making it feasible for cloud/edge deployment pipelines.
- Positions bitstream screening as a "first-class security primitive" for multi-tenant FPGA systems.