Graph Neural Networks for Hardware Vulnerability Analysis - Can you Trust your GNN?

Lilas Alrahis, Ozgur Sinanoglu

Research output: Chapter in Book/Report/Conference proceedingConference contribution


The participation of third-party entities in the globalized semiconductor supply chain introduces potential security vulnerabilities, such as intellectual property piracy and hardware Trojan (HT) insertion. Graph neural networks (GNNs) have been employed to address various hardware security threats, owing to their superior performance on graph-structured data, such as circuits. However, GNNs are also susceptible to attacks.This work examines the use of GNNs for detecting hardware threats like HTs and their vulnerability to attacks. We present BadGNN, a backdoor attack on GNNs that can hide HTs and evade detection with a 100% success rate through minor circuit perturbations. Our findings highlight the need for further investigation into the security and robustness of GNNs before they can be safely used in security-critical applications.

Original languageEnglish (US)
Title of host publicationProceedings - 2023 IEEE 41st VLSI Test Symposium, VTS 2023
PublisherIEEE Computer Society
ISBN (Electronic)9798350346305
StatePublished - 2023
Event41st IEEE VLSI Test Symposium, VTS 2023 - San Diego, United States
Duration: Apr 24 2023Apr 26 2023

Publication series

NameProceedings of the IEEE VLSI Test Symposium


Conference41st IEEE VLSI Test Symposium, VTS 2023
Country/TerritoryUnited States
CitySan Diego


  • Backdoor attacks
  • Graph neural networks
  • Hardware Trojans
  • Hardware security
  • Intellectual property

ASJC Scopus subject areas

  • Computer Science Applications
  • Electrical and Electronic Engineering


Dive into the research topics of 'Graph Neural Networks for Hardware Vulnerability Analysis - Can you Trust your GNN?'. Together they form a unique fingerprint.

Cite this