A legal expert system is a domain-specific expert system that uses artificial intelligence to emulate the decision-making abilities of a human expert in the field of law. Legal expert systems employ a rule base or knowledge base and an inference engine to accumulate, reference and produce expert knowledge on specific subjects within the legal domain. == Purpose == It has been suggested that legal expert systems could help to manage the rapid expansion of legal information and decisions that began to intensify in the late 1960s. Many of the first legal expert systems were created in the 1970s and 1980s. Lawyers were originally identified as primary target users of legal expert systems. Potential motivations for this work included: quicker delivery of legal advice; reduced time spent in repetitive, labour-intensive legal tasks; development of knowledge management techniques that were not dependent on staff; reduced overhead and labour costs and higher profitability for law firms; and reduced fees for clients. Some early development work was oriented toward the creation of automated judges. One of the first use cases was the encoding of the British Nationality Act at Imperial College carried out under the supervision of Marek Sergot and Robert Kowalski. Lance Elliot wrote: "The British Nationality Act was passed in 1981 and shortly thereafter was used as a means of showcasing the efficacy of using Artificial Intelligence (AI) techniques and technologies, doing so to explore how the at-the-time newly enacted statutory law might be encoded into a computerized logic-based formalization." The authors’ seminal article, "The British Nationality Act as a Logic Program," published in 1986 in the Communications of the ACM journal, is one of the first and best-known works in computational law, and one of the most widely cited papers in the field. In 2021, the Inaugural CodeX Prize was awarded to Robert Kowalski, Fariba Sadri, and Marek Sergot in acknowledgment of their groundbreaking work on the application of logic programming to the formalization and analysis of the British Nationality Act. Later work on legal expert systems has identified potential benefits to non-lawyers as a means to increase access to legal knowledge. Legal expert systems can also support administrative processes, facilitate decision-making processes, automate rule-based analyses, and exchange information directly with citizen-users. == Types == === Architectural variations === Rule-based expert systems rely on a model of deductive reasoning that utilizes "If A, then B" rules. In a rule-based legal expert system, information is represented in the form of deductive rules within the knowledge base. In rule-based legal expert systems, logic programming has historically been applied to automate complex compliance paperwork. A notable early example designed for high-volume regulatory filings was the 1999 Intelligent Filing Manager (INTELLIFM), which utilized Prolog rules as its core inference engine to automate the generation, publishing, and population of structured forms via distributed COM interfaces. Case-based reasoning models, which store and manipulate examples or cases, hold the potential to emulate an analogical reasoning process thought to be well-suited for the legal domain. This model effectively draws on known experiences our outcomes for similar problems. A neural net relies on a computer model that mimics that structure of a human brain, and operates in a very similar way to the case-based reasoning model. This expert system model is capable of recognizing and classifying patterns within the realm of legal knowledge and dealing with imprecise inputs. Fuzzy logic models attempt to create 'fuzzy' concepts or objects that can then be converted into quantitative terms or rules that are indexed and retrieved by the system. In the legal domain, fuzzy logic can be used for rule-based and case-based reasoning models. === Theoretical variations === Some legal expert system architects have adopted a very practical approach, employing scientific modes of reasoning within a given set of rules or cases. Others have opted for a broader philosophical approach inspired by jurisprudential reasoning modes emanating from established legal theoreticians. === Functional variations === Some legal expert systems aim to arrive at a particular conclusion in law, while others are designed to predict a particular outcome. An example of a predictive system is one that predicts the outcome of judicial decisions, the value of a case, or the outcome of litigation. == Reception == Many forms of legal expert systems have become widely used and accepted by both the legal community and the users of legal services. == Challenges == === Domain-related problems === The inherent complexity of law as a discipline raises immediate challenges for legal expert system knowledge engineers. Legal matters often involve interrelated facts and issues, which further compound the complexity. Factual uncertainty may also arise when there are disputed versions of factual representations that must be input into an expert system to begin the reasoning process. === Computerized problem solving === The limitations of most computerized problem solving techniques inhibit the success of many expert systems in the legal domain. Expert systems typically rely on deductive reasoning models that have difficulty according degrees of weight to certain principles of law or importance to previously decided cases that may or may not influence a decision in an immediate case or context. === Representation of legal knowledge === Expert legal knowledge can be difficult to represent or formalize within the structure of an expert system. For knowledge engineers, challenges include: Open texture: Law is rarely applied in an exact way to specific facts, and exact outcomes are rarely a certainty. Statutes may be interpreted according to different linguistic interpretations, reliance on precedent cases or other contextual factors including a particular judge's conception of fairness. The balancing of reasons: Many arguments involve considerations or reasons that are not easily represented in a logical way. For instance, many constitutional legal issues are said to balance independently well-established considerations for state interests against individual rights. Such balancing may draw on extra-legal considerations that would be difficult to represent logically in an expert system. Indeterminacy of legal reasoning: In the adversarial arena of law, it is common to have two strong arguments on a single point. Determining the 'right' answer may depend on a majority vote among expert judges, as in the case of an appeal. === Time and cost effectiveness === Creating a functioning expert system requires significant investments in software architecture, subject matter expertise and knowledge engineering. Faced with these challenges, many system architects restrict the domain in terms of subject matter and jurisdiction. The consequence of this approach is the creation of narrowly focused and geographically restricted legal expert systems that are difficult to justify on a cost-benefit basis. Current applications of AI in the legal field utilize machines to review documents, particularly when a high level of completeness and confidence in the quality of document analysis is depended upon, such as in instances of litigation and where due diligence play a role. Among the numerically most quantifiable advantages of AI in the legal field are the time and money saving impact by freeing lawyers from having to spend inordinate amounts of their valuable time on routine tasks, aiding in setting free lawyers’ creative energy by reducing stress. This in turn increases the rate of case load reduction by accomplishing better results in less time, which unlocks potential additional revenue per unit of time spend on a case. The cost of setting up and maintaining AI systems in law is more than offset by the attained savings through increased efficacy; unbalanced cost can be assigned to clients. === Lack of correctness in results or decisions === Legal expert systems may lead non-expert users to incorrect or inaccurate results and decisions. This problem could be compounded by the fact that users may rely heavily on the correctness or trustworthiness of results or decisions generated by these systems. == Examples == ASHSD-II is a hybrid legal expert system that blends rule-based and case-based reasoning models in the area of matrimonial property disputes under English law. CHIRON is a hybrid legal expert system that blends rule-based and case-based reasoning models to support tax planning activities under United States tax law and codes. JUDGE is a rule-based legal expert system that deals with sentencing in the criminal legal domain for offences relating to murder, assault and manslaughter. Legislate is a knowledge graph powered contract management platform whi
Misskey
Misskey (Japanese: ミスキー, romanized: Misukī) is an open source, federated, social networking service created in 2014 by Japanese software engineer Eiji "syuilo" Shinoda. Misskey uses the ActivityPub protocol for federation, allowing users to interact between independent Misskey instances, and other ActivityPub compatible platforms. Misskey is generally considered to be part of the Fediverse. Despite being a decentralized service, Misskey is not philosophically opposed to centralization. The name Misskey comes from the lyrics of Brain Diver, a song by the Japanese singer May'n. == History == Misskey was initially developed as a BBS-style internet forum by high school student Eiji Shinoda in 2014. After introducing a timeline feature, Misskey gained popularity as the microblogging platform it is today. In 2018, Misskey added support for ActivityPub, becoming a federated social media platform. The flagship Misskey server, Misskey.io, was started on April 15, 2019. Misskey, alongside Mastodon and Bluesky, has received attention as a potential replacement for Twitter following Twitter's acquisition by Elon Musk in 2022. On April 8, 2023, Misskey.io incorporated as MisskeyHQ K.K. As of February 2024, over 450,000 users were registered, making it the largest instance of Misskey. Misskey.io is crowdfunded. The administrator of Misskey.io is Japanese system administrator Yoshiki Eto, who operates under the alias Murakami-san. Eiji Shinoda serves as director. In July 2023, Twitter introduced extreme restrictions on their API in order to combat scraping from bots. Some users were critical of the changes, and as a result migrated to other social networks. The number of users registering on Misskey.io, Misskey's official instance and the largest one, increased rapidly, with other Misskey instances also receiving a spike in signups. In response to this trend, Skeb, a platform for sharing art, announced on July 14, 2023 that it would sponsor the Misskey development team. In early 2024, Misskey was targeted by a spam attack from Japan. The cause of the attack is believed to be a dispute between rival groups on a Japanese hacker forum and a DDoS attack on a Discord bot. Mastodon instances with open registration were used in the attack. In November 2025, Eto announced intentions to replace ActivityPub with Misskey's own low-overhead federation system in "a few years". Shinoda later said that this was "fake news". == Development == Misskey is open source software and is licensed under the AGPLv3. The Misskey API is publicly available and is documented using the OpenAPI Specification, which allows users to build automated accounts and use it on any Misskey instance. The service is translated using Crowdin. Misskey is developed using Node.js. TypeScript is used on both the frontend and backend. PostgreSQL is used as its database. Vue.js is used for the frontend. == Functionality == Posts on Misskey are called "notes". Notes are limited to a maximum of 3,000 characters (a limit which can be customized by instances), and can be accompanied by any file, including polls, images, videos, and audio. Notes can be reposted, either by themselves or with another "quote" note. Misskey comes with multiple timelines to sort through the notes that an instance has available, and are displayed in reverse chronological order. The Home timeline shows notes from users that you follow, the Local timeline shows all notes from the instance in use, the Social timeline shows both the Home and Local timeline, and the Global timeline shows every public note that the instance knows about. Notes have customizable privacy settings to control what users can see a note, similar to Mastodon's post visibility ranges. Public notes show up on all timelines, while Home notes only show on a user's Home timeline. Notes can also be set to be available only for followers. Direct messages using notes can be sent to users.
Attention inequality
Attention inequality is the inequality of distribution of attention across users on social networks, people in general, and for scientific papers. Yun Family Foundation introduced "Attention Inequality Coefficient" as a measure of inequality in attention and arguments it by the close interconnection with wealth inequality. == Relationship to economic inequality == Attention inequality is related to economic inequality since attention is an economically scarce good. The same measures and concepts as in classical economy can be applied for attention economy. The relationship develops also beyond the conceptual level—considering the AIDA process, attention is the prerequisite for real monetary income on the Internet. On data of 2018, a significant relationship between likes and comments on Facebook to donations is proven for non-profit organizations. == Attention economy == The attention economy refers to the practice of maximizing the attention users give to a product for advertising-related reasons. Attention economy remains one of the most common forms of advertising, and has been steadily increasing thanks to new technologies such as television, internet and social media. It is one of the most widely-used approaches to economy for its effectiveness for maximising the noticeability of a certain product. == Attention inequality in social media == In social media, attention inequality refers to the unequal distribution of users' attention on social media platforms. This means that instead of an equal distribution of attention, fewer sources receive a disproportionate share of attention, leaving many unnoticed. This phenomenon is possibly the result of social media algorithms, which are commonly designed to drive maximum engagement. This phenomenon is a large factor in the polarization and creation of echo-chambers. Social media algorithms tend to note content that is already performing well and display it to more users, while content that is equally engaging or well-made is not recommended to users. Posts that trigger strong emotions usually out-perform more "uncontroversial" content. When many users interact with the post, it signals the algorithm that the specific post drives engagement. The algorithm then tends to recommend that type of content to an exponential number of people, potentially outperforming "un-emotional" content. These factors, when combined, tend to create an unequal social media environment. == Attention inequality in science == According to a recent 2025 study about research inequality among scientists published in Information Processing and Management, scientific discourse is restricted to a small group of connected scientists, and is frequently not an accurate representation of the whole scientific community. Using citation-network analysis in the fields of nanoscience and chemical physics, the study claims that a group of connected scientists has a significant notability in the scientific community. The calculated connection strength between these scientists is estimated to be about 4.5, the study also says that these authors cite each other four times more often than would be predicted in a random network, whereas ordinary scientists that exist outside of this group only reach an estimated connection strength of 0.9. The study findings suggest that that scientific attention is not distributed by merit, but rather by the connectedness of the scientists involved in the research. == Extent == As data of 2008 shows, 50% of the attention is concentrated on approximately 0.2% of all hostnames, and 80% on 5% of hostnames. The Gini coefficient of attention distribution lay in 2008 at over 0.921 for such commercial domains names as ac.jp and at 0.985 for .org-domains. The Gini coefficient was measured on Twitter in 2016 for the number of followers as 0.9412, for the number of mentions as 0.9133, and for the number of retweets as 0.9034. For comparison, the world's income Gini coefficient was 0.68 in 2005 and 0.904 in 2018. More than 96% of all followers, 93% of the retweets, and 93% of all mentions are owned by 20% of Twitter. == Causes == At least for scientific papers, today's consensus states that inequality is unexplainable by variations of quality and individual talent. The Matthew effect plays a significant role in the emergence of attention inequality—those who already enjoy large amounts of attention get even more attention, and those who do not lose even more. Ranking algorithms based on relevance to the user have been found to alleviate the inequality of the number of posts across topics.
Digital media service
A digital media service (DMS) is an online service provider that sells access to digital library of content such as films, software, games, images, literature, etc. While no transfer of property is made, a nearly perfect duplicate of the data (song movie, etc.) is made on a customer's computer. Content is either primarily hosted on a dedicated server, which is owned by the service provider, or it is hosted primarily on the hard drives of its customers using a P2P protocol with, perhaps, a dedicated server to supplement. == History == One example of the older business model is the iTunes Store, which still markets and prices data as individual retail products. There are no examples of the latter business model in operation yet, but one is currently in development by Global Gaming Factory X and expected to begin operation some time after they acquire The Pirate Bay domain on August 27, 2009. A key difference between the two models is that the model which relies on its customer base for offering their bandwidth for other customers to access customer hosted data can operate at significantly lower costs than a company that seeks to limit data access to a per-download fee in order to supplement the cost of using its own hosting and bandwidth. The P2P model holds the potential for companies to offer unlimited access to the largest data library in the history of the internet to its customers for a reasonably low membership rate that is relevant to the cost of operation. While the market is virtually untouched, the P2P supplemented model will need entrepreneurs who are able to overcome a series of challenges in order to compete with the older business model as well as that which is offered for free (and often against the wishes of copyright holders) by hundreds of P2P communities on the internet. These challenges include, but are not limited to: Offering better data quality, speed, convenience and ease of use, protocol, sense of security, indexing and search organization, site up time, data library size, customer support, advertising, artist/copyright holder incentives and compensation, incentives and compensation for customers hosting data and providing bandwidth, guaranteed seeding (available access to indexed data at all times), than competitors.
Digital cinematography
Digital cinematography is the process of capturing (recording) a motion picture using digital image sensors rather than through film stock. As digital technology has improved in recent years, this practice has become dominant. Since the 2000s, most movies across the world have been captured as well as distributed digitally. Many vendors have brought products to market, including traditional film camera vendors like Arri and Panavision, as well as new vendors like Red, Blackmagic, Silicon Imaging, Vision Research and companies which have traditionally focused on consumer and broadcast video equipment, like Sony, GoPro, and Panasonic. As of 2023, professional 4K digital cameras were approximately equal to 35mm film in their resolution and dynamic range capacity. Some filmmakers still prefer to use film picture formats to achieve the desired results. == History == The basis for digital cameras are metal–oxide–semiconductor (MOS) image sensors. The first practical semiconductor image sensor was the charge-coupled device (CCD), based on MOS capacitor technology. Following the commercialization of CCD sensors during the late 1970s to early 1980s, the entertainment industry slowly began transitioning to digital imaging and digital video over the next two decades. The CCD was followed by the CMOS active-pixel sensor (CMOS sensor), developed in the 1990s. Beginning in the late 1980s, Sony began marketing the concept of "electronic cinematography," utilizing its analog Sony HDVS professional video cameras. The effort met with very little success. However, this led to one of the earliest high definition video shot feature movies, Julia and Julia (1987). Rainbow (1996) was the world's first film to utilize extensive digital post production techniques. Shot entirely with Sony's first Solid State Electronic Cinematography cameras and featuring over 35 minutes of digital image processing and visual effects, all post production, sound effects, editing and scoring were completed digitally. The Digital High Definition image was transferred to a 35mm negative via an electron beam recorder for theatrical release. The first digitally videoed and post produced feature was Windhorse, shot in Tibet and Nepal in 1996 on the Sony DVW-700WS Digital Betacam and the prosumer Sony DCR-VX1000. The offline editing (Avid) and the online post and color work (Roland House / da Vinci) were also all digital. The film, transferred to 35mm negative for theatrical release, won Best U.S. Feature at the Santa Barbara Film Festival in 1998. In 1997, with the introduction of HDCAM recorders and 1920 × 1080 pixel digital professional video cameras based on CCD technology, the idea, now re-branded as "digital cinematography," began to gain traction in the market. Shot and released in 1998, The Last Broadcast is believed by some to be the first feature-length video shot and edited entirely on consumer-level digital equipment. In May 1999, George Lucas challenged the supremacy of the movie-making medium of film for the first time by including footage filmed with high-definition digital cameras in Star Wars: Episode I – The Phantom Menace. The digital footage blended seamlessly with the footage shot on film and he announced later that year he would film its sequels entirely on hi-def digital video. Also in 1999, digital projectors were installed in four theaters for the showing of The Phantom Menace. In May 2000, Vidocq, which was directed by Pitof, began principal photography shot entirely using a Sony HDW-F900 camera, with the video being released in September the next year. According to the Guinness World Records, Vidocq is the first full length feature filmed in digital high resolution. In June 2000, Star Wars: Episode II – Attack of the Clones began principal photography shot entirely using a Sony HDW-F900 camera as Lucas had previously stated. The film was released in May 2002. In May 2001 Once Upon a Time in Mexico was also shot in 24 frame-per-second high-definition digital video, partially developed by George Lucas using a Sony HDW-F900 camera, following Robert Rodriguez's introduction to the camera at Lucas' Skywalker Ranch facility whilst editing the sound for Spy Kids. A lesser-known movie, Russian Ark (2002), was also shot with the same camera and was the first tapeless digital movie, recorded on HDD instead of tape. In 2009, Slumdog Millionaire became the first movie shot mainly in digital to be awarded the Academy Award for Best Cinematography. The highest-grossing movie in the history of cinema, Avatar (2009), not only was shot on digital cameras as well, but also made the main revenues at the box office no longer by film, but digital projection. Major movies shot on digital video overtook those shot on film in 2013. Since 2016 over 90% of major films were shot on digital video. As of 2017, 92% of films are shot on digital. Only 24 major films released in 2018 were shot on 35mm. Since the 2000s, most movies across the world have been captured as well as distributed digitally. Today, cameras from companies like Sony, Panasonic, JVC and Canon offer a variety of choices for shooting high-definition video. At the high-end of the market, there has been an emergence of cameras aimed specifically at the digital cinema market. These cameras from Sony, Vision Research, Arri, Blackmagic Design, Panavision, Grass Valley and Red offer resolution and dynamic range that exceeds that of traditional video cameras, which are designed for the limited needs of broadcast television. == Technology == Digital cinematography captures motion pictures digitally in a process analogous to digital photography. While there is a clear technical distinction that separates the images captured in digital cinematography from video, the term "digital cinematography" is usually applied only in cases where digital acquisition is substituted for film acquisition, such as when shooting a feature film. The term is seldom applied when digital acquisition is substituted for video acquisition, as with live broadcast television programs. === Recording === ==== Cameras ==== Professional cameras include the Sony CineAlta (F) Series, Blackmagic Cinema Camera, Red One, Arri D-20, D-21 and Alexa, Panavision Genesis, Silicon Imaging SI-2K, Thomson Viper, Vision Research Phantom, IMAX 3D camera based on two Vision Research Phantom cores, Weisscam HS-1 and HS-2, GS Vitec noX, and the Fusion Camera System. Independent micro-budget filmmakers have also pressed low-cost consumer and prosumer cameras into service for digital filmmaking. Flagship smartphones like the Apple iPhone have been used to shoot movies like Unsane (shot on the iPhone 7 Plus) and Tangerine (shot on three iPhone 5S phones) and in January 2018, Unsane's director and Oscar winner Steven Soderbergh expressed an interest in filming other productions solely with iPhones going forward. ==== Sensors ==== Digital cinematography cameras capture digital images using image sensors, either charge-coupled device (CCD) sensors or CMOS active-pixel sensors, usually in one of two arrangements. Single chip cameras designed specifically for the digital cinematography market often use a single sensor (much like digital photo cameras), with dimensions similar in size to a 16 or 35 mm film frame or even (as with the Vision 65) a 65 mm film frame. An image can be projected onto a single large sensor exactly the same way it can be projected onto a film frame, so cameras with this design can be made with PL, PV and similar mounts, in order to use the wide range of existing high-end cinematography lenses available. Their large sensors also let these cameras achieve the same shallow depth of field as 35 or 65 mm motion picture film cameras, which many cinematographers consider an essential visual tool. Codecs Professional raw video recording codecs include Blackmagic Raw, Red Raw, Arri Raw and Canon Raw. ==== Video formats ==== Unlike other video formats, which are specified in terms of vertical resolution (for example, 1080p, which is 1920×1080 pixels), digital cinema formats are usually specified in terms of horizontal resolution. As a shorthand, these resolutions are often given in "nK" notation, where n is the multiplier of 1024 such that the horizontal resolution of a corresponding full-aperture, digitized film frame is exactly 1024 n {\displaystyle 1024n} pixels. Here the "K" has a customary meaning corresponding to the binary prefix "kibi" (ki). For instance, a 2K image is 2048 pixels wide, and a 4K image is 4096 pixels wide. Vertical resolutions vary with aspect ratios though; so a 2K image with an HDTV (16:9) aspect ratio is 2048×1152 pixels, while a 2K image with a SDTV or Academy ratio (4:3) is 2048×1536 pixels, and one with a Panavision ratio (2.39:1) would be 2048×856 pixels, and so on. Due to the "nK" notation not corresponding to specific horizontal resolutions per format a 2K image lacking, for example, the typical 35mm film soundtrack space, is only 182
Smartphone kill switch
A smartphone kill switch is a software-based security feature that allows a smartphone's owner to remotely render it inoperable if it is lost or stolen, thereby deterring theft. There have been a number of initiatives to legally require kill switches on smartphones. Smartphones have high resale value, and are therefore often the target of theft, with thieves selling them to cartels for resale. A kill switch can deter theft by making devices worthless. == Legal requirements == In the United States, Minnesota was the first state to pass a bill requiring smartphones to have such a feature, and California was the first to require that the feature be turned on by default. The California law requires the kill switch to be resistant to reinstallation of the phone's operating system. The CTIA initially resisted the legislation, fearing that it would make phones easier to hack, but later supported kill switches. There is evidence that this legislation has been effective, with smartphone theft declining by 50% between 2013 and 2017 in San Francisco. Secure Our Smartphones (S.O.S.), a New York State and San Francisco initiative started by New York State Attorney General Eric Schneiderman and San Francisco District Attorney George Gascón. The initiative is co-chaired by Schneiderman, Gascón and Boris Johnson, and has 105 members. == Examples == An Android phone signed into a Google account can be remotely locked and erased via Google's Find My Device service, as long as it is connected to the Internet. To prevent this, a thief must sign the device out of Google before the owner locks or erases it. iPhones have a similar service.
Hardware trojan
A hardware trojan (HT) is a malicious modification of the circuitry of an integrated circuit. A hardware trojan is completely characterized by its physical representation and its behavior. The payload of an HT is the entire activity that the Trojan executes when it is triggered. In general, trojans try to bypass or disable the security fence of a system: for example, leaking confidential information by radio emission. HTs also could disable, damage or destroy the entire chip or components of it. Hardware trojans may be introduced as hidden front-doors that are inserted while designing a computer chip, by using a pre-made application-specific integrated circuit (ASIC) semiconductor intellectual property core (IP core) that have been purchased from a non-reputable source, or inserted internally by a rogue employee, either acting on their own, or on behalf of rogue special interest groups, or state sponsored spying and espionage. One paper published by IEEE in 2015 explains how a hardware design containing a trojan could leak a cryptographic key leaked over an antenna or network connection, provided that the correct "easter egg" trigger is applied to activate the data leak. In high security governmental IT departments, hardware trojans are a well known problem when buying hardware such as: a KVM switch, keyboards, mice, network cards, or other network equipment. This is especially the case when purchasing such equipment from non-reputable sources that could have placed hardware trojans to leak keyboard passwords, or provide remote unauthorized entry. == Background == In a diverse global economy, outsourcing of production tasks is a common way to lower a product's cost. Embedded hardware devices are not always produced by the firms that design and/or sell them, nor in the same country where they will be used. Outsourced manufacturing can raise doubt about the evidence for the integrity of the manufactured product (i.e., one's certainty that the end-product has no design modifications compared to its original design). Anyone with access to the manufacturing process could, in theory, introduce some change to the final product. For complex products, small changes with large effects can be difficult to detect. The threat of a serious, malicious, design alteration can be especially relevant to government agencies. Resolving doubt about hardware integrity is one way to reduce technology vulnerabilities in the military, finance, energy and political sectors of an economy. Since fabrication of integrated circuits in untrustworthy factories is common, advanced detection techniques have emerged to discover when an adversary has hidden additional components in, or otherwise sabotaged, the circuit's function. == Characterization of hardware trojans == An HT can be characterized by several methods such as by its physical representation, activation phase and its action phase. Alternative methods characterize the HT by trigger, payload and stealth. === Physical characteristics === One of this physical trojan characteristics is the type. The type of a trojan can be either functional or parametric. A trojan is functional if the adversary adds or deletes any transistors or gates to the original chip design. The other kind of trojan, the parametric trojan, modifies the original circuitry, e.g. thinning of wires, weakening of flip-flops or transistors, subjecting the chip to radiation, or using focused ion-beams (FIB) to reduce the reliability of a chip. The size of a trojan is its physical extension or the number of components it is made of. Because a trojan can consist of many components, the designer can distribute the parts of a malicious logic on the chip. The additional logic can occupy the chip wherever it is needed to modify, add, or remove a function. Malicious components can be scattered, called loose distribution, or consist of only few components, called tight distribution, so the area is small where the malicious logic occupies the layout of the chip. In some cases, high-effort adversaries in may regenerate the layout so that the placement of the components of the IC is altered. In rare cases the chip dimension is altered. These changes are structural alterations. === Activation characteristics === The typical trojan is condition-based: It is triggered by sensors, internal logic states, a particular input pattern or an internal counter value. Condition-based trojans are detectable with power traces to some degree when inactive. That is due to the leakage currents generated by the trigger or counter circuit activating the trojan. Hardware trojans can be triggered in different ways. A trojan can be internally activated, which means it monitors one or more signals inside the IC. The malicious circuitry could wait for a count down logic an attacker added to the chip, so that the trojan awakes after a specific time-span. The opposite is externally activated. There can be malicious logic inside a chip, that uses an antenna or other sensors the adversary can reach from outside the chip. For example, a trojan could be inside the control system of a cruising missile. The owner of the missile does not know, that the enemy will be able to switch off the rockets by radio. A trojan which is always-on can be a reduced wire. A chip that is modified in this way produces errors or fails every time the wire is used intensely. Always-on circuits are hard to detect with power trace. In this context combinational trojans and sequential trojans are distinguished. A combinational trojan monitors internal signals until a specific condition happens. A sequential trojan is also an internally activated condition-based circuit, but it monitors the internal signals and searches for sequences not for a specific state or condition like the combinational trojans do. ==== Cryptographic key extraction ==== Extraction of secret keys by means of a hardware trojan without detecting the trojan requires that the trojan uses a random signal or some cryptographic implementation itself. To avoid storing a cryptographic key in the trojan itself and reduction, a physical unclonable function can be used. Physical unclonable functions are small in size and can have an identical layout while the cryptographic properties are different. === Action characteristics === A HT could modify the chip's function or could change the chip's parametric properties (e.g. provokes a process delay). Confidential information can also be transmitted to the adversary (transmission of key information). === Peripheral device hardware trojans === A relatively new threat vector to networks and network endpoints is a HT appearing as a physical peripheral device that is designed to interact with the network endpoint using the approved peripheral device's communication protocol. For example, a USB keyboard that hides all malicious processing cycles from the target network endpoint to which it is attached by communicating with the target network endpoint using unintended USB channels. Once sensitive data is ex-filtrated from the target network endpoint to the HT, the HT can process the data and decide what to do with the data: store the data to memory for later physical retrieval of the HT or possibly ex-filtrate the data to the internet using wireless or using the compromised network endpoint as a pivot. == Potential of threat == A common trojan is passive most of the time-span an altered device is in use. If a trojan is activated the device functionality can be changed, the device can be destroyed or disabled, the device can leak confidential information or the HT may tear down the security and safety of the device. Trojans are stealthy, to avoid detection of the trojan the precondition for activation is a very rare event. Traditional testing techniques are not sufficient. A manufacturing fault happens at a random position while malicious changes are well placed to avoid detection. == Detection == === Physical inspection === First, the molding coat is cut to reveal the circuitry. Then, the engineer repeatedly scans the surface while grinding the layers of the chip. There are several operations to scan the circuitry. Typical visual inspection methods are: scanning optical microscopy (SOM), scanning electron microscopy (SEM), pico-second imaging circuit analysis (PICA), voltage contrast imaging (VCI), light induced voltage alteration (LIVA) or charge induced voltage alteration (CIVA). To compare the floor plan of the chip has to be compared with the image of the actual chip. This is still quite challenging to do. To detect Trojan hardware which include (crypto) keys which are different, an image diff can be taken to reveal the different structure on the chip. The only known hardware Trojan using unique crypto keys but having the same structure is. This property enhances the undetectability of the trojan. === Functional testing === This detection method stimulates the input ports of a chip and monitors the output