Industrial-scale SoCs are large and complex, yet there is a critical lack of realistic, scalable hardware Trojan (HT) benchmarks; publicly available datasets are too small, and releasing malicious RTL raises ethical and security concerns. Method: We propose the first automated HT-pattern generation method for large-scale industrial netlists. It leverages SCOAP controllability/observability analysis to identify rare structural regions and applies function-preserving, parameterized graph transformations to construct stealthy trigger–payload pairs without altering functional behavior. Contribution/Results: The resulting benchmark spans netlists with millions of gates, ensuring reproducibility and scalability. Experiments show that state-of-the-art graph-learning-based HT detection models fail catastrophically on this benchmark, exposing severe limitations of current HT detection techniques in industrial settings. This work effectively bridges the gap between academic research and practical SoC security evaluation.

Industrial Systems-on-Chips (SoCs) often comprise hundreds of thousands to millions of nets and millions to tens of millions of connectivity edges, making empirical evaluation of hardware-Trojan (HT) detectors on realistic designs both necessary and difficult. Public benchmarks remain significantly smaller and hand-crafted, while releasing truly malicious RTL raises ethical and operational risks. This work presents an automated and scalable methodology for generating HT-like patterns in industry-scale netlists whose purpose is to stress-test detection tools without altering user-visible functionality. The pipeline (i) parses large gate-level designs into connectivity graphs, (ii) explores rare regions using SCOAP testability metrics, and (iii) applies parameterized, function-preserving graph transformations to synthesize trigger-payload pairs that mimic the statistical footprint of stealthy HTs. When evaluated on the benchmarks generated in this work, representative state-of-the-art graph-learning models fail to detect Trojans. The framework closes the evaluation gap between academic circuits and modern SoCs by providing reproducible challenge instances that advance security research without sharing step-by-step attack instructions.