Abstract: The complexity of modern system-on-chip (SoC) designs and the ever shortened time-to-market (TTM) makes the third-party intellectual property (3PIP) a cornerstone in the modern SoC supply chain. Various 3PIPs are involved in modern SoCs, performing functionality ranging from computation accelerating to sensitive data processing. The wide use of 3PIPs also raises security concerns, e.g., hardware Trojans inserted in 3PIPs may compromise the security of the whole system. While SoC integrators carefully evaluate the functionality of the acquired 3PIPs, there lack effective and low-cost solutions for third-party IP security validation in the SoC environment. Exacerbating the issue, Trojans may be located in multiple IPs and will only perform malicious tasks collaboratively. To address these limitations and to protect modern SoCs, we propose a runtime 3PIP Trojan detection framework. The new framework, named IP-Tag, is a tag-based structure to track the requests on SoC and enforce fine-grained access control in individual IPs. The proposed framework can detect and prevent illegal access and sensitive data leakage on IPs within the SoC environment. The proposed IP-Tag framework was demonstrated on an RISC-V-based SoC and also implemented on an FPGA platform for security and performance analysis. Our experimental results show that the developed IP-Tag can detect and prevent illegal access and sensitive data leakage in SoC with malicious IPs. The hardware overhead is 7.9% LUTs and 7.8% Flip-Flops and a performance overhead is 2.2%.