Modern mobile platforms integrate hundreds of IP (intellectual property) cores from different vendors. Core vendors in turn outsource some of the hardware components, leading to a design hierarchy where parts of the hardware platform is open to numerous international vendors. To ensure correctness, design flows incorporate advanced testing and validation methodologies which guard against design bugs, random faults, and process-voltage-temperature variations. However, it is common practice to assume that hardware is trustworthy. Since multiple IP vendors and fabrication lines are involved in the product development process, it is becoming increasingly necessary to trust but verify the received devices both at production time and in the field. This paper presents a self-referencing hardware Trojan detection technique which does not depend on a trusted sample. Self-referencing is achieved using signal detection theory and band-limited nature of Trojan activity. The effectiveness of the proposed technique is demonstrated through experiments on a commercial system-on-chip and SPICE simulations under variety of practical scenarios.