Advertisement

IC Camouflaging Optimization and Evaluation

Chapter
  • 120 Downloads

Abstract

The advancing of reverse engineering techniques has complicated the efforts in intellectual property protection. Proactive methods have been developed recently, among which layout-level IC camouflaging is the leading example. However, existing camouflaging methods are rarely supported by provably secure criteria, which further leads to an overestimation of the security level when countering latest de-camouflaging attacks, e.g., the SAT-based attack. This chapter focuses on evaluating and improving the resilience of IC camouflaging strategies against de-camouflaging attacks. A provably secure camouflaging framework is developed based on a low-overhead camouflaging cell generation strategy and an AND-tree camouflaging strategy. An evaluation framework is also proposed that is capable of empirically evaluating the security of all the camouflaging strategies.

Keywords

IC camouflaging SAT-based attack Active learning Provably secure AND-tree Timing-based camouflaging TimingSAT 

References

  1. 1.
    16nm LP Predictive Technology Model ver. 2.1 (2008). http://ptm.asu.edu.
  2. 2.
    Baumgarten, A., Tyagi, A., & Zambreno, J. (2010). Preventing IC piracy using reconfigurable logic barriers. IEEE Design & Test of Computers, 27(1), 66–75.CrossRefGoogle Scholar
  3. 3.
    Becker, G. T., Regazzoni, F., Paar, C., & Burleson, W. P. (2014). Stealthy dopant-level hardware Trojans: Extended version. Journal of Cryptographic Engineering, 4(1), 19–31.CrossRefGoogle Scholar
  4. 4.
    Brglez, F., Bryan, D., & Kozminski, K. (1989). Combinational profiles of sequential benchmark circuits. In Proceedings of the IEEE International Symposium on Circuits and Systems (pp. 1929–1934).Google Scholar
  5. 5.
    Chipworks. Intel’s 22-nm Tri-gate Transistors Exposed. (2012). http://www.eet.bme.hu/mizsei/Montech/intel-s-22-nm-trigate-transistors-exposed.html.
  6. 6.
    Chow, L.-W., Baukus, J. P., & Clark Jr, W. M. (2007). Integrated circuits protected against reverse engineering and method for fabricating the same using an apparent metal contact line terminating on field oxide. US Patent 7,294,935. November 13, 2007.Google Scholar
  7. 7.
    Chow, L.-W., Clark Jr, W. M., & Baukus, J. P. (2007). Covert transformation of transistor properties as a circuit protection method. US Patent 7,217,977. May 15, 2007.Google Scholar
  8. 8.
    Cocchi, R. P., Baukus, J. P., Chow, L. W., & Wang, B. J. (2014). Circuit camouflage integration for hardware IP protection. In Proceedings of the IEEE/ACM Design Automation Conference (pp. 153:1–153:5).Google Scholar
  9. 9.
    Cohn, D., Atlas, L., & Ladner, R. (1994). Improving generalization with active learning. Journal of Machine Learning, 15(2), 201–221.Google Scholar
  10. 10.
    Dasgupta, S., & Langford, J. (2009). A tutorial on active learning. In Proceedings of the International Conference on Machine Learning.Google Scholar
  11. 11.
    El Massad, M., Garg, S., & Tripunitara, M. (2017). Reverse engineering camouflaged sequential circuits without scan access. In Proceedings of the International Conference on Computer Aided Design (pp. 33–40). Piscataway: IEEE.Google Scholar
  12. 12.
    El Massad, M., Garg, S., & Tripunitara, M. V. (2015). Integrated circuit (IC) decamouflaging: Reverse engineering camouflaged ICs within minutes. In Proceedings of the Network and Distributed System Security Symposium.Google Scholar
  13. 13.
    Erbagci, B., Erbagci, C., Akkaya, N. E. C., & Mai, K. (2016). A secure camouflaged threshold voltage defined logic family. In Proceedings of the IEEE International Symposium on Hardware Oriented Security and Trust (pp. 229–235).Google Scholar
  14. 14.
    Hanneke, S. (2007). A bound on the label complexity of agnostic active learning. In Proceedings of the International Conference on Machine Learning (pp. 353–360).Google Scholar
  15. 15.
    Jin, Y. (2015). Introduction to hardware security. Electronics, 4(4), 763–784.CrossRefGoogle Scholar
  16. 16.
    Kullback, S. (1968). Information theory and statistics. North Chelmsford: Courier Corporation.zbMATHGoogle Scholar
  17. 17.
    Lee, Y. W., & Touba, N. A. (2015). Improving logic obfuscation via logic cone analysis. In Proceedings of the IEEE Latin-American Test Symposium (pp. 1–6).Google Scholar
  18. 18.
    Li, L., & Zhou, H. (2013). Structural transformation for best-possible obfuscation of sequential circuits. In Proceedings of the IEEE International Symposium on Hardware Oriented Security and Trust (pp. 55–60).Google Scholar
  19. 19.
    Li, M., Shamsi, K., Jin, Y., & Pan, D. Z. (2018). TimingSAT: Decamouflaging timing-based logic obfuscation. In Proceedings of the IEEE International Test Conference.Google Scholar
  20. 20.
    Li, M., Shamsi, K., Meade, T., Zhao, Z., Yu, B., Jin, Y., et al. (2016). Provably secure camouflaging strategy for IC protection. In Proceedings of the International Conference on Computer Aided Design (pp. 28:1–28:8).Google Scholar
  21. 21.
    Malik, S., Becker, G. T., Paar, C., & Burleson, W. P. (2015). Development of a layout-level hardware obfuscation tool. In Proceedings of the IEEE Annual Symposium on VLSI (pp. 204–209).Google Scholar
  22. 22.
    Meade, T., Zhao, Z., Zhang, S., Pan, D., & Jin, Y. (2017). Revisit sequential logic obfuscation: Attacks and defenses. In Proceedings of the IEEE International Symposium on Circuits and Systems (pp. 1–4). Piscataway: IEEE.Google Scholar
  23. 23.
    Mentor Graphics. (2008). Calibre verification user’s manual.Google Scholar
  24. 24.
    Miskov-Zivanov, N., & Marculescu, D. (2007). Soft error rate analysis for sequential circuits. In Proceedings of the Design, Automation and Test in Europe. Piscataway: IEEE.Google Scholar
  25. 25.
    NanGate FreePDK45 Generic Open Cell Library. (2008). http://www.si2.org/openeda.si2.org/projects/nangatelib
  26. 26.
    Quadir, S. E., Chen, J., Forte, D., Asadizanjani, N., Shahbazmohamadi, S., Wang, L., et al. (2016). A survey on chip to system reverse engineering. ACM Journal on Emerging Technologies in Computing Systems, 13(1), 6:1–6:34.Google Scholar
  27. 27.
    Rajendran, J., Sam, M., Sinanoglu, O., & Karri, R. (2013). Security analysis of integrated circuit camouflaging. In Proceedings of the ACM Conference on Computer & Communications Security (pp. 709–720).Google Scholar
  28. 28.
    Rezaei, A., Shen, Y., Kong, S., Gu, J., & Zhou, H. (2018). Cyclic locking and memristor-based obfuscation against CycSAT and inside foundry attacks. In Proceedings of the Design, Automation and Test in Europe (pp. 85–90). Piscataway: IEEE.Google Scholar
  29. 29.
    Roy, J. A., Koushanfar, F., & Markov, I. L. (2008). EPIC: Ending piracy of integrated circuits. In Proceedings of the Design, Automation and Test in Europe (pp. 1069–1074).Google Scholar
  30. 30.
    Shamsi, K., Li, M., Meade, T., Zhao, Z., Pan, D. Z., & Jin, Y. (2017). AppSAT: Approximately deobfuscating integrated circuits. In Proceedings of the IEEE International Symposium on Hardware Oriented Security and Trust.Google Scholar
  31. 31.
    Shamsi, K., Li, M., Meade, T., Zhao, Z., Pan, D. Z., & Jin, Y. (2017). Circuit obfuscation and oracle-guided attacks: Who can prevail? In Proceedings of the IEEE Great Lakes Symposium on VLSI.CrossRefGoogle Scholar
  32. 32.
    Shamsi, K., Li, M., Meade, T., Zhao, Z., Pan, D. Z., & Jin, Y. (2017). Cyclic obfuscation for creating sat-unresolvable circuits. In Proceedings of the IEEE Great Lakes Symposium on VLSI.Google Scholar
  33. 33.
    Shamsi, K., Li, M., Pan, D. Z., & Jin, Y. (2018). Cross-lock: Dense layout-level interconnect locking using cross-bar architectures. In Proceedings of the IEEE Great Lakes Symposium on VLSI.Google Scholar
  34. 34.
    Subramanyan, P., Ray, S., & Malik, S. (2015). Evaluating the security of logic encryption algorithms. In Proceedings of the IEEE International Symposium on Hardware Oriented Security and Trust (pp. 137–143).Google Scholar
  35. 35.
    Subramanyan, P., Tsiskaridze, N., Li, W., Gascon, A., Tan, W. Y., Tiwari, A., et al. (2014). Reverse engineering digital circuits using structural and functional analyses. IEEE Transactions on Emerging Topics in Computing, 2(1), 63–80.CrossRefGoogle Scholar
  36. 36.
    Torrance, R., & James, D. (2011). The state-of-the-art in semiconductor reverse engineering. In Proceedings of the IEEE/ACM Design Automation Conference (pp. 333–338).Google Scholar
  37. 37.
    Vijayakumar, A., Patil, V. C., Holcomb, D. E., Paar, C., & Kundu, S. (2017). Physical design obfuscation of hardware: A comprehensive investigation of device and logic-level techniques. IEEE Transactions on Information Forensics and Security, 12(1), 64–77.CrossRefGoogle Scholar
  38. 38.
    Wang, X., Zhou, Q., Cai, Y., & Qu, G. (2018). A conflict-free approach for parallelizing sat-based de-camouflaging attacks. In Proceedings of the Asia and South Pacific Design Automation Conference. Piscataway: IEEE.Google Scholar
  39. 39.
    Wiener, R. (2007). An Algorithm for Learning Boolean Functions for Dynamic Power Reduction. PhD Thesis, Department of Computer Science, University Of Haifa.Google Scholar
  40. 40.
    Xie,Y., & Srivastava, A. (2016). Mitigating SAT attack on logic locking. In Proceedings of the International Conference on Cryptographic Hardware and Embedded Systems (pp. 127–146).Google Scholar
  41. 41.
    Xie, Y., & Srivastava, A. (2017). Delay locking: Security enhancement of logic locking against IC counterfeiting and overproduction. In Proceedings of the IEEE/ACM Design Automation Conference.Google Scholar
  42. 42.
    Yang, S. (1991). Logic synthesis and optimization benchmarks user guide: Version 3.0. Technical report, MCNC Technical Report.Google Scholar
  43. 43.
    Yasin, M., Mazumdar, B., Rajendran, J., & Sinanoglu, O. (2016). SARLock: SAT attack resistant logic locking. In Proceedings of the IEEE International Symposium on Hardware Oriented Security and Trust (pp. 236–241).Google Scholar
  44. 44.
    Yasin, M., Mazumdar, B., Rajendran, J. J., & Sinanoglu, O. (2017). TTLock: Tenacious and traceless logic locking. In Proceedings of the IEEE International Symposium on Hardware Oriented Security and Trust (pp. 166–166). Piscataway: IEEE.Google Scholar
  45. 45.
    Yasin, M., Mazumdar, B., Sinanoglu, O., & Rajendran, J. (2016). CamoPerturb: Secure IC camouflaging for minterm protection. In Proceedings of the International Conference on Computer Aided Design (pp. 29:1–29:8).Google Scholar
  46. 46.
    Yasin, M., Mazumdar, B., Sinanoglu, O., & Rajendran, J. (2017). Security analysis of Anti-SAT. In Proceedings of the Asia and South Pacific Design Automation Conference.Google Scholar
  47. 47.
    Yasin, M., Sengupta, A., Nabeel, M. T., Ashraf, M., Rajendran, J. J., & Sinanoglu, O. (2017). Provably-secure logic locking: From theory to practice. In Proceedings of the ACM Conference on Computer & Communications Security (pp. 1601–1618). New York: ACM.Google Scholar
  48. 48.
    Yu, C., Zhang, X., Liu, D., Ciesielski, M., & Holcomb, D. (2017). Incremental SAT-based reverse engineering of camouflaged logic circuits. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 36(99), 1–1.Google Scholar
  49. 49.
    Zhang, L., Li, B., Hashimoto, M., & Schlichtmann, U. (2018). Virtualsync: Timing optimization by synchronizing logic waves with sequential and combinational components as delay units. In Proceedings of the IEEE/ACM Design Automation Conference. Piscataway: IEEE.Google Scholar
  50. 50.
    Zhang, L., Li, B., Yu, B., Pan, D. Z., & Schlichtmann, U. (2018). TimingCamouflage: Improving circuit security against counterfeiting by unconventional timing. In Proceedings of the Design, Automation and Test in Europe.Google Scholar
  51. 51.
    Zhou, H., Jiang, R., & Kong, S. (2017). CycSAT: SAT-based attack on cyclic logic encryptions. In Proceedings of the International Conference on Computer Aided Design (pp. 49–56). Piscataway: IEEE.Google Scholar

Copyright information

© Springer Nature Switzerland AG 2020

Authors and Affiliations

  1. 1.Department of Electrical and Computer EngineeringThe University of Texas at AustinAustinUSA

Personalised recommendations