Security analysis of integrated circuit camouflaging

Camouflaging is a layout-level technique that hampers an attacker from reverse engineering by introducing, in one embodiment, dummy contacts into the layout. By using a mix of real and dummy contacts, one can camouflage a standard cell whose functionality can be one of many. If an attacker cannot resolve the functionality of a camouflaged gate, he/she will extract an incorrect netlist. In this paper, we analyze the feasibility of identifying the functionality of camouflaged gates. We also propose techniques to make the dummy contact-based IC camouflaging technique resilient to reverse engineering. Furthermore, we judiciously select gates to camouflage by using techniques which ensure that the outputs of the extracted netlist are controllably corrupted. The techniques leverage IC testing principles such as justification and sensitization. The proposed techniques are evaluated using ISCAS benchmark circuits and OpenSparc T1 microprocessor controllers.

[1]  John P. Hayes,et al.  Unveiling the ISCAS-85 Benchmarks: A Case Study in Reverse Engineering , 1999, IEEE Des. Test Comput..

[2]  G. Edward Suh,et al.  Physical Unclonable Functions for Device Authentication and Secret Key Generation , 2007, 2007 44th ACM/IEEE Design Automation Conference.

[3]  Jarrod A. Roy,et al.  Ending Piracy of Integrated Circuits , 2010, Computer.

[4]  Vishwani D. Agrawal,et al.  Essentials of electronic testing for digital, memory, and mixed-signal VLSI circuits [Book Review] , 2000, IEEE Circuits and Devices Magazine.

[5]  Dick James,et al.  The State-of-the-Art in IC Reverse Engineering , 2009, CHES.

[6]  Melvin A. Breuer,et al.  Digital Systems Testing & Testable Design , 1993 .

[7]  Jeyavijayan Rajendran,et al.  Logic encryption: A fault analysis perspective , 2012, 2012 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[8]  Todd M. Austin,et al.  Online Low-Cost Defect Tolerance Solutions for Microprocessor Designs , 2009 .

[9]  Sanjit A. Seshia,et al.  Reverse engineering circuits using behavioral pattern mining , 2012, 2012 IEEE International Symposium on Hardware-Oriented Security and Trust.

[10]  Miodrag Potkonjak,et al.  Behavioral synthesis techniques for intellectual property protection , 2005, TODE.

[11]  Joseph Zambreno,et al.  Preventing IC Piracy Using Reconfigurable Logic Barriers , 2010, IEEE Design & Test of Computers.

[12]  Howard M. Heys,et al.  Avalanche Characteristics of Substitution-Permutation Encryption Networks , 1995, IEEE Trans. Computers.

[13]  Sharad Malik,et al.  Reverse engineering digital circuits using functional analysis , 2013, 2013 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[14]  Dong Sam Ha,et al.  HOPE: an efficient parallel fault simulator for synchronous sequential circuits , 1992, DAC '92.

[15]  Miodrag Potkonjak,et al.  Robust IP watermarking methodologies for physical design , 1998, Proceedings 1998 Design and Automation Conference. 35th DAC. (Cat. No.98CH36175).

[16]  Farinaz Koushanfar,et al.  Active Hardware Metering for Intellectual Property Protection and Security , 2007, USENIX Security Symposium.

[17]  Neil Walkinshaw,et al.  Reverse-Engineering Software Behavior , 2013, Adv. Comput..

[18]  Marten van Dijk,et al.  A technique to build a secret key in integrated circuits for identification and authentication applications , 2004, 2004 Symposium on VLSI Circuits. Digest of Technical Papers (IEEE Cat. No.04CH37525).

[19]  Dick James,et al.  The state-of-the-art in semiconductor reverse engineering , 2011, 2011 48th ACM/EDAC/IEEE Design Automation Conference (DAC).

[20]  Sun Fire V20z Sun Microsystems , 1996 .

[21]  Simha Sethumadhavan,et al.  Practical, Lightweight Secure Inclusion of Third-Party Intellectual Property , 2013, IEEE Design & Test.

[22]  Jarrod A. Roy,et al.  EPIC: Ending Piracy of Integrated Circuits , 2008, 2008 Design, Automation and Test in Europe.

[23]  Jeyavijayan Rajendran,et al.  Security analysis of logic obfuscation , 2012, DAC Design Automation Conference 2012.

[24]  Miodrag Potkonjak,et al.  Watermarking techniques for intellectual property protection , 1998, Proceedings 1998 Design and Automation Conference. 35th DAC. (Cat. No.98CH36175).

[25]  Swarup Bhunia,et al.  HARPOON: An Obfuscation-Based SoC Design Methodology for Hardware Protection , 2009, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.