AppSAT: Approximately deobfuscating integrated circuits

In today's diversified semiconductor supply-chain, protecting intellectual property (IP) and maintaining manufacturing integrity are important concerns. Circuit obfuscation techniques such as logic encryption and IC camouflaging can potentially defend against a majority of supply-chain threats such as stealthy malicious design modification, IP theft, overproduction, and cloning. Recently, a Boolean Satisfiability (SAT) based attack, namely the SAT attack has been able to deobfuscate almost all traditional circuit obfuscation schemes, and as a result, a number of defense solutions have been proposed in literature. All these defenses are based on the implicit assumption that the attacker needs a perfect deobfuscation accuracy which may not be true in many practical cases. Therefore, in this paper by relaxing the exactness constraint on deobfuscation, we propose the AppSAT attack, an approximate deobfuscation algorithm based on the SAT attack and random testing. We show how the AppSAT attack can deobfuscate 68 out of the 71 benchmark circuits that were obfuscated with state-of-the-art SAT attack defenses with an accuracy of, n being the number of inputs. AppSAT shows that with current SAT attack defenses there will be a trade-off between exact-attack resiliency and approximation resiliency.

[1]  Houman Homayoun,et al.  Hybrid STT-CMOS designs for reverse-engineering prevention , 2016, 2016 53nd ACM/EDAC/IEEE Design Automation Conference (DAC).

[2]  Giorgio Di Natale,et al.  A novel hardware logic encryption technique for thwarting illegal overproduction and Hardware Trojans , 2014, 2014 IEEE 20th International On-Line Testing Symposium (IOLTS).

[3]  Jarrod A. Roy,et al.  EPIC: Ending Piracy of Integrated Circuits , 2008, 2008 Design, Automation and Test in Europe.

[4]  Takeshi Fujino,et al.  Diffusion Programmable Device : The device to prevent reverse engineering , 2014, IACR Cryptol. ePrint Arch..

[5]  Leslie G. Valiant,et al.  A general lower bound on the number of examples needed for learning , 1988, COLT '88.

[6]  Siddharth Garg,et al.  Integrated Circuit (IC) Decamouflaging: Reverse Engineering Camouflaged ICs within Minutes , 2015, NDSS.

[7]  David D. Lewis,et al.  Heterogeneous Uncertainty Sampling for Supervised Learning , 1994, ICML.

[8]  Jeyavijayan Rajendran,et al.  CamoPerturb: Secure IC camouflaging for minterm protection , 2016, 2016 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[9]  Burr Settles,et al.  Active Learning Literature Survey , 2009 .

[10]  Jeyavijayan Rajendran,et al.  Security analysis of integrated circuit camouflaging , 2013, CCS.

[11]  M. Tehranipoor,et al.  Hardware Trojans: Lessons Learned after One Decade of Research , 2016, TODE.

[12]  H.-S. Philip Wong,et al.  TPAD: Hardware Trojan Prevention and Detection for Trusted Integrated Circuits , 2015, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[13]  Yier Jin,et al.  Hardware Security Challenges Beyond CMOS: Attacks and Remedies , 2016, 2016 IEEE Computer Society Annual Symposium on VLSI (ISVLSI).

[14]  Sayak Ray,et al.  Evaluating the security of logic encryption algorithms , 2015, 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[15]  Meng Li,et al.  Provably Secure Camouflaging Strategy for IC Protection , 2019, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[16]  Jeyavijayan Rajendran,et al.  Fault Analysis-Based Logic Encryption , 2015, IEEE Transactions on Computers.

[17]  Niklas Een,et al.  MiniSat v1.13 - A SAT Solver with Conflict-Clause Minimization , 2005 .

[18]  Alex Baumgarten Preventing integrated circuit piracy using reconfigurable logic barriers , 2009 .

[19]  Jeyavijayan Rajendran,et al.  Security analysis of logic obfuscation , 2012, DAC Design Automation Conference 2012.

[20]  Robert K. Brayton,et al.  ABC: An Academic Industrial-Strength Verification Tool , 2010, CAV.

[21]  Ozgur Sinanoglu,et al.  SARLock: SAT attack resistant logic locking , 2016, 2016 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[22]  Ankur Srivastava,et al.  Mitigating SAT Attack on Logic Locking , 2016, CHES.

[23]  Ronald P. Cocchi,et al.  Circuit camouflage integration for hardware IP protection , 2014, 2014 51st ACM/EDAC/IEEE Design Automation Conference (DAC).