IP Protection and Supply Chain Security through Logic Obfuscation

The globalization of the semiconductor supply chain introduces ever-increasing security and privacy risks. Two major concerns are IP theft through reverse engineering and malicious modification of the design. The latter concern in part relies on successful reverse engineering of the design as well. IC camouflaging and logic locking are two of the techniques under research that can thwart reverse engineering by end-users or foundries. However, developing low overhead locking/camouflaging schemes that can resist the ever-evolving state-of-the-art attacks has been a challenge for several years. This article provides a comprehensive review of the state of the art with respect to locking/camouflaging techniques. We start by defining a systematic threat model for these techniques and discuss how various real-world scenarios relate to each threat model. We then discuss the evolution of generic algorithmic attacks under each threat model eventually leading to the strongest existing attacks. The article then systematizes defences and along the way discusses attacks that are more specific to certain kinds of locking/camouflaging. The article then concludes by discussing open problems and future directions.

[1]  Ozgur Sinanoglu,et al.  Stripped Functionality Logic Locking With Hamming Distance-Based Restore Unit (SFLL-hd) – Unlocked , 2019, IEEE Transactions on Information Forensics and Security.

[2]  Ronald P. Cocchi,et al.  Circuit camouflage integration for hardware IP protection , 2014, 2014 51st ACM/EDAC/IEEE Design Automation Conference (DAC).

[3]  Farinaz Koushanfar Hardware Metering: A Survey , 2012 .

[4]  Congyin Shi,et al.  Thwarting analog IC piracy via combinational locking , 2017, 2017 IEEE International Test Conference (ITC).

[5]  Jeyavijayan Rajendran,et al.  What to Lock?: Functional and Parametric Locking , 2017, ACM Great Lakes Symposium on VLSI.

[6]  Meng Li,et al.  A practical split manufacturing framework for Trojan prevention via simultaneous wire lifting and cell insertion , 2018, 2018 23rd Asia and South Pacific Design Automation Conference (ASP-DAC).

[7]  Jeyavijayan Rajendran,et al.  Activation of logic encrypted chips: Pre-test or post-test? , 2016, 2016 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[8]  Tomoya Saito,et al.  Overview of Embedded Flash Memory Technology , 2018, Embedded Flash Memory for Embedded Systems.

[9]  Joseph Zambreno,et al.  Preventing IC Piracy Using Reconfigurable Logic Barriers , 2010, IEEE Design & Test of Computers.

[10]  Meng Li,et al.  AppSAT: Approximately deobfuscating integrated circuits , 2017, 2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[11]  Christof Paar,et al.  Stealthy dopant-level hardware Trojans: extended version , 2014, Journal of Cryptographic Engineering.

[12]  John D. Backes,et al.  The analysis of cyclic circuits with Boolean satisfiability , 2008, 2008 IEEE/ACM International Conference on Computer-Aided Design.

[13]  Jeyavijayan Rajendran,et al.  Removal Attacks on Logic Locking and Camouflaging Techniques , 2020, IEEE Transactions on Emerging Topics in Computing.

[14]  Hai Zhou,et al.  Vulnerability and Remedy of Stripped Function Logic Locking , 2019, IACR Cryptol. ePrint Arch..

[15]  Meng Li,et al.  Cross-Lock: Dense Layout-Level Interconnect Locking using Cross-bar Architectures , 2018, ACM Great Lakes Symposium on VLSI.

[16]  Fei Li,et al.  A 65nm flash-based FPGA fabric optimized for low cost and power , 2011, FPGA '11.

[17]  David Z. Pan,et al.  On the Approximation Resiliency of Logic Locking and IC Camouflaging Schemes , 2019, IEEE Transactions on Information Forensics and Security.

[18]  Alex Baumgarten Preventing integrated circuit piracy using reconfigurable logic barriers , 2009 .

[19]  Meng Li,et al.  Cyclic Obfuscation for Creating SAT-Unresolvable Circuits , 2017, ACM Great Lakes Symposium on VLSI.

[20]  Jeyavijayan Rajendran,et al.  Security analysis of logic obfuscation , 2012, DAC Design Automation Conference 2012.

[21]  Jeyavijayan Rajendran,et al.  Towards Provably-Secure Analog and Mixed-Signal Locking Against Overproduction , 2018, 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[22]  Ioannis Savidis,et al.  Protecting analog circuits with parameter biasing obfuscation , 2017, 2017 18th IEEE Latin American Test Symposium (LATS).

[23]  Jeyavijayan Rajendran,et al.  Provably-Secure Logic Locking: From Theory To Practice , 2017, CCS.

[24]  Jeyavijayan Rajendran,et al.  Security analysis of integrated circuit camouflaging , 2013, CCS.

[25]  Ujjwal Guin,et al.  Robust Design-for-Security Architecture for Enabling Trust in IC Manufacturing and Test , 2018, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[26]  Hai Zhou,et al.  BeSAT: behavioral SAT-based attack on cyclic logic encryption , 2019, ASP-DAC.

[27]  Christof Paar,et al.  Physical Design Obfuscation of Hardware: A Comprehensive Investigation of Device and Logic-Level Techniques , 2019, IEEE Transactions on Information Forensics and Security.

[28]  Jean-Pierre Seifert,et al.  On the Power of Optical Contactless Probing: Attacking Bitstream Encryption of FPGAs , 2017, CCS.

[29]  Ulf Schlichtmann,et al.  TimingCamouflage: Improving circuit security against counterfeiting by unconventional timing , 2018, 2018 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[30]  Ilia Polian,et al.  Security aspects of analog and mixed-signal circuits , 2016, 2016 IEEE 21st International Mixed-Signal Testing Workshop (IMSTW).

[31]  David Z. Pan,et al.  Revisit sequential logic obfuscation: Attacks and defenses , 2017, 2017 IEEE International Symposium on Circuits and Systems (ISCAS).

[32]  Ashish Tiwari,et al.  Reverse Engineering Digital Circuits Using Structural and Functional Analyses , 2014, IEEE Transactions on Emerging Topics in Computing.

[33]  Ozgur Sinanoglu,et al.  Towards provably-secure performance locking , 2018, 2018 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[34]  Boris Skoric,et al.  Read-Proof Hardware from Protective Coatings , 2006, CHES.

[35]  Christof Paar,et al.  On the Difficulty of FSM-based Hardware Obfuscation , 2018, IACR Trans. Cryptogr. Hardw. Embed. Syst..

[36]  Niklas Sörensson,et al.  An Extensible SAT-solver , 2003, SAT.

[37]  Jean-Pierre Seifert,et al.  No Place to Hide: Contactless Probing of Secret Data on FPGAs , 2016, CHES.

[38]  Jarrod A. Roy,et al.  EPIC: Ending Piracy of Integrated Circuits , 2008, 2008 Design, Automation and Test in Europe.

[39]  Yici Cai,et al.  Secure and low-overhead circuit obfuscation technique with multiplexers , 2016, 2016 International Great Lakes Symposium on VLSI (GLSVLSI).

[40]  Ashish Tiwari,et al.  Template-based circuit understanding , 2014, 2014 Formal Methods in Computer-Aided Design (FMCAD).

[41]  Hai Zhou,et al.  Double DIP: Re-Evaluating Security of Logic Encryption Algorithms , 2017, ACM Great Lakes Symposium on VLSI.

[42]  Domenic Forte,et al.  Novel Bypass Attack and BDD-based Tradeoff Analysis Against All Known Logic Locking Attacks , 2017, CHES.

[43]  Swarup Bhunia,et al.  Introduction to Hardware Obfuscation: Motivation, Methods and Evaluation , 2017 .

[44]  Swarup Bhunia,et al.  HARPOON: An Obfuscation-Based SoC Design Methodology for Hardware Protection , 2009, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[45]  Ankur Srivastava,et al.  TimingSAT: Timing Profile Embedded SAT Attack , 2018, 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[46]  Ozgur Sinanoglu,et al.  Transforming between logic locking and IC camouflaging , 2015, 2015 10th International Design & Test Symposium (IDT).

[47]  Mark Mohammad Tehranipoor,et al.  Covert Gates: Protecting Integrated Circuits with Undetectable Camouflaging , 2019, IACR Trans. Cryptogr. Hardw. Embed. Syst..

[48]  Yici Cai,et al.  Toward a Formal and Quantitative Evaluation Framework for Circuit Obfuscation Methods , 2019, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[49]  Hai Zhou,et al.  SigAttack: New High-level SAT-based Attack on Logic Encryptions , 2019, 2019 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[50]  Ozgur Sinanoglu,et al.  ATPG-based cost-effective, secure logic locking , 2018, 2018 IEEE 36th VLSI Test Symposium (VTS).

[51]  Yiorgos Makris,et al.  Security and trust in the analog/mixed-signal/RF domain: A survey and a perspective , 2017, 2017 22nd IEEE European Test Symposium (ETS).

[52]  Siddharth Garg,et al.  Securing Computer Hardware Using 3D Integrated Circuit (IC) Technology and Split Manufacturing for Obfuscation , 2013, USENIX Security Symposium.

[53]  Siddharth Garg,et al.  Reverse engineering camouflaged sequential circuits without scan access , 2017, 2017 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[54]  Jean-Pierre Seifert,et al.  Key Extraction using Thermal Laser Stimulation: A Case Study on Xilinx Ultrascale FPGAs , 2018, IACR Cryptol. ePrint Arch..

[55]  Ken Mai,et al.  A secure camouflaged logic family using post-manufacturing programming with a 3.6GHz adder prototype in 65nm CMOS at 1V nominal VDD , 2018, 2018 IEEE International Solid - State Circuits Conference - (ISSCC).

[56]  Hideto Hidaka Embedded Flash Memory for Embedded Systems: Technology, Design for Sub-systems, and Innovations , 2017, Integrated Circuits and Systems.

[57]  Swarup Bhunia,et al.  Security against hardware Trojan through a novel application of design obfuscation , 2009, 2009 IEEE/ACM International Conference on Computer-Aided Design - Digest of Technical Papers.

[58]  Hai Zhou A Humble Theory and Application for Logic Encryption , 2017, IACR Cryptol. ePrint Arch..

[59]  Russell Tessier,et al.  FPGA Architecture: Survey and Challenges , 2008, Found. Trends Electron. Des. Autom..

[60]  Farinaz Koushanfar,et al.  Active Hardware Metering for Intellectual Property Protection and Security , 2007, USENIX Security Symposium.

[61]  Nur A. Touba,et al.  Improving logic obfuscation via logic cone analysis , 2015, 2015 16th Latin-American Test Symposium (LATS).

[62]  Ozgur Sinanoglu,et al.  SARLock: SAT attack resistant logic locking , 2016, 2016 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[63]  Todd M. Austin,et al.  SWAN: Mitigating Hardware Trojans with Design Ambiguity , 2018, 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[64]  Yici Cai,et al.  Is the Secure IC camouflaging really secure? , 2016, 2016 IEEE International Symposium on Circuits and Systems (ISCAS).

[65]  Jason Cong,et al.  FPGA-RPI: A Novel FPGA Architecture With RRAM-Based Programmable Interconnects , 2014, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[66]  Jeyavijayan Rajendran,et al.  CamoPerturb: Secure IC camouflaging for minterm protection , 2016, 2016 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[67]  Mark Mohammad Tehranipoor,et al.  A Survey on Chip to System Reverse Engineering , 2016, JETC.

[68]  Ozgur Sinanoglu,et al.  Obfuscating the interconnects: Low-cost and resilient full-chip layout camouflaging , 2017, 2017 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[69]  D. Roy,et al.  Comb Capacitor Structures for On-Chip Physical Uncloneable Function , 2009, IEEE Transactions on Semiconductor Manufacturing.

[70]  Hai Zhou,et al.  CycSAT-unresolvable cyclic logic encryption using unreachable states , 2019, ASP-DAC.

[71]  Hai Zhou,et al.  Cyclic locking and memristor-based obfuscation against CycSAT and inside foundry attacks , 2018, 2018 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[72]  Xiangyu Zhang,et al.  Incremental SAT-Based Reverse Engineering of Camouflaged Logic Circuits , 2017, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[73]  Meng Li,et al.  Provably secure camouflaging strategy for IC protection , 2016, 2016 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[74]  Ken Mai,et al.  A secure camouflaged threshold voltage defined logic family , 2016, 2016 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[75]  Ankur Srivastava,et al.  Mitigating SAT Attack on Logic Locking , 2016, CHES.

[76]  Siddharth Garg,et al.  Reverse Engineering Camouflaged Sequential Integrated Circuits Without Scan Access , 2017, ArXiv.

[77]  Brent Waters,et al.  Candidate Indistinguishability Obfuscation and Functional Encryption for all Circuits , 2013, 2013 IEEE 54th Annual Symposium on Foundations of Computer Science.

[78]  Siddharth Garg,et al.  Logic Locking for Secure Outsourced Chip Fabrication: A New Attack and Provably Secure Defense Mechanism , 2017, ArXiv.

[79]  Hai Zhou,et al.  SAT-based bit-flipping attack on logic encryptions , 2018, 2018 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[80]  Arlindo L. Oliveira Techniques for the creation of digital watermarks in sequentialcircuit designs , 2001, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[81]  Ujjwal Guin,et al.  A novel design-for-security (DFS) architecture to prevent unauthorized IC overproduction , 2017, 2017 IEEE 35th VLSI Test Symposium (VTS).

[82]  Deepak Sirone,et al.  Functional Analysis Attacks on Logic Locking , 2018, IEEE Transactions on Information Forensics and Security.

[83]  Siddharth Garg,et al.  Integrated Circuit (IC) Decamouflaging: Reverse Engineering Camouflaged ICs within Minutes , 2015, NDSS.

[84]  Igor L. Markov,et al.  Solving the Third-Shift Problem in IC Piracy With Test-Aware Logic Locking , 2015, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[85]  Ozgur Sinanoglu,et al.  Customized Locking of IP Blocks on a Multi-Million-Gate SoC , 2018, 2018 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[86]  Dick James,et al.  The State-of-the-Art in IC Reverse Engineering , 2009, CHES.

[87]  Sergei Skorobogatov,et al.  Reverse Engineering Flash EEPROM Memories Using Scanning Electron Microscopy , 2016, CARDIS.

[88]  Swarup Bhunia,et al.  SAIL: Machine Learning Guided Structural Analysis Attack on Hardware Obfuscation , 2018, 2018 Asian Hardware Oriented Security and Trust Symposium (AsianHOST).

[89]  Avesta Sasan,et al.  SMT Attack: Next Generation Attack on Obfuscated Circuits with Capabilities and Performance Beyond the SAT Attacks , 2018, IACR Trans. Cryptogr. Hardw. Embed. Syst..

[90]  Sayak Ray,et al.  Evaluating the security of logic encryption algorithms , 2015, 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[91]  Anirban Sengupta,et al.  DSP design protection in CE through algorithmic transformation based structural obfuscation , 2017, IEEE Transactions on Consumer Electronics.

[92]  Hai Zhou,et al.  CycSAT: SAT-based attack on cyclic logic encryptions , 2017, 2017 IEEE/ACM International Conference on Computer-Aided Design (ICCAD).

[93]  Takeshi Fujino,et al.  Diffusion Programmable Device : The device to prevent reverse engineering , 2014, IACR Cryptol. ePrint Arch..

[94]  Mark Mohammad Tehranipoor,et al.  Chip-level anti-reverse engineering using transformable interconnects , 2015, 2015 IEEE International Symposium on Defect and Fault Tolerance in VLSI and Nanotechnology Systems (DFTS).

[95]  Avesta Sasan,et al.  SRCLock: SAT-Resistant Cyclic Logic Locking for Protecting the Hardware , 2018, ACM Great Lakes Symposium on VLSI.

[96]  Li Li,et al.  Structural transformation for best-possible obfuscation of sequential circuits , 2013, 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[97]  Ozgur Sinanoglu,et al.  TTLock: Tenacious and traceless logic locking , 2017, 2017 IEEE International Symposium on Hardware Oriented Security and Trust (HOST).

[98]  Meng Li,et al.  KC2: Key-Condition Crunching for Fast Sequential Circuit Deobfuscation , 2019, 2019 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[99]  Christof Paar,et al.  Development of a Layout-Level Hardware Obfuscation Tool , 2015, 2015 IEEE Computer Society Annual Symposium on VLSI.

[100]  Meng Li,et al.  TimingSAT: Decamouflaging Timing-based Logic Obfuscation , 2018, 2018 IEEE International Test Conference (ITC).

[101]  Jeyavijayan Rajendran,et al.  Fault Analysis-Based Logic Encryption , 2015, IEEE Transactions on Computers.

[102]  Ankur Srivastava,et al.  Delay locking: Security enhancement of logic locking against IC counterfeiting and overproduction , 2017, 2017 54th ACM/EDAC/IEEE Design Automation Conference (DAC).

[103]  Daisuke Suzuki,et al.  Reversing stealthy dopant-level circuits , 2014, Journal of Cryptographic Engineering.

[104]  Alex Orailoglu,et al.  Piercing Logic Locking Keys through Redundancy Identification , 2019, 2019 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[105]  Ashish Tiwari,et al.  WordRev: Finding word-level structures in a sea of bit-level gates , 2013, 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[106]  Yici Cai,et al.  A conflict-free approach for parallelizing SAT-based de-camouflaging attacks , 2018, 2018 23rd Asia and South Pacific Design Automation Conference (ASP-DAC).

[107]  J. Birkner,et al.  A very-high-speed field-programmable gate array using metal-to-metal antifuse programmable elements , 1992 .

[108]  Tiziano Villa,et al.  An FSM Reengineering Approach to Sequential Circuit Synthesis by State Splitting , 2008, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[109]  Meng Li,et al.  Circuit Obfuscation and Oracle-guided Attacks: Who can Prevail? , 2017, ACM Great Lakes Symposium on VLSI.