A Novel Approach to Unsupervised Automated Extraction of Standard Cell Library for Reverse Engineering and Hardware Assurance

Reverse engineering today is supported by several tools, such as ICWorks, that assist in the processing and extraction of logic elements from high definition layer by layer images of integrated circuits. To the best of our knowledge, they all work under the assumption that the standard cell library used in the design process of the integrated circuit is available. However, in situations where reverse engineering is done on commercial off-the-shelf components, this information is not available thereby, rendering the assumption invalid. Until now, this problem has not been addressed. In this paper, we introduce a novel approach for the extraction of standard cell library using the contact layer from these images. The approach is completely automated and does not require any prior knowledge on the construction or layout of the target semiconductor integrated circuit. The performance of the approach is evaluated on two AES designs with 10,000 cells compiled from standard libraries with 32nm and 90nm node technologies having 350 and 340 standard cells respectively. We were able to successfully extract 94% and 60% of the standard cells from the 32nm and 90nm AES designs using the proposed approach. We also perform a case study using a realworld sample extracted from a smartcard. Finally, we also investigate the various challenges involved in the extraction of standard cells from images and the steps involved in resolving them.

[1]  Dick James,et al.  The State-of-the-Art in IC Reverse Engineering , 2009, CHES.

[2]  E. L. Principe,et al.  Steps Toward Automated Deprocessing of Integrated Circuits , 2017 .

[3]  Vazgen Melikyan,et al.  Synopsys' open educational design kit: Capabilities, deployment and future , 2009, 2009 IEEE International Conference on Microelectronic Systems Education.

[4]  Ashish Tiwari,et al.  WordRev: Finding word-level structures in a sea of bit-level gates , 2013, 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[5]  Sharad Malik,et al.  Reverse engineering digital circuits using functional analysis , 2013, 2013 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[6]  John P. Hayes,et al.  Unveiling the ISCAS-85 Benchmarks: A Case Study in Reverse Engineering , 1999, IEEE Des. Test Comput..

[7]  E. Babayan,et al.  32/28nm Educational Design Kit: Capabilities, deployment and future , 2013, 2013 IEEE Asia Pacific Conference on Postgraduate Research in Microelectronics and Electronics (PrimeAsia).

[8]  Ramesh Karri,et al.  A Primer on Hardware Security: Models, Methods, and Metrics , 2014, Proceedings of the IEEE.

[9]  Ronald P. Cocchi,et al.  Circuit camouflage integration for hardware IP protection , 2014, 2014 51st ACM/EDAC/IEEE Design Automation Conference (DAC).

[10]  Mark Mohammad Tehranipoor,et al.  Detecting Hardware Trojans Inserted by Untrusted Foundry Using Physical Inspection and Advanced Image Processing , 2018, Journal of Hardware and Systems Security.

[11]  L. Avery,et al.  Reverse Engineering Complex Application-Specific Integrated Circuits ( ASICs ) , 2002 .

[12]  David Evans,et al.  Reverse-Engineering a Cryptographic RFID Tag , 2008, USENIX Security Symposium.

[13]  Mark Mohammad Tehranipoor,et al.  A Survey on Chip to System Reverse Engineering , 2016, JETC.

[14]  Sanjit A. Seshia,et al.  Reverse engineering circuits using behavioral pattern mining , 2012, 2012 IEEE International Symposium on Hardware-Oriented Security and Trust.

[15]  Beatrice Fraboni,et al.  Layout reconstruction of complex silicon chips , 1993 .