main-content

## Über dieses Buch

This book introduces readers to various threats faced during design and fabrication by today’s integrated circuits (ICs) and systems. The authors discuss key issues, including illegal manufacturing of ICs or “IC Overproduction,” insertion of malicious circuits, referred as “Hardware Trojans”, which cause in-field chip/system malfunction, and reverse engineering and piracy of hardware intellectual property (IP). The authors provide a timely discussion of these threats, along with techniques for IC protection based on hardware obfuscation, which makes reverse-engineering an IC design infeasible for adversaries and untrusted parties with any reasonable amount of resources. This exhaustive study includes a review of the hardware obfuscation methods developed at each level of abstraction (RTL, gate, and layout) for conventional IC manufacturing, new forms of obfuscation for emerging integration strategies (split manufacturing, 2.5D ICs, and 3D ICs), and on-chip infrastructure needed for secure exchange of obfuscation keys- arguably the most critical element of hardware obfuscation.

## Inhaltsverzeichnis

### Chapter 1. Introduction to Hardware Obfuscation: Motivation, Methods and Evaluation

Abstract
While the globalization of the semiconductor production process has accelerated innovation, lowered costs, and reduced time-to-market, it has also created grave trust issues among the different entities involved in the production process. Theft, reverse engineering, and piracy of silicon intellectual property (IP) are the realities that manufacturers and vendors of integrated circuits must face today. In order to combat these threats, obfuscation has emerged as a viable candidate for semiconductor or hardware IP protection. Obfuscation techniques aim at concealing or locking the underlying intellectual property of a semiconductor product, such as IP cores, gate-level designs, or layout, in order to prevent an untrusted party or adversary from reverse engineering and/or exploiting the design. In this chapter, we will review emerging techniques for hardware obfuscation. We will describe the semiconductor supply chain in detail and outline the specific threats associated with each stage in the supply chain. We will also introduce the field of software obfuscation and related concepts that predate hardware obfuscation. Lastly, we will introduce relevant metrics for implementing and evaluating the various hardware obfuscation techniques.
Bicky Shakya, Mark M. Tehranipoor, Swarup Bhunia, Domenic Forte

### Chapter 2. VLSI Test and Hardware Security Background for Hardware Obfuscation

Abstract
This chapter discusses the fundamental concepts of design and testing and their role in hardware obfuscation. It outlines the traditional design flow of integrated circuits and assesses the vulnerabilities associated with the verification techniques and testing structures that can expose the design details and help reverse-engineer the functionality. A survey of security enhancement schemes has been presented. Furthermore, different classifications of hardware obfuscation have been discussed that cover the associated vulnerabilities of key management in nonvolatile memories (NVMs). The review of nonvolatile memories, emerging technologies and hardware-based cryptographic primitives, physical unclonable functions (PUFs) and true random number generators (TRNGs) and their use in hardware obfuscation techniques has been deliberated.
Fareena Saqib, Jim Plusquellic

### Chapter 3. Logic Encryption

Abstract
Logic encryption implements a built-in locking mechanism on integrated circuits (ICs) to prevent reverse engineering and intellectual property (IP) piracy by a malicious foundry and user, and hinder Trojan insertion by a malicious foundry. Since its introduction in 2008, a wide-variety of techniques have been proposed to identify the best places in the design to insert these locks such that (i) an incorrect key results in an incorrect design and (ii) an attacker cannot identify the secret key. Furthermore, conventional testing of chips with logic encryption may help an attacker break logic encryption techniques. In this chapter, we will explain how logic encryption can defeat different types of attacks in the IC supply chains and protocols to aid logic encryption. The security properties and metrics for logic encryption are defined based on the attacker’s capabilities. Furthermore, we will explain the different attacks and their countermeasures for logic encryption.
Jeyavijayan (JV) Rajendran, Siddharth Garg

### Chapter 4. Gate Camouflaging-Based Obfuscation

Abstract
Circuit camouflaging is a layout-level technique to protect VLSI design from being attacked by reverse engineering. It hides design information by configurable logic units that can be configured to perform different functionalities with identical looks to the attackers. In this chapter, after introducing the primitive for gate camouflaging-based obfuscation, we analyze its vulnerability to one specific attack based on circuit partitioning. We then elaborate this attack and discuss two practical countermeasure methods. We explain that the security of gate camouflaging-based obfuscation not only depends on the number of gates being obfuscated, but also which gates we select for obfuscation and the number of different functionalities these gates can implement. As an example, we show how to perform a multiplexer-based gate camouflaging.
Xueyan Wang, Mingze Gao, Qiang Zhou, Yici Cai, Gang Qu

### Chapter 5. Permutation-Based Obfuscation

Abstract
Hardware obfuscation techniques have been studied in preventing reverse engineering and piracy issues. One branch of these techniques is permutation-based obfuscation. In this chapter, permutation-based obfuscation is presented at both the chip level and board level. Prior to providing the implementation details, several implementation-related topics are discussed. These topics consist of the difference between the chip-level and board-level designs as well as the introduction of a general obfuscation implementation flow. Besides the flow, this chapter also provides methodologies for evaluating the obfuscation performance. Finally, potential attacks on permutation-based obfuscation are discussed along with their corresponding countermeasures.
Zimu Guo, Mark M. Tehranipoor, Domenic Forte

### Chapter 6. Protection of Assets from Scan Chain Vulnerabilities Through Obfuscation

Abstract
High-test coverage is essential during integrated circuit (IC) testing in order to avoid production flaws. In order to test ICs, scan-based testing has been commonly used due to high coverage and simple infrastructures. However, IC testing has opened a gateway to new kinds of vulnerabilities that could potentially be used to breach the assets of a system. There have been several attacks reported in literature. In addition, the increasing number of cryptodevices in modern applications and trust issues associated with the fabless semiconductor model has also given rise to major security concerns in ICs. Thus, the importance of scan chain security to protect assets of an IP/design has been increasing with the ubiquitous use of cryptochips. In this chapter, you will learn:
• The importance of powerful scan-based IC testing structure and how scan chain can be used as backdoor for accessing and attacking assets.
• Assets that need to protected against potential scan-based attacks.
• The use of logic obfuscation to prevent potential scan-based attacks.
• The use of logic obfuscation to prevent IC piracy, overproduction, out-of-spec ICs in modern horizontal semiconductor business model.
Md Tauhidur Rahman, Domenic Forte, Mark M. Tehranipoor

### Chapter 7. Active Hardware Metering by Finite State Machine Obfuscation

Abstract
This chapter presents a detailed description and comprehensive discussion of the first known method for active IC metering and IC piracy prevention which allow uniquely locking each manufactured IC at the foundry. The locking structure is embedded during hardware synthesis by FSM modifications such that the IC would not be functional without a proper chips specific passkey that can only be computed by the designer (IP rights owner). We show the analogy between the hardware synthesis transformations and program compilation, and pose the problem of extending the FSM for hiding the locks as an instance of the classic program obfuscation problem. We demonstrate a construction of the locks within FSM as an instance of a general output multi-point function family. This family is known to be effectively obfuscatable in the random oracle model. Therefore, the locks can be efficiently hidden. Finally, we show the low overhead and resistance to attacks of the suggested metering technique.
Farinaz Koushanfar

### Chapter 8. State Space Obfuscation and Its Application in Hardware Intellectual Property Protection

Abstract
In this chapter, we describe the methodology of state space obfuscation for sequential circuits and its application in hardware intellectual property (IP) protection against piracy and tampering attacks. The state space obfuscation is achieved by transforming a given hardware design through judicious modification of the state transition function and insertion of special logic structures at well-chosen locations inside a design. Such modifications perturb the circuit functionality to a maximum extent, while keeping the overall hardware and performance overheads low. Normal functionality is enabled by the application of a specific sequence of vectors at the circuit input, which acts as the enabling key for the circuit. The proposed state space obfuscation methodology effectively locks a gate-level design, and only a legitimate user can unlock it with the application of a predefined key in the form of a sequence of input vectors. We also extend the proposed obfuscation concept to make a given design more robust against hardware Trojan horse (HTH) insertion, thereby increasing the detectability of inserted HTH instances, while incurring low hardware and performance overheads. We present a suitable metric to quantify the level of obfuscation. Finally, we point toward extension of the concept for register transfer level (RTL) circuit descriptions.
Rajat Subhra Chakraborty, Swarup Bhunia

### Chapter 9. Structural Transformation-Based Obfuscation

Abstract
Structural transformation-based obfuscation is an approach to avoid the manipulation of the state transition graph of design, thus avoiding the state explosion problem. An obfuscation is called best-possible if the obfuscated design leaks no more information than any other design of the same function. It is first shown that any best-possible obfuscation of a sequential circuit can be accomplished by a sequence of four operations: retiming, resynthesis, sweep, and conditional stuttering. Then a Key-Locked OBfuscation (KLOB) scheme is developed to protect hardware IP against piracy. Starting with an original circuit, KLOB first adds stuttering with conditions both on key checking and on the original circuit and then obfuscates the conditionally stuttered circuit by a sequence of retiming, resynthesis, and sweep. With the correct key, the circuit will run in the original speed; otherwise, it will run much slower. Potential attacks and the countermeasures are thoroughly discussed.
Hai Zhou

### Chapter 10. Split Manufacturing

Abstract
This chapter discusses split manufacturing, a promising hardware obfuscation technique that partitions a chip into two or more parts, each fabricated at a separate foundry. No one foundry sees the entire design, hindering its ability to thieve the chip’s IP or (as we discuss) maliciously modify the chip. Building upon this intuitive idea, this chapter describes relevant threat models for split manufacturing, a quantitative notion of security for split manufacturing, and techniques to trade off “cost” for security.
Siddharth Garg, Jeyavijayan (JV) Rajendran

### Chapter 11. Obfuscated Built-In Self-authentication

Abstract
Hardware trojan insertion and intellectual property (IP) theft are two major concerns when dealing with untrusted foundries. Most obfuscation techniques have a limited capability of addressing both vulnerabilities. Split manufacturing is designed to stop IP piracy and IC cloning, but it cannot deal with untargeted hardware Trojan insertion. Also, there are significant overheads involved with getting the highest level of protection from split manufacturing. Built-in self-authentication (BISA) is a low-cost technique for preventing and detecting hardware Trojan insertion, but is vulnerable to IP piracy, IC cloning, or redesign attacks, especially on original circuitry. By combining BISA with split manufacturing, it is not only possible to defeat these attacks, but also strengthen protections and lower the cost of split manufacturing as well. The resulting combined technique is called obfuscated BISA (OBISA). In this chapter, the reader can expect to learn: (1) backgrounds on BISA as well as its existing problems and weakness; (2) two separate approaches for OBISA, based on the trade-offs between security and computational/fabrication costs involved; (3) implementation flow for both approaches; and (4) their design issues, trade-offs, and potential attacks.
Qihang Shi, Kan Xiao, Domenic Forte, Mark M. Tehranipoor

### Chapter 12. 3D/2.5D IC-Based Obfuscation

Abstract
Device scaling has increased interconnect power and delay to an extent that it is presenting a bottleneck to further performance gain. 3D/2.5D integration technology emerges as a viable option to improve chip performance in a direction orthogonal to costly device scaling. While the technology was originally proposed to enhance performance, it has unlocked new opportunities to thwart security threats in a global IC supply chain. Various obfuscation techniques based on 3D/2.5D IC technology have been proposed to protect IC designs from being pirated or tampered during outsourced fabrication. This chapter presents the current state of 3D/2.5D IC-based obfuscation techniques and highlights potential security opportunities and challenges of this technology in hardware intellectual property (IP) protection.
Yang Xie, Chongxi Bao, Ankur Srivastava

### Chapter 13. Obfuscation and Encryption for Securing Semiconductor Supply Chain

Abstract
With the advent of globalization, the semiconductor industry has become increasingly vulnerable to the piracy of semiconductor intellectual property (IP), the overuse of IPs in system-on-chips (SoCs), and the overproduction of integrated circuits (ICs). In the previous chapters, various obfuscation approaches based on keys were introduced to prevent these attacks. Such approaches require a confidential and secure method for communicating and storing keys in the ICs. In this chapter, you will learn about the following: $$\bullet$$ various cryptographic primitives commonly employed in different Internet applications; $$\bullet$$ the vulnerabilities of transmitting and storing chip unlock keys that prevent IP overuse and IC overproduction; $$\bullet$$ a secure communication protocol for transferring chip unlock keys from the IP owners and SoC designers to the untrusted foundries and assemblies; $$\bullet$$ how the IEEE P1735 standard can encrypt IPs and manage the chip unlock keys for IPs; and $$\bullet$$ an IP digest that prevents untrusted entities from tampering with encrypted IPs. Note that the secure key management techniques discussed in this chapter focus on obfuscated and encrypted designs; however, they are equally applicable to all kinds of key-based obfuscation techniques discussed throughout this book.
Ujjwal Guin, Mark M. Tehranipoor

### Backmatter

Weitere Informationen