More Web Proxy on the site http://driver.im/

research-article

Security analysis of integrated circuit camouflaging

Authors:

Jeyavijayan Rajendran,

Ozgur Sinanoglu,

Ramesh KarriAuthors Info & Claims

CCS '13: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security

Pages 709 - 720

https://doi.org/10.1145/2508859.2516656

Published: 04 November 2013 Publication History

Abstract

Camouflaging is a layout-level technique that hampers an attacker from reverse engineering by introducing, in one embodiment, dummy contacts into the layout. By using a mix of real and dummy contacts, one can camouflage a standard cell whose functionality can be one of many. If an attacker cannot resolve the functionality of a camouflaged gate, he/she will extract an incorrect netlist. In this paper, we analyze the feasibility of identifying the functionality of camouflaged gates. We also propose techniques to make the dummy contact-based IC camouflaging technique resilient to reverse engineering. Furthermore, we judiciously select gates to camouflage by using techniques which ensure that the outputs of the extracted netlist are controllably corrupted. The techniques leverage IC testing principles such as justification and sensitization. The proposed techniques are evaluated using ISCAS benchmark circuits and OpenSparc T1 microprocessor controllers.

References

[1]

Chipworks, "Intel‘s 22-nm Tri-gate Transistors Exposed," http://www.chipworks.com/blog/technologyblog/2012/04/23/intels-22-nm-tri-gate-transistors-exposed/, 2012.

[2]

R. Torrance and D. James, "The state-of-the-art in semiconductor reverse engineering," phin the Proc. of IEEE/ACM Design Automation Conference, pp. 333--338, 2011.

Digital Library

[3]

ExtremeTech, "iPhone 5 A6 SoC reverse engineered, reveals rare hand-made custom CPU, and tri-core GPU," http://www.extremetech.com/computing/136749-iphone-5-a6-soc-reverse-engineered-reveals-rare-hand-made-custom-cpu-and-a-tri-core-gpu.

[4]

Silicon Zoo, "The layman's guide to ic reverse engineering," http://siliconzoo.org/tutorial.html.

[5]

Chipworks, "Reverse engineering software," http://www.chipworks.com/en/technical-competitive-analysis/resources/reerse-engineering-software.

[6]

Degate, http://www.degate.org/documentation/.

[7]

SEMI, "Innovation is at risk as semiconductor equipment and materials industry loses up to$4 billion annually due to IP infringement," www.semi.org/en/Press/P043775, 2008.

[8]

SypherMedia, "Syphermedia library circuit camouflage technology," http://www.smi.tv/solutions.htm.

[9]

J. P. Baukus, L. W. Chow, R. P. Cocchi, and B. J. Wang, "Method and apparatus for camouflaging a standard cell based integrated circuit with micro circuits and post processing," phUS Patent no. 20120139582, 2012.

[10]

J. P. Baukus, L. W. Chow, R. P. Cocchi, P. Ouyang, and B. J. Wang, "Building block for a secure cmos logic cell library," phUS Patent no. 8111089, 2012.

[11]

J. P. Baukus, L. W. Chow, and W. Clark, "Integrated circuits protected against reverse engineering and method for fabricating the same using an apparent metal contact line terminating on field oxide," phUS Patent no. 20020096776, 2002.

[12]

"Sun Microsystems, OpenSPARC T1 Processor," phhttp://www.opensparc.net/opensparc-t1/index.html.

[13]

J. P. Baukus, L. W. Chow, R. P. Cocchi, P. Ouyang, and B. J. Wang, "Camouflaging a standard cell based integrated circuit," phUS Patent no. 8151235, 2012.

[14]

J. P. Baukus, L.-W. Chow, J. W. M. Clark, and G. J. Harbison, "Conductive channel pseudo block process and circuit to inhibit reverse engineering," phUS Patent no. 8258583, 2012.

[15]

M. L. Bushnell and V. D. Agrawal, "Essentials of Electronic Testing for Digital, Memory, and Mixed-Signal VLSI Circuits," phKluwer Academic Publishers, Boston, 2000.

[16]

M. Abramovici, M. A. Breuer, and A. D. Friedman, "Digital Systems Testing & Testable Design," phWiley, 1994.

[17]

M. Hansen, H. Yalcin, and J. Hayes, "Unveiling the ISCAS-85 benchmarks: a case study in reverse engineering," phIEEE Design Test of Computers, vol. 16, no. 3, pp. 72--80, 1999.

Digital Library

[18]

H. Lee and D. S. Ha, "HOPE: An Efficient Parallel Fault Simulator for Synchronous Sequential Circuits," phIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 15, no. 9, pp. 1048--1058, 1996.

Digital Library

[19]

Cadence, "RTL Compiler," www.cadence.com/products/ld/rtl\_compiler.

[20]

K. Constantinides, "Online low-cost defect tolerance solutions for microprocessor designs," web.eecs.umich.edu/ taustin/papers/Kypros\_Thesis.pdf.

[21]

A. Waksman, J. Eum, and S. Sethumadhavan, "Practical, lightweight secure inclusion of third-party intellectual property," phIEEE Design & Test, no. 99, pp. 1--1, 2013.

[22]

Oracle, "Opensparc internals," http://www.oracle.com/technetwork/systems/opensparc/opensparc-internals-book-1500271.pdf.

[23]

Y. Alkabani and F. Koushanfar, "Active hardware metering for intellectual property protection and security," phin the Proc. of USENIX security, pp. 291--306, 2007.

Digital Library

[24]

H. Heys and S. Tavares, "Avalanche characteristics of substitution-permutation encryption networks," phIEEE Transactions on Computers, vol. 44, no. 9, pp. 1131 --1139, 1995.

Digital Library

[25]

R. Torrance and D. James, "The state-of-the-art in ic reverse engineering," phin the Proc. of Cryptographic Hardware and Embedded Systems, pp. 363--381, 2009.

Digital Library

[26]

W. M. V. Fleet and M. R. Dransfield, "Method of recovering a gate-level netlist from a transistor-level," phUS Patent no. 6190433, 1998.

[27]

W. Li, Z. Wasson, and S. Seshia, "Reverse engineering circuits using behavioral pattern mining," phin the Proc. of IEEE International Symposium on Hardware-Oriented Security and Trust, pp. 83--88, 2012.

[28]

P. Subramanyan, N. Tsiskaridze, K. Pasricha, D. Reisman, A. Susnea, and S. Malik, "Reverse engineering digital circuits using functional analysis," phin the Proc. of IEEE/ACM Design Automation and Test in Europe, 2013.

Digital Library

[29]

R. Chakraborty and S. Bhunia, "HARPOON: An Obfuscation-Based SoC Design Methodology for Hardware Protection," phIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 28, no. 10, pp. 1493--1502, 2009.

Digital Library

[30]

J. Roy, F. Koushanfar, and I. Markov, "EPIC: Ending Piracy of Integrated Circuits," phIEEE Computer, vol. 43, no. 10, pp. 30--38, 2010.

Digital Library

[31]

J. Rajendran, Y. Pino, O. Sinanoglu, and R. Karri, "Security analysis of logic obfuscation," phin the Proc. of IEEE/ACM Design Automation Conference, pp. 83--89, 2012.

Digital Library

[32]

----, "Logic encryption: A fault analysis perspective," phIEEE Design, Automation Test in Europe, pp. 953--958, 2012.

Digital Library

[33]

A. Baumgarten, A. Tyagi, and J. Zambreno, "Preventing IC Piracy Using Reconfigurable Logic Barriers," phIEEE Design and Test of Computers, vol. 27, no. 1, pp. 66--75, 2010.

Digital Library

[34]

A. Kahng, J. Lach, W. Mangione-Smith, S. Mantik, I. Markov, M. Potkonjak, P. Tucker, H. Wang, and G. Wolfe, "Watermarking techniques for intellectual property protection," phin the Proc. of IEEE/ACM Design Automation Conference, pp. 776--781, 1998.

Digital Library

[35]

F. Koushanfar, I. Hong, and M. Potkonjak, "Behavioral synthesis techniques for intellectual property protection," phACM Transactions on Design Automation of Electronic Systems, vol. 10, no. 3, pp. 523--545, 2005.

Digital Library

[36]

A. Kahng, S. Mantik, I. Markov, M. Potkonjak, P. Tucker, H. Wang, and G. Wolfe, "Robust IP watermarking methodologies for physical design," phin the Proc. of IEEE/ACM Design Automation Conference, pp. 782--787, 1998.

Digital Library

[37]

G. Suh and S. Devadas, "Physical Unclonable Functions for Device Authentication and Secret Key Generation," phin the Proc. of the IEEE/ACM Design Automation Conference, pp. 9--14, 2007.

Digital Library

[38]

J. Lee, D. Lim, B. Gassend, G. Suh, M. van Dijk, and S. Devadas, "A technique to build a secret key in integrated circuits for identification and authentication applications," phin the Proc. of IEEE Internationall Symposium on VLSI Circuits, pp. 176--179, 2004.

[39]

Cadence, "SoC Encounter," http://www.cadence.com/products/di/soc\_encounter/ pages/default.aspx.

Cited By

Abideen ZPagliarini SAbideen ZPagliarini S(2025)IntroductionReconfigurable Obfuscation Techniques for the IC Supply Chain10.1007/978-3-031-77509-3_1(3-23)Online publication date: 12-Jan-2025
https://doi.org/10.1007/978-3-031-77509-3_1
Mankali LSinanoglu OPatnaik SBalzarotti DXu W(2024)INSIGHTProceedings of the 33rd USENIX Conference on Security Symposium10.5555/3698900.3698906(91-108)Online publication date: 14-Aug-2024
https://dl.acm.org/doi/10.5555/3698900.3698906
Karmakar PBharani MKarfa C(2024)Evaluating the Robustness of Large scale eFPGA-based Hardware Redaction2024 37th International Conference on VLSI Design and 2024 23rd International Conference on Embedded Systems (VLSID)10.1109/VLSID60093.2024.00092(517-522)Online publication date: 6-Jan-2024
https://doi.org/10.1109/VLSID60093.2024.00092
Show More Cited By

Index Terms

Security analysis of integrated circuit camouflaging
1. Hardware
  1. Integrated circuits
    1. Logic circuits
      1. Arithmetic and datapath circuits

Recommendations

IP Protection and Supply Chain Security through Logic Obfuscation: A Systematic Overview

The globalization of the semiconductor supply chain introduces ever-increasing security and privacy risks. Two major concerns are IP theft through reverse engineering and malicious modification of the design. The latter concern in part relies on ...
Security analysis of logic obfuscation
DAC '12: Proceedings of the 49th Annual Design Automation Conference

Due to globalization of Integrated Circuit (IC) design flow, rogue elements in the supply chain can pirate ICs, overbuild ICs, and insert hardware trojans. EPIC [1] obfuscates the design by randomly inserting additional gates; only a correct key makes ...
Secure and Low-Overhead Circuit Obfuscation Technique with Multiplexers
GLSVLSI '16: Proceedings of the 26th edition on Great Lakes Symposium on VLSI

Circuit obfuscation techniques have been proposed to conceal circuit's functionality in order to thwart reverse engineering (RE) attacks to integrated circuits (IC). We believe that a good obfuscation method should have low design complexity and low ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '13: Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security

November 2013

1530 pages

ISBN:9781450324779

DOI:10.1145/2508859

General Chair:
Ahmad-Reza Sadeghi
TU Darmstadt, CASED, Intel ICRI-SC, Germany
,
Program Chairs:
Virgil Gligor
Carnegie Mellon University, USA
,
Moti Yung
Columbia University, USA

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 04 November 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CCS'13

Sponsor:

SIGSAC

CCS'13: 2013 ACM SIGSAC Conference on Computer and Communications Security

November 4 - 8, 2013

Berlin, Germany

Acceptance Rates

CCS '13 Paper Acceptance Rate 105 of 530 submissions, 20%;

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Sponsor:
sigsac

ACM SIGSAC Conference on Computer and Communications Security

October 13 - 17, 2025

Taipei , Taiwan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

330
Total Citations
View Citations
2,201
Total Downloads

Downloads (Last 12 months)125
Downloads (Last 6 weeks)13

Reflects downloads up to 17 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Abideen ZPagliarini SAbideen ZPagliarini S(2025)IntroductionReconfigurable Obfuscation Techniques for the IC Supply Chain10.1007/978-3-031-77509-3_1(3-23)Online publication date: 12-Jan-2025
https://doi.org/10.1007/978-3-031-77509-3_1
Mankali LSinanoglu OPatnaik SBalzarotti DXu W(2024)INSIGHTProceedings of the 33rd USENIX Conference on Security Symposium10.5555/3698900.3698906(91-108)Online publication date: 14-Aug-2024
https://dl.acm.org/doi/10.5555/3698900.3698906
Karmakar PBharani MKarfa C(2024)Evaluating the Robustness of Large scale eFPGA-based Hardware Redaction2024 37th International Conference on VLSI Design and 2024 23rd International Conference on Embedded Systems (VLSID)10.1109/VLSID60093.2024.00092(517-522)Online publication date: 6-Jan-2024
https://doi.org/10.1109/VLSID60093.2024.00092
Saxena NVemuri R(2024)Enhancing Output Corruption Through GSHE Switch Based Logic Encryption2024 37th International Conference on VLSI Design and 2024 23rd International Conference on Embedded Systems (VLSID)10.1109/VLSID60093.2024.00090(505-510)Online publication date: 6-Jan-2024
https://doi.org/10.1109/VLSID60093.2024.00090
Rajendran SFarahmandi FTehranipoor M(2024)CAD Tools Pathway in Hardware Security2024 37th International Conference on VLSI Design and 2024 23rd International Conference on Embedded Systems (VLSID)10.1109/VLSID60093.2024.00063(342-347)Online publication date: 6-Jan-2024
https://doi.org/10.1109/VLSID60093.2024.00063
Rathor VSingh MSahoo KMohanty S(2024)GateLock: Input-Dependent Key-Based Locked Gates for SAT Resistant Logic LockingIEEE Transactions on Very Large Scale Integration (VLSI) Systems10.1109/TVLSI.2023.334035032:2(361-371)Online publication date: Feb-2024
https://doi.org/10.1109/TVLSI.2023.3340350
Gubbi KLatibari BChowdhury MJalilzadeh AHamedani ERafatirad SSasan AHomayoun HSalehi S(2024)Optimized and Automated Secure IC Design Flow: A Defense-in-Depth ApproachIEEE Transactions on Circuits and Systems I: Regular Papers10.1109/TCSI.2024.336416071:5(2031-2044)Online publication date: May-2024
https://doi.org/10.1109/TCSI.2024.3364160
Swaroop BSaxena ASahay S(2024)Satisfiability Attack-Resilient Camouflaged Multiple Multivariable Logic-in-Memory Exploiting 3D NAND Flash ArrayIEEE Transactions on Circuits and Systems I: Regular Papers10.1109/TCSI.2023.332633271:2(660-669)Online publication date: Feb-2024
https://doi.org/10.1109/TCSI.2023.3326332
Rahman MTarek SAzar KTehranipoor MFarahmandi F(2024)The Road Not Taken: eFPGA Accelerators Utilized for SoC Security AuditingIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems10.1109/TCAD.2024.338735043:10(3068-3082)Online publication date: Oct-2024
https://doi.org/10.1109/TCAD.2024.3387350
Eslami MGhasempouri TPagliarini S(2024)SCARF: Securing Chips With a Robust Framework Against Fabrication-Time Hardware TrojansIEEE Transactions on Computers10.1109/TC.2024.344908273:12(2761-2775)Online publication date: Dec-2024
https://doi.org/10.1109/TC.2024.3449082
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents