SoC: a real platform for IP reuse, IP infringement, and IP protection
TL;DR: The IP-based SoC design flow is discussed to highlight the exact locations and the nature of infringements in the flow, identifies the adversaries, categorizes these infringements, and applies strategic analysis on the effectiveness of the existing IPP techniques for these categories of infringement.
Abstract: Increased design complexity, shrinking design cycle, and low cost--this three-dimensional demandmandates advent of system-onchip (SoC) methodology in semiconductor industry. The key concept of SoC is reuse of the intellectual property (IP) cores. Reuse of IPs on SoC increases the risk of misappropriation of IPs due to introduction of several new attacks and involvement of various parties as adversaries. Existing literature has huge number of proposals for IP protection (IPP) techniques to be incorporated in the IP design flow as well as in the SoC design methodology. However, these are quite scattered, limited in possibilities in multithreat environment, and sometimes mutually conflicting. Existing works need critical survey, proper categorization, and summarization to focus on the inherent tradeoff, existing security holes, and new research directions. This paper discusses the IP-based SoC design flow to highlight the exact locations and the nature of infringements in the flow, identifies the adversaries, categorizes these infringements, and applies strategic analysis on the effectiveness of the existing IPP techniques for these categories of infringements. It also clearly highlights recent challenges and new opportunities in this emerging field of research.
Citations
More filters
29 Oct 2022
TL;DR: A comprehensive overview of the usage of GNNs in hardware security can be found in this paper , where the authors divide the state-of-the-art GNN-based hardware security systems into four categories: IP piracy detection systems, reverse engineering platforms, and attacks on logic locking.
Abstract: Graph neural networks (GNNs) have attracted increasing attention due to their superior performance in deep learning on graph-structured data. GNNs have succeeded across various domains such as social networks, chemistry, and electronic design automation (EDA). Electronic circuits have a long history of being represented as graphs, and to no surprise, GNNs have demonstrated state-of-the-art performance in solving various EDA tasks. More importantly, GNNs are now employed to address several hardware security problems, such as detecting intellectual property (IP) piracy and hardware Trojans (HTs), to name a few.In this survey, we first provide a comprehensive overview of the usage of GNNs in hardware security and propose the first taxonomy to divide the state-of-the-art GNN-based hardware security systems into four categories: (i) HT detection systems, (ii) IP piracy detection systems, (iii) reverse engineering platforms, and (iv) attacks on logic locking. We summarize the different architectures, graph types, node features, benchmark data sets, and model evaluation of the employed GNNs. Finally, we elaborate on the lessons learned and discuss future directions.
5 citations
TL;DR: This paper presents a methodology to integrate a fuzzy coprocessor described in VHDL to a soft processor embedded into an FPGA, which increases the throughput of the whole system, since the controller uses parallelism at the circuitry level for high-speed-demanding applications, the rest of the application can be written in C/C++.
Abstract: This paper presents a methodology to integrate a fuzzy coprocessor described in VHDL (VHSIC Hardware Description Language) to a soft processor embedded into an FPGA, which increases the throughput of the whole system, since the controller uses parallelism at the circuitry level for high-speed-demanding applications, the rest of the application can be written in C/C++. We used the ARM 32-bit soft processor, which allows sequential and parallel programming. The FLC coprocessor incorporates a tuning method that allows to manipulate the system response. We show experimental results using a fuzzy PD+I controller as the embedded coprocessor.
4 citations
Cites methods from "SoC: a real platform for IP reuse, ..."
...…June 2012 Academic Editor: Oscar Castillo Copyright © 2012 Oscar Montiel-Ross et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited....
[...]
29 Nov 2022
TL;DR: GNN4IC as discussed by the authors proposes a generic pipeline for tailoring GNN models toward solving challenging problems for IC design, and outlines promising options for each pipeline element, and discuss selected and promising works, like leveraging GNNs to break SOTA logic obfuscation.
Abstract: Graph neural networks (GNNs) have pushed the state-of-the-art (SOTA) for performance in learning and predicting on large-scale data present in social networks, biology, etc. Since integrated circuits (ICs) can naturally be represented as graphs, there has been a tremendous surge in employing GNNs for machine learning (ML)-based methods for various aspects of IC design. Given this trajectory, there is a timely need to review and discuss some powerful and versatile GNN approaches for advancing IC design. In this paper, we propose a generic pipeline for tailoring GNN models toward solving challenging problems for IC design. We out-line promising options for each pipeline element, and we discuss selected and promising works, like leveraging GNNs to break SOTA logic obfuscation. Our comprehensive overview of GNNs frame-works covers (i) electronic design automation (EDA) and IC design in general, (ii) design of reliable ICs, and (iii) design as well as analysis of secure ICs. We provide our overview and related resources also in the GNN4IC hub at https://github.com/DfX-NYUAD/GNN4IC. Finally, we discuss interesting open problems for future research.
4 citations
TL;DR: A NoC IP protection technique called circular path--based fingerprinting (CPF) using fingerprint embedding is proposed and a theoretical model using polyomino theory to get the number of distinct fingerprints in a NoC is provided.
Abstract: Intellectual property (IP) reuse is a well-known technique in chip design industry. But this technique also exposes a security vulnerability called IP stealing attack. Network-on-Chip (NoC) is an on-chip scalable communication medium and is used as an IP and sold by various vendors to be integrated in a Multiprocessor System-on-Chip (MPSoC). An attacker can launch IP stealing attack against NoC IP. In this article, we propose a NoC IP protection technique called circular path--based fingerprinting (CPF) using fingerprint embedding. We also provide a theoretical model using polyomino theory to get the number of distinct fingerprints in a NoC. We show that our proposed technique requires much less hardware overhead compared to an existing NoC IP security solution and also provides better security against removal and masking attacks. In particular, our proposed CPF technique requires 27.41% less router area compared to the existing solution. We also show that our CPF solution does not affect the normal packet latency and hence does not degrade the NoC performance.
3 citations
2 citations
References
More filters
Book•
01 Jan 1996TL;DR: A valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography, this book provides easy and rapid access of information and includes more than 200 algorithms and protocols.
Abstract: From the Publisher:
A valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography, this book provides easy and rapid access of information and includes more than 200 algorithms and protocols; more than 200 tables and figures; more than 1,000 numbered definitions, facts, examples, notes, and remarks; and over 1,250 significant references, including brief comments on each paper.
13,597 citations
20 May 2007
TL;DR: These results show that Trojans that are 3-4 orders of magnitude smaller than the main circuit can be detected by signal processing techniques and provide a starting point to address this important problem.
Abstract: Hardware manufacturers are increasingly outsourcing their IC fabrication work overseas due to their much lower cost structure. This poses a significant security risk for ICs used for critical military and business applications. Attackers can exploit this loss of control to substitute Trojan ICs for genuine ones or insert a Trojan circuit into the design or mask used for fabrication. We show that a technique borrowed from side-channel cryptanalysis can be used to mitigate this problem. Our approach uses noise modeling to construct a set of fingerprints/or an IC family utilizing side- channel information such as power, temperature, and electromagnetic (EM) profiles. The set of fingerprints can be developed using a few ICs from a batch and only these ICs would have to be invasively tested to ensure that they were all authentic. The remaining ICs are verified using statistical tests against the fingerprints. We describe the theoretical framework and present preliminary experimental results to show that this approach is viable by presenting results obtained by using power simulations performed on representative circuits with several different Trojan circuitry. These results show that Trojans that are 3-4 orders of magnitude smaller than the main circuit can be detected by signal processing techniques. While scaling our technique to detect even smaller Trojans in complex ICs with tens or hundreds of millions of transistors would require certain modifications to the IC design process, our results provide a starting point to address this important problem.
741 citations
"SoC: a real platform for IP reuse, ..." refers methods in this paper
...The technique is also capable of detecting trojan of 3-4 orders of magnitude smaller than the main circuit using signal processing [28]....
[...]
...…et al. 2009 [23] Y Y Castillo et al. 2007 [24] Y Abdel-Hamid et al. 2005 [25] Y Saha and Sur-Kolay 2010 [26] Y Majzoobi and Koushanfar 2009 [27] Y Agrawal et al. 2007 [28] Y Y Cui et al. 2008 [29] Y Lach et al. 2001 [30] Y Y Gu et al. 2009 [31] Y Li and Lach 2008 [32] Y Y Potkonjak et al. 2009…...
[...]
TL;DR: Simulation results for a set of ISCAS-89 benchmark circuits and the advanced-encryption-standard IP core show that high levels of security can be achieved at less than 5% area and power overhead under delay constraint.
Abstract: Hardware intellectual-property (IP) cores have emerged as an integral part of modern system-on-chip (SoC) designs. However, IP vendors are facing major challenges to protect hardware IPs from IP piracy. This paper proposes a novel design methodology for hardware IP protection using netlist-level obfuscation. The proposed methodology can be integrated in the SoC design and manufacturing flow to simultaneously obfuscate and authenticate the design. Simulation results for a set of ISCAS-89 benchmark circuits and the advanced-encryption-standard IP core show that high levels of security can be achieved at less than 5% area and power overhead under delay constraint.
468 citations
"SoC: a real platform for IP reuse, ..." refers methods in this paper
...An obfuscation technique discussed in [18], inserts a small FSM and constitutes a preinitialization state space, which is resilient against reverse engineering....
[...]
...…and Sur-Kolay 2009 [13] Y Roy et al. 2008 [14] Y Alkabani et al. 2008 [15] Y Alkabani and Koushanfar 2007 [16] Y Alkabani et al. 2007 [17] Y Y Chakraborty and Bhunia 2009 [18] Y Y Granado-Criado et al. 2010 [19] Y Dyka and Langendoerfer 2005 [20] Y Suzuki et al. 2004 [21] Y Deng et al. 2009…...
[...]
Proceedings Article•
06 Aug 2007TL;DR: The first active hardware metering scheme that aims to protect integrated circuits (IC) intellectual property (IP) against piracy and runtime tampering is introduced and has a low-overhead in terms of power, delay, and area, while it is extremely resilient against the considered attacks.
Abstract: We introduce the first active hardware metering scheme that aims to protect integrated circuits (IC) intellectual property (IP) against piracy and runtime tampering. The novel metering method simultaneously employs inherent unclonable variability in modern manufacturing technology, and functionality preserving alternations of the structural IC specifications. Active metering works by enabling the designers to lock each IC and to remotely disable it. The objectives are realized by adding new states and transitions to the original finite state machine (FSM) to create boosted finite state machines(BFSM) of the pertinent design. A unique and unpredictable ID generated by an IC is utilized to place an BFSM into the power-up state upon activation. The designer, knowing the transition table, is the only one who can generate input sequences required to bring the BFSM into the functional initial (reset) state. To facilitate remote disabling of ICs, black hole states are integrated within the BFSM.
We introduce nine types of potential attacks against the proposed active metering method. We further describe a number of countermeasures that must be taken to preserve the security of active metering against the potential attacks. The implementation details of the method with the objectives of being low-overhead, unclonable, obfuscated, stable, while having a diverse set of keys is presented. The active metering method was implemented, synthesized and mapped on the standard benchmark circuits. Experimental evaluations illustrate that the method has a low-overhead in terms of power, delay, and area, while it is extremely resilient against the considered attacks.
354 citations
"SoC: a real platform for IP reuse, ..." refers background in this paper
...…hardware Charbon and Torunoglu 2000 [10] Y Adi et al. 2006 [12] Y Saha and Sur-Kolay 2009 [13] Y Roy et al. 2008 [14] Y Alkabani et al. 2008 [15] Y Alkabani and Koushanfar 2007 [16] Y Alkabani et al. 2007 [17] Y Y Chakraborty and Bhunia 2009 [18] Y Y Granado-Criado et al. 2010 [19] Y Dyka and…...
[...]
...In its active counterpart [16], design house keeps control of illegal ICs through monitoring of IC property and reuse, and by disabling functionalities of illegal ICs....
[...]
09 Jun 2008
TL;DR: This paper discusses how a technique for precisely measuring the combinational delay of an arbitrarily large number of register-to-register paths internal to the functional portion of the IC can be used to provide the desired authentication and design alteration detection.
Abstract: New attacker scenarios involving integrated circuits (ICs) are emerging that pose a tremendous threat to national security. Concerns about overseas fabrication facilities and the protection of deployed ICs have given rise to methods for IC authentication (ensuring that an IC being used in a system has not been altered, replaced, or spoofed) and hardware Trojan Horse (HTH) detection (ensuring that an IC fabricated in a nonsecure facility contains the desired functionality and nothing more), but significant additional work is required to quell these treats. This paper discusses how a technique for precisely measuring the combinational delay of an arbitrarily large number of register-to-register paths internal to the functional portion of the IC can be used to provide the desired authentication and design alteration (including HTH implantation) detection. This low-cost delay measurement technique does not affect the main IC functionality and can be performed at-speed at both test-time and run-time.
316 citations
"SoC: a real platform for IP reuse, ..." refers methods in this paper
...…2010 [26] Y Majzoobi and Koushanfar 2009 [27] Y Agrawal et al. 2007 [28] Y Y Cui et al. 2008 [29] Y Lach et al. 2001 [30] Y Y Gu et al. 2009 [31] Y Li and Lach 2008 [32] Y Y Potkonjak et al. 2009 [33] Y Wei et al. 2010 [34] Y Dutt and Li 2009 [35] Y Y Potkonjak 2010 [36] Y needs wider space for…...
[...]
...The technique in [32] precisely measures actual combinational delay of large number of paths....
[...]