SoC: a real platform for IP reuse, IP infringement, and IP protection
TL;DR: The IP-based SoC design flow is discussed to highlight the exact locations and the nature of infringements in the flow, identifies the adversaries, categorizes these infringements, and applies strategic analysis on the effectiveness of the existing IPP techniques for these categories of infringement.
Abstract: Increased design complexity, shrinking design cycle, and low cost--this three-dimensional demandmandates advent of system-onchip (SoC) methodology in semiconductor industry. The key concept of SoC is reuse of the intellectual property (IP) cores. Reuse of IPs on SoC increases the risk of misappropriation of IPs due to introduction of several new attacks and involvement of various parties as adversaries. Existing literature has huge number of proposals for IP protection (IPP) techniques to be incorporated in the IP design flow as well as in the SoC design methodology. However, these are quite scattered, limited in possibilities in multithreat environment, and sometimes mutually conflicting. Existing works need critical survey, proper categorization, and summarization to focus on the inherent tradeoff, existing security holes, and new research directions. This paper discusses the IP-based SoC design flow to highlight the exact locations and the nature of infringements in the flow, identifies the adversaries, categorizes these infringements, and applies strategic analysis on the effectiveness of the existing IPP techniques for these categories of infringements. It also clearly highlights recent challenges and new opportunities in this emerging field of research.
Citations
More filters
TL;DR: The proposed methods can embed into the IP or system obfuscation enabled watermark and also provides techniques for access control and fingerprinting and were implemented in an 8 bit ALU that can perform 8 operations.
Abstract: The technology scaling allows complex systems to be placed on a single die with million transistors integrated into it. Intellectual Property (IP) cores are reusable logic blocks used for building such complicated systems. Secure IP designs that can protect authorship are needed to deter IP piracy. One widely used detection method is digital watermarking which provides proof of the ownership to the IP vendor. The proposed methods in this work can embed into the IP or system obfuscation enabled watermark and also provides techniques for access control and fingerprinting. These techniques were implemented in an 8 bit ALU that can perform 8 operations. The functionality of the system was analyzed using the Xilinx ISE Design suite 14.6.
Cites background from "SoC: a real platform for IP reuse, ..."
...Illegitimate copies of an IP are generated due to unlawful IP reselling by a third party or unauthorized over production of ICs in foundry [4]....
[...]
12 Oct 2014
TL;DR: In the emerging field of Intellectual property protection and security for ICs and SoCs with design reuse for shorter time-to-market, misappropriation may be categorized as unauthorized access or interception, generation of illegal copies and insertion of hardware trojan horse.
Abstract: In the emerging field of Intellectual property protection and security for ICs and SoCs with design reuse for shorter time-to-market (Fig. 1), misappropriation may be categorized as (i) unauthorized access or interception, (ii) generation of illegal copies and (iii) insertion of hardware trojan horse (Fig. 2).
TL;DR: This survey provides a comprehensive overview of the usage of GNNs in hardware security and proposes the first taxonomy to divide the state-of-the-art GNN-based hardware security systems into four categories: (i) HT detection systems, (ii) IP piracy detection Systems, (iii) reverse engineering platforms, and (iv) attacks on logic locking.
Abstract: Graph neural networks (GNNs) have attracted increasing attention due to their superior performance in deep learning on graph-structured data. GNNs have succeeded across various domains such as social networks, chemistry, and electronic design automation (EDA). Electronic circuits have a long history of being represented as graphs, and to no surprise, GNNs have demonstrated state-of-the-art performance in solving various EDA tasks. More importantly, GNNs are now employed to address several hardware security problems, such as detecting intellectual property (IP) piracy and hardware Trojans (HTs), to name a few. In this survey, we first provide a comprehensive overview of the usage of GNNs in hardware security and propose the first taxonomy to divide the state-of-the-art GNN-based hardware security systems into four categories: (i) HT detection systems, (ii) IP piracy detection systems, (iii) reverse engineering platforms, and (iv) attacks on logic locking. We summarize the different architectures, graph types, node features, benchmark data sets, and model evaluation of the employed GNNs. Finally, we elaborate on the lessons learned and discuss future directions.
Journal Article•
TL;DR: YL8MCU meets the requirements of digital home appliances and supports system integration on chip and makes used of Reduced Instruction Set Computer (RISC) framework and 5-stage pipeline technology to improve the speed of processing data and instructions.
Abstract: With the growing complexity of the structure and function of the digital home appliance controllers, the higher requirements on the design of integrated circuits are expected. In view of the lower efficiency of the traditional large scale integrated circuit design, such as long design cycle, high investment and bad flexibility, therefore, the traditional design method is unable to meet the rapid product development. A design and its implementation scheme based on System-on- Programmable-Chip (SoPC) technologies with the Intellectual Property (IP) core parametric technology and elastic design method are proposed for the Micro-controller Unit (MCU) YL8MCU applied in digital home appliances. It makes used of Reduced Instruction Set Computer (RISC) framework and 5-stage pipeline technology for designing the instruction sys- tem and hardware structure so as to improve the speed of processing data and instructions. Finally the correctness and fea- sibility of its function is verified with the integrated verification, the IP function module verification based on coverage and the simulation test of the controlling flow for the washer. The results show that YL8MCU meets the requirements of digital home appliances and supports system integration on chip.
Cites background from "SoC: a real platform for IP reuse, ..."
...But in recent years, the integration level of Micro-controller is more and more high, and its function is more and more complex....
[...]
20 Mar 2018
TL;DR: The methodology the authors have employed to avoid process issues and tape-out errors while at the same time reduce their manual work and improve the turnaround time is discussed.
Abstract: The goal of a foundry partner is to deliver high quality silicon product to its customers on time. There is an assumed trust that the silicon will yield, function and perform as expected when the design fits all the sign-off criteria. The use of Intellectual Property (IP) blocks is very common today and provides the customer with pre-qualified and optimized functions for their design thus shortening the design cycle. There are many methods by which an IP Block can be generated and placed within layout. Even with the most careful methods and following of guidelines comes the responsibility of sign-off checking. A foundry needs to detect where these IP Blocks have been placed and look for any violations. This includes DRC clean modifications to the IP Block which may or may not be intentional. Using a pattern-based approach to detect all IP Blocks used provides the foundry advanced capabilities to analyze them further for any kind of changes which could void the OPC and process window optimizations. Having any changes in an IP Block could cause functionality changes or even failures. This also opens the foundry to legal and cost issues while at the same time forcing re-spins of the design. In this publication, we discuss the methodology we have employed to avoid process issues and tape-out errors while at the same time reduce our manual work and improve the turnaround time. We are also able to use our pattern analysis to improve our OPC optimizations when modifications are encountered which have not been seen before.
Cites background from "SoC: a real platform for IP reuse, ..."
...However, an IP core may be infringed during its creation as well as during designing of an SOC re-using that IP [3]....
[...]
References
More filters
Book•
01 Jan 1996TL;DR: A valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography, this book provides easy and rapid access of information and includes more than 200 algorithms and protocols.
Abstract: From the Publisher:
A valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography, this book provides easy and rapid access of information and includes more than 200 algorithms and protocols; more than 200 tables and figures; more than 1,000 numbered definitions, facts, examples, notes, and remarks; and over 1,250 significant references, including brief comments on each paper.
13,597 citations
20 May 2007
TL;DR: These results show that Trojans that are 3-4 orders of magnitude smaller than the main circuit can be detected by signal processing techniques and provide a starting point to address this important problem.
Abstract: Hardware manufacturers are increasingly outsourcing their IC fabrication work overseas due to their much lower cost structure. This poses a significant security risk for ICs used for critical military and business applications. Attackers can exploit this loss of control to substitute Trojan ICs for genuine ones or insert a Trojan circuit into the design or mask used for fabrication. We show that a technique borrowed from side-channel cryptanalysis can be used to mitigate this problem. Our approach uses noise modeling to construct a set of fingerprints/or an IC family utilizing side- channel information such as power, temperature, and electromagnetic (EM) profiles. The set of fingerprints can be developed using a few ICs from a batch and only these ICs would have to be invasively tested to ensure that they were all authentic. The remaining ICs are verified using statistical tests against the fingerprints. We describe the theoretical framework and present preliminary experimental results to show that this approach is viable by presenting results obtained by using power simulations performed on representative circuits with several different Trojan circuitry. These results show that Trojans that are 3-4 orders of magnitude smaller than the main circuit can be detected by signal processing techniques. While scaling our technique to detect even smaller Trojans in complex ICs with tens or hundreds of millions of transistors would require certain modifications to the IC design process, our results provide a starting point to address this important problem.
741 citations
"SoC: a real platform for IP reuse, ..." refers methods in this paper
...The technique is also capable of detecting trojan of 3-4 orders of magnitude smaller than the main circuit using signal processing [28]....
[...]
...…et al. 2009 [23] Y Y Castillo et al. 2007 [24] Y Abdel-Hamid et al. 2005 [25] Y Saha and Sur-Kolay 2010 [26] Y Majzoobi and Koushanfar 2009 [27] Y Agrawal et al. 2007 [28] Y Y Cui et al. 2008 [29] Y Lach et al. 2001 [30] Y Y Gu et al. 2009 [31] Y Li and Lach 2008 [32] Y Y Potkonjak et al. 2009…...
[...]
TL;DR: Simulation results for a set of ISCAS-89 benchmark circuits and the advanced-encryption-standard IP core show that high levels of security can be achieved at less than 5% area and power overhead under delay constraint.
Abstract: Hardware intellectual-property (IP) cores have emerged as an integral part of modern system-on-chip (SoC) designs. However, IP vendors are facing major challenges to protect hardware IPs from IP piracy. This paper proposes a novel design methodology for hardware IP protection using netlist-level obfuscation. The proposed methodology can be integrated in the SoC design and manufacturing flow to simultaneously obfuscate and authenticate the design. Simulation results for a set of ISCAS-89 benchmark circuits and the advanced-encryption-standard IP core show that high levels of security can be achieved at less than 5% area and power overhead under delay constraint.
468 citations
"SoC: a real platform for IP reuse, ..." refers methods in this paper
...An obfuscation technique discussed in [18], inserts a small FSM and constitutes a preinitialization state space, which is resilient against reverse engineering....
[...]
...…and Sur-Kolay 2009 [13] Y Roy et al. 2008 [14] Y Alkabani et al. 2008 [15] Y Alkabani and Koushanfar 2007 [16] Y Alkabani et al. 2007 [17] Y Y Chakraborty and Bhunia 2009 [18] Y Y Granado-Criado et al. 2010 [19] Y Dyka and Langendoerfer 2005 [20] Y Suzuki et al. 2004 [21] Y Deng et al. 2009…...
[...]
Proceedings Article•
06 Aug 2007TL;DR: The first active hardware metering scheme that aims to protect integrated circuits (IC) intellectual property (IP) against piracy and runtime tampering is introduced and has a low-overhead in terms of power, delay, and area, while it is extremely resilient against the considered attacks.
Abstract: We introduce the first active hardware metering scheme that aims to protect integrated circuits (IC) intellectual property (IP) against piracy and runtime tampering. The novel metering method simultaneously employs inherent unclonable variability in modern manufacturing technology, and functionality preserving alternations of the structural IC specifications. Active metering works by enabling the designers to lock each IC and to remotely disable it. The objectives are realized by adding new states and transitions to the original finite state machine (FSM) to create boosted finite state machines(BFSM) of the pertinent design. A unique and unpredictable ID generated by an IC is utilized to place an BFSM into the power-up state upon activation. The designer, knowing the transition table, is the only one who can generate input sequences required to bring the BFSM into the functional initial (reset) state. To facilitate remote disabling of ICs, black hole states are integrated within the BFSM.
We introduce nine types of potential attacks against the proposed active metering method. We further describe a number of countermeasures that must be taken to preserve the security of active metering against the potential attacks. The implementation details of the method with the objectives of being low-overhead, unclonable, obfuscated, stable, while having a diverse set of keys is presented. The active metering method was implemented, synthesized and mapped on the standard benchmark circuits. Experimental evaluations illustrate that the method has a low-overhead in terms of power, delay, and area, while it is extremely resilient against the considered attacks.
354 citations
"SoC: a real platform for IP reuse, ..." refers background in this paper
...…hardware Charbon and Torunoglu 2000 [10] Y Adi et al. 2006 [12] Y Saha and Sur-Kolay 2009 [13] Y Roy et al. 2008 [14] Y Alkabani et al. 2008 [15] Y Alkabani and Koushanfar 2007 [16] Y Alkabani et al. 2007 [17] Y Y Chakraborty and Bhunia 2009 [18] Y Y Granado-Criado et al. 2010 [19] Y Dyka and…...
[...]
...In its active counterpart [16], design house keeps control of illegal ICs through monitoring of IC property and reuse, and by disabling functionalities of illegal ICs....
[...]
09 Jun 2008
TL;DR: This paper discusses how a technique for precisely measuring the combinational delay of an arbitrarily large number of register-to-register paths internal to the functional portion of the IC can be used to provide the desired authentication and design alteration detection.
Abstract: New attacker scenarios involving integrated circuits (ICs) are emerging that pose a tremendous threat to national security. Concerns about overseas fabrication facilities and the protection of deployed ICs have given rise to methods for IC authentication (ensuring that an IC being used in a system has not been altered, replaced, or spoofed) and hardware Trojan Horse (HTH) detection (ensuring that an IC fabricated in a nonsecure facility contains the desired functionality and nothing more), but significant additional work is required to quell these treats. This paper discusses how a technique for precisely measuring the combinational delay of an arbitrarily large number of register-to-register paths internal to the functional portion of the IC can be used to provide the desired authentication and design alteration (including HTH implantation) detection. This low-cost delay measurement technique does not affect the main IC functionality and can be performed at-speed at both test-time and run-time.
316 citations
"SoC: a real platform for IP reuse, ..." refers methods in this paper
...…2010 [26] Y Majzoobi and Koushanfar 2009 [27] Y Agrawal et al. 2007 [28] Y Y Cui et al. 2008 [29] Y Lach et al. 2001 [30] Y Y Gu et al. 2009 [31] Y Li and Lach 2008 [32] Y Y Potkonjak et al. 2009 [33] Y Wei et al. 2010 [34] Y Dutt and Li 2009 [35] Y Y Potkonjak 2010 [36] Y needs wider space for…...
[...]
...The technique in [32] precisely measures actual combinational delay of large number of paths....
[...]