An official website of the United States government
Assuring the quality and the trustworthiness of third party resources has been a hard problem to tackle. Researchers have shown that analyzing Integrated Circuits (IC), without the aid of golden models, is challenging. In this paper we discuss a toolset, NETA, designed to aid IP users in assuring the confidentiality, integrity, and accessibility of their IC or third party IP core. The discussed toolset gives access to a slew of gate-level analysis tools, many of which are heuristic-based, for the purposes of extracting high-level circuit design information. NETA majorly comprises the following tools: RELIC, REBUS, REPCA, REFSM, and REPATH. The first step involved in netlist analysis falls to signal classification. RELIC uses a heuristic based fan-in structure matcher to determine the uniqueness of each signal in the netlist. REBUS finds word groups by leveraging the data bus in the netlist in conjunction with RELIC's signal comparison through heuristic verification of input structures. REPCA on the other hand tries to improve upon the standard bruteforce RELIC comparison by leveraging the data analysis technique of PCA and a sparse RELIC analysis on all signals. Given a netlist and a set of registers, REFSM reconstructs the logic which represents the behavior of a particular register set over the course of the operation of a given netlist. REFSM has been shown useful for examining register interaction at a higher level. REPATH, similar to REFSM, finds a series of input patterns which forces a logical FSM initialize with some reset state into a state specified by the user. Finally, REFSM 2 is introduced to utilizes linear time precomputation to improve the original REFSM.
more »
« less
RELIC-FUN: Logic Identification through Functional Signal Comparisons
The ability to reverse engineer a hardware netlist in order to detect malicious logic has become an important problem in recent years. Much work has been done on algorithmically identifying structure and state in circuits; the first step of which is to separate control signals from data signals. The most current tools rely on topological comparisons of logic in order to identify signals which are uniquely structured in the netlist, as these signals are likely control signals. However, topological comparisons become less effective when a netlist has been resynthesized and optimized. We present a new tool, RELIC-FUN, based on netlist slicing and functional comparison of logic. Experimental results show that depending on netlist size, optimization, and control logic density, the proposed algorithm can be more accurate, and faster, than existing topological algorithms in many cases.
more »
« less
- Award ID(s):
- 1812071
- PAR ID:
- 10237618
- Date Published:
- Journal Name:
- 57th ACM/IEEE Design Automation Conference (DAC)
- Page Range / eLocation ID:
- 1 to 6
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
null (Ed.)Due to the globalization of semiconductor manufacturing and test processes, the system-on-a-chip (SoC) designers no longer design the complete SoC and manufacture chips on their own. This outsourcing of the design and manufacturing of Integrated Circuits (ICs) has resulted in several threats, such as overproduction of ICs, sale of out-of-specification/rejected ICs, and piracy of Intellectual Properties (IPs). Logic locking has emerged as a promising defense strategy against these threats. However, various attacks about the extraction of secret keys have undermined the security of logic locking techniques. Over the years, researchers have proposed different techniques to prevent existing attacks. In this article, we propose a novel attack that can break any logic locking techniques that rely on the stored secret key. This proposed TAAL attack is based on implanting a hardware Trojan in the netlist, which leaks the secret key to an adversary once activated. As an untrusted foundry can extract the netlist of a design from the layout/mask information, it is feasible to implement such a hardware Trojan. All three proposed types of TAAL attacks can be used for extracting secret keys. We have introduced the models for both the combinational and sequential hardware Trojans that evade manufacturing tests. An adversary only needs to choose one hardware Trojan out of a large set of all possible Trojans to launch the TAAL attack.more » « less
-
Originating with the discovery of the quantum Hall effect (QHE) in condensed matter physics, topological order has been receiving increased attention also for classical wave phenomena. Topological protection enables efficient and robust signal transport; mechanical topological insulators (TIs), in particular, are easy to fabricate and exhibit interfacial wave transport with minimal dissipation, even in the presence of sharp edges, defects, or disorder. Here, we report the experimental demonstration of a phononic crystal Floquet TI (FTI). Hexagonal arrays of circular piezoelectric disks bonded to a PLA substrate, shunted through negative electrical capacitance, and manipulated by external integrated circuits, provide the required spatiotemporal modulation scheme to break time-reversal symmetry and impart a synthetic angular momentum bias that can induce strong topological protection on the lattice edges. Our proposed reconfigurable FTI may find applications for robust acoustic emitters and mechanical logic circuits, with distinct advantages over electronic equivalents in harsh operating conditions.more » « less
-
Current-induced magnetic switching via spin–orbit torques has been extensively pursued for memory and logic applications with promising energy efficiency. Topological insulators are a group of materials with spin-momentum locked electronic states at the surface due to spin–orbit coupling, which can be harnessed to reach strong spin–orbit torques. In this paper, we summarize and compare the methods for calibrating the charge-spin conversion efficiency in topological insulators, with which topological insulators are identified as outstanding spin–orbit torque generators compared with the well-studied heavy metals. We then review the results of magnetic switching under reduced current density in topological insulator/ferromagnet heterostructures. Finally, we provide insights on current challenges as well as possible exploration directions in the emerging field of topological spintronics.more » « less
-
null (Ed.)Logic Locking is a well-accepted protection technique to enable trust in the outsourced design and fabrication processes of integrated circuits (ICs) where the original design is modified by incorporating additional key gates in the netlist, resulting in a key-dependent functional circuit. The original functionality of the chip is recovered once it is programmed with the secret key, otherwise, it produces incorrect results for some input patterns. Over the past decade, different attacks have been proposed to break logic locking, simultaneously motivating researchers to develop more secure countermeasures. In this paper, we propose a novel stuck-at fault-based differential fault analysis (DFA) attack, which can be used to break logic locking that relies on a stored secret key. This proposed attack is based on self-referencing, where the secret key is determined by injecting faults in the key lines and comparing the response with its fault-free counterpart. A commercial ATPG tool can be used to generate test patterns that detect these faults, which will be used in DFA to determine the secret key. One test pattern is sufficient to determine one key bit, which results in at most |K| test patterns to determine the entire secret key of size |K|. The proposed attack is generic and can be extended to break any logic locked circuits.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- https://doi.org/10.1109/DAC18072.2020.9218616
