skip to main content


Title: Learning Assisted Side Channel Delay Test for Detection of Recycled ICs
With the outsourcing of design flow, ensuring the security and trustworthiness of integrated circuits has become more challenging. Among the security threats, IC counterfeiting and recycled ICs have received a lot of attention due to their inferior quality, and in turn, their negative impact on the reliability and security of the underlying devices. Detecting recycled ICs is challenging due to the effect of process variations and process drift occurring during the chip fabrication. Moreover, relying on a golden chip as a basis for comparison is not always feasible. Accordingly, this paper presents a recycled IC detection scheme based on delay side-channel testing. The proposed method relies on the features extracted during the design flow and the sample delays extracted from the target chip to build a Neural Network model using which the target chip can be truly identified as new or recycled. The proposed method classifies the timing paths of the target chip into two groups based on their vulnerability to aging using the information collected from the design and detects the recycled ICs based on the deviation of the delay of these two sets from each other.  more » « less
Award ID(s):
1718434 2200446
PAR ID:
10298701
Author(s) / Creator(s):
; ; ; ;
Date Published:
Journal Name:
ASPDAC '21: Proceedings of the 26th Asia and South Pacific Design Automation Conference
Page Range / eLocation ID:
455 to 462
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. Designers use third-party intellectual property (IP) cores and outsource various steps in the integrated circuit (IC) design and manufacturing flow. As a result, security vulnerabilities have been rising. This is forcing IC designers and end users to re-evaluate their trust in ICs. If attackers get hold of an unprotected IC, they can reverse engineer the IC and pirate the IP. Similarly, if attackers get hold of a design, they can insert malicious circuits or take advantage of “backdoors” in a design. Unintended design bugs can also result in security weaknesses. This tutorial paper provides an introduction to the domain of hardware security through two pedagogical examples of hardware security problems. The first is a walk-through of the scan chain-based side channel attack. The second is a walk-through of logic locking of digital designs. The tutorial material is accompanied by open access digital resources that are linked in this article. 
    more » « less
  2. null (Ed.)
    The recycling of used integrated circuits (ICs) has raised serious problems in ensuring the integrity of today's globalized semiconductor supply chain. This poses a serious threat to critical infrastructure due to potentially shorter lifetime, lower reliability, and poorer performance from these counterfeit new chips. Recently, we have proposed a highly effective approach for detecting such chips by exploiting the power-up state of on-chip SRAMs. Due to the symmetry of the memory array layout, an equal number of cells power-up to the 0 and 1 logic states in a new unused SRAM; this ratio gets skewed in time due to uneven NBTI aging from normal usage in the field. Although this solution is very effective in detecting recycled ICs, its applicability is somewhat limited as a large number older designs do not have large on-chip memories. In this paper, we propose an alternate approach based on the initial power-up state of scan flip-flops, which are present in virtually every digital circuit. Since the flip-flops, unlike SRAM cells, are generally not perfectly symmetrical in layout, an equal number of scan cells will not power-up to 0 or 1 logic states in most designs. Consequently, a stable time zero reference of 50% logic 0s and 1s cannot be used for determining the subsequent usage of a chip. To overcome this key limitation, we propose a novel solution in this paper that reliably identifies used ICs from testing the part alone, without the need for any additional reference data or even the netlist of the circuit. Through scan testing of the IC, we first identify a significant number of asymmetrically stressed flip-flops in the design, divided into two groups. One group of flip-flops is selected such that it mostly experiences the 1 logic state during functional operation, while the other group mostly experiences the 0 state. The resulting differential stress during operation causes growing disparity over time in the number of 0s (and 1s) observed in these two groups at power-up. When new and unaged, these two groups behave similarly, with similar percentage of 1s (or 0s). However, over time the differential stress makes these counts diverge. We show that this changing count can be a measure of operational aging. Our simulation results show that it is possible to reliably detect used ICs after as little as three months of operation. 
    more » « less
  3. Microprobing attacks poses a serious threat to security-critical applications by enabling attackers to steal assets and/or secrets within integrated circuits (ICs).With the assistance of focused ion beam (FIB), microprobing attacks are even more powerful. Although there are some existing countermeasures like active shields, analog shields, and t-private circuits, the FIB’s capabilities are not taken into consideration and thus these countermeasures are inefficient and only provide limited resistance against the FIB-enhanced microprobing attacks. To counter the attack, we previously proposed a FIB-aware antiprobing physical design flow that utilizes computer-aided design (CAD) tools to detect and prevent microprobing attack from the IC front-side with minimal extra design effort. In this paper, we expand this flow to protect not only front-side of the IC, but provide simultaneous protection of both front-side and back-side. Results in an Advanced Encryption Standard (AES) benchmark show that, by using the proposed flow, the vulnerable area exposed to front-side probing on security-critical nets is reduced to zero at low FIB aspect ratios with less than 2% timing and area overhead. 
    more » « less
  4. Chip designers can secure their ICs against piracy and overproduction by employing logic locking and obfuscation. However, there are numerous attacks that can examine the logic-locked netlist with the assistance of an activated IC and extract the correct key using a SAT solver. In addition, when it comes to fabrication, the imposed area overhead is a challenge that needs careful attention to preserve the design goals. Thus, to assign a logic locking method that can provide security against diverse attacks and at the same time add minimal area overhead, a comprehensive understanding of the circuit structure is needed. Towards this goal, in this paper, we first build a multi-label dataset by running different attacks on benchmarks locked with existing logic locking methods and various key sizes to capture the provided level of security and overhead for each benchmark. Then we propose and analyze CoLA, a convolutional neural network model that is trained on this dataset and thus is able to map circuits to secure low-overhead locking schemes by analyzing extracted features of the benchmark circuits. Considering various resynthesized versions of the same circuits empowers CoLA to learn features beyond the structure view alone. We use a quantization method that can lower the computation overhead of feature extraction in the classification of new, unseen data, hence speeding up the locking assignment process. Results on over 10,000 data show high accuracy both in the training and validation phases. 
    more » « less
  5. In recent years, semiconductor industry has out-sourced the manufacturing to low-cost but not necessarily trusted foundries. This fabless business model encounters new security challenges, including piracy and overproduction. A well-studied solution to prevent unauthorized products from functioning is logic encryption, where a chip is encrypted using a key only known to the designer. However, the majority of the logic encryption solutions are vulnerable due to key uniformity and probing attacks. In this paper, we first present GSAT, a Global attack on existing IC-specific logic encryption schemes using the SAT model, that effectively deciphers the hidden global key pluggable to all the encrypted ICs. Next, we propose a highly secure and low-cost remedy called SPLEnD: Strong PUF -based Logic Encryption Design. Traditional I C-specific encryption schemes are vulnerable to GSAT attack, while SPLEnD not only effectively resists GSAT, but also balances security and efficiency. 
    more » « less