An official website of the United States government
The globalization of the manufacturing process and the supply chain for electronic hardware has been driven by the need to maximize profitability while lowering risk in a technologically advanced silicon sector. However, many hardware IPs’ security features have been broken because of the rise in successful hardware attacks. Existing security efforts frequently ignore numerous dangers in favor of fixing a particular vulnerability. This inspired the development of a unique method that uses emerging spin-based devices to obfuscate circuitry to secure hardware intellectual property (IP) during fabrication and the supply chain. We propose an Optimized and Automated Secure IC (OASIC) Design Flow, a defense-in-depth approach that can minimize overhead while maximizing security. Our EDA tool flow uses a dynamic obfuscation method that employs dynamic lockboxes, which include switch boxes and magnetic random access memory (MRAM)-based look-up tables (LUT) while offering minimal overhead and being flexible and resilient against modern SAT-based attacks and power side-channel attacks. An EDA tool flow for optimized lockbox insertion is also developed to generate SAT-resilient design netlists with the least power and area overhead. PPA metrics and security (SAT attack time) are provided to the designer for each lockbox insertion run. A verification methodology is provided to verify locked and unlocked designs for functional correctness. Finally, we use ISCAS’85 benchmarks to show that the EDA tool flow provides a secure hardware netlist with maximum security while considering power and area constraints. Our results indicate that the proposed OASIC design flow can maximize security while incurring less than 15% area overhead and maintaining a similar power footprint compared to the original design. OASIC design flow demonstrates improved performance as design size increases, which demonstrates the scalability of the proposed approach.
more »
« less
Securing Hardware via Dynamic Obfuscation Utilizing Reconfigurable Interconnect and Logic Blocks
Maximizing profits while minimizing risk in a technologically advanced silicon industry has motivated the globalization of the fabrication process and electronic hardware supply chain. However, with the increasing magnitude of successful hardware attacks, the security of many hardware IPs has been compromised. Many existing security works have focused on resolving a single vulnerability while neglecting other threats. This motivated to propose a novel approach for securing hardware IPs during the fabrication process and supply chain via logic obfuscation by utilizing emerging spin-based devices. Our proposed dynamic obfuscation approach uses reconfigurable logic and interconnects blocks (RIL-Blocks), consisting of Magnetic Random Access Memory (MRAM)-based Look Up Tables and switch boxes flexibility and resiliency against state-of-the-art SAT-based attacks and power side-channel attacks while incurring a small overhead. The proposed Scan Enabled Obfuscation circuitry obfuscates the oracle circuit’s responses and further fortifies the logic and routing obfuscation provided by the RIL-Blocks, resembling a defense-in-depth approach. The empirical evaluation of security provided by the proposed RIL-Blocks on the ISCAS benchmark and common evaluation platform (CEP) circuit shows that resiliency comes with reduced overhead while providing resiliency to various hardware security threats.
more »
« less
- Award ID(s):
- 2200446
- PAR ID:
- 10360795
- Date Published:
- Journal Name:
- 2021 58th ACM/IEEE Design Automation Conference (DAC)
- Page Range / eLocation ID:
- 229 to 234
- Format(s):
- Medium: X
- Sponsoring Org:
- National Science Foundation
More Like this
-
-
Various attacks on hardware intellectual properties (IPs) have been successful in obtaining design information that can be used to reverse engineer a system, create counterfeits, or insert hardware Trojans. Key-based hardware obfuscation is an attractive solution that helps prevent such attacks. In this paper, for the first time, we propose a key error tolerant obfuscation approach that achieves graceful degradation in output Quality of Service (QoS) as the bit error rate (BER) in obfuscation key increases. The approach, which we refer to it as, “Quality Obfuscation”, is applicable to a large variety of IPs, including digital signal processing (DSP) and approximating computing IPs, which are resilient to output QoS degradation. We present a complete obfuscation framework that can be adapted to any error tolerance rate. To demonstrate its robustness, we obfuscate several common DSP IP blocks and observe the performance under various percentages of bit-flips in the key. We show that our approach provides controllability of system quality, as well as the strong protection at low overhead, e.g., average 15% area and 5.9% power overhead to tolerate 10% BER.more » « less
-
Modern semiconductor manufacturing often leverages a fabless model in which design and fabrication are partitioned. This has led to a large body of work attempting to secure designs sent to an untrusted third party through obfuscation methods. On the other hand, efficient de-obfuscation attacks have been proposed, such as Boolean Satisfiability attacks (SAT attacks). However, there is a lack of frameworks to validate the security and functionality of obfuscated designs. Additionally, unconventional obfuscated design flows, which vary from one obfuscation to another, have been key impending factors in realizing logic locking as a mainstream approach for securing designs. In this work, we address these two issues for Lookup Table-based obfuscation. We study both Volatile and Non-volatile versions of LUT-based obfuscation and develop a framework to validate SAT runtime using machine learning. We can achieve unparallel SAT-resiliency using LUT-based obfuscation while incurring 7% area and less than 1% power overheads. Following this, we discuss and implement a validation flow for obfuscated designs. We then fabricate a chip consisting of several benchmark designs and a RISC-V CPU in TSMC 65nm for post functionality validation. We show that the design flow and SAT-runtime validation can easily integrate LUT-based obfuscation into existing CAD tools while adding minimal verification overhead. Finally, we justify SAT-resilient LUT-based obfuscation as a promising candidate for securing designs.more » « less
-
null (Ed.)Logic locking has been widely evaluated as a proactive countermeasure against the hardware security threats within the IC supply chain. However, the introduction of the SAT attack, and many of its derivatives, has raised big concern about this form of countermeasure. In this paper, we explore the possibility of exploiting chaos computing as a new means of logic locking. We introduce the concept of chaotic logic locking, called ChaoLock, in which, by leveraging asymmetric inputs in digital chaotic Boolean gates, we define the concept of programmability (key-configurability) to the sets of underlying initial conditions and system parameters. These initial conditions and system parameters determine the operation (functionality) of each digital chaotic Boolean gate. Also, by proposing dummy inputs in chaotic Boolean gates, we show that during reverse-engineering, the dummy inputs conceal the main functionality of the chaotic Boolean gates, which make the reverse-engineering almost impossible. By performing a security analysis of ChaoLock, we show that with no restriction on conventional CMOS-based ASIC implementation and with no test/debug compromising, none of the state-of-the-art attacks on logic locking, including the SAT attack, could reformulate chaotic Boolean gates while dummy inputs are involved and their parameters are locked. Our analysis and experimental results show that with a low number of chaotic Boolean gates mixed with CMOS digital gates, ChaoLock can guarantee resiliency against the state-of-the-art attacks on logic locking at low overhead.more » « less
-
Logic locking has emerged as a promising solution to protect integrated circuits against piracy and tampering. However, the security provided by existing logic locking techniques is often thwarted by Boolean satisfiability (SAT)-based oracle-guided attacks. Criteria for successful SAT attacks on locked circuits include: (i) the circuit under attack is fully combinational, or (ii) the attacker has scan chain access. To address the threat posed by SAT-based attacks, we adopt the dynamically obfuscated scan chain (DOSC) architecture and illustrate its resiliency against the SAT attacks when inserted into the scan chain of an obfuscated design. We demonstrate, both mathematically and experimentally, that DOSC exponentially increases the resiliency against key extraction by SAT attack and its variants. Our results show that the mathematical estimation of attack complexity correlates to the experimental results with an accuracy of 95% or better. Along with the formal proof, we model DOSC architecture to its equivalent combinational circuit and perform SAT attack to evaluate its resiliency empirically. Our experiments demonstrate that SAT attack on DOSC-inserted benchmark circuits timeout at minimal test time overhead, and while DOSC requires less than 1% area and power overhead.more » « less
- Free Publicly Accessible Full Text
-
Accepted Manuscript1.0
- Conference Paper:
- https://doi.org/10.1109/DAC18074.2021.9586242
