Qihang Shi

FORTIS: A Comprehensive Solution for Establishing Forward Trust for Protecting IPs and ICs

With the advent of globalization in the semiconductor industry, it is necessary to prevent unauthorized usage of third-party IPs (3PIPs), cloning and unwanted modification of 3PIPs, and unauthorized production of ICs. Due to the increasing complexity of ICs, system-on-chip (SoC) designers use various 3PIPs in their design to reduce time-to-market and development costs, which creates a trust issue between the SoC designer and the IP owners. In addition, as the ICs are fabricated around the globe, the SoC designers give fabrication contracts to offshore foundries to manufacture ICs and have little control over the fabrication process, including the total number of chips fabricated. Similarly, the 3PIP owners lack control over the number of fabricated chips and/or the usage of their IPs in an SoC. Existing research only partially addresses the problems of IP piracy and IC overproduction, and to the best of our knowledge, there is no work that considers IP overuse. In this article, we present a comprehensive solution for preventing IP piracy and IC overproduction by assuring forward trust between all entities involved in the SoC design and fabrication process. We propose a novel design flow to prevent IC overproduction and IP overuse. We use an existing logic encryption technique to obfuscate the netlist of an SoC or a 3PIP and propose a modification to enable manufacturing tests before the activation of chips which is absolutely necessary to prevent overproduction. We have used asymmetric and symmetric key encryption, in a fashion similar to Pretty Good Privacy (PGP), to transfer keys from the SoC designer or 3PIP owners to the chips. In addition, we also propose to attach an IP digest (a cryptographic hash of the entire IP) to the header of an IP to prevent modification of the IP by the SoC designers. We have shown that our approach is resistant to various attacks with the cost of minimal area overhead.

A layout-driven framework to assess vulnerability of ICs to microprobing attacks

Microprobing attacks against integrated circuits (IC) for security critical applications have become a serious concern. With the help of modern circuit editing techniques, an attacker could remove layers of materials and expose wires carrying security critical information for probing. Existing protection methods use active shielding to detect such attacks. However, this technique has been proven to be ineffective, while layers of trigger wire mesh introduce prohibitive cost overhead. In this paper, we investigate the problem of protection against microprobing attacks and present a method to scan layout for microprobing vulnerabilities so that more secure and less costly protections can be developed. Exemplary applications on OpenSPARC T1 core layout is used to evaluate the proposed flow and substantiate findings.

Obfuscated Built-In Self-authentication

Hardware trojan insertion and intellectual property (IP) theft are two major concerns when dealing with untrusted foundries. Most obfuscation techniques have a limited capability of addressing both vulnerabilities. Split manufacturing is designed to stop IP piracy and IC cloning, but it cannot deal with untargeted hardware Trojan insertion. Also, there are significant overheads involved with getting the highest level of protection from split manufacturing. Built-in self-authentication (BISA ) is a low-cost technique for preventing and detecting hardware Trojan insertion, but is vulnerable to IP piracy , IC cloning, or redesign attacks, especially on original circuitry. By combining BISA with split manufacturing, it is not only possible to defeat these attacks, but also strengthen protections and lower the cost of split manufacturing as well. The resulting combined technique is called obfuscated BISA (OBISA ). In this chapter, the reader can expect to learn: (1) backgrounds on BISA as well as its existing problems and weakness; (2) two separate approaches for OBISA, based on the trade-offs between security and computational/fabrication costs involved; (3) implementation flow for both approaches; and (4) their design issues, trade-offs, and potential attacks.

Securing Split Manufactured ICs with Wire Lifting Obfuscated Built-In Self-Authentication

Hardware Trojan insertion and intellectual property (IP) theft are two major concerns when dealing with untrusted foundries. Most existing mitigation techniques are limited in protecting against both vulnerabilities. Split manufacturing is designed to stop IP piracy and IC cloning, but it fails at preventing untargeted hardware Trojan insertion and incurs significant overheads when high level of security is demanded. Built-in self-authentication (BISA) is a low cost technique for preventing and detecting hardware Trojan insertion, but is vulnerable to IP piracy, IC cloning or redesign attacks, especially on original circuitry. In this paper, we propose an obfuscated built-in self-authentication (OBISA) technique that combines and optimizes both technique so that they complement and improve security against both vulnerabilities. Performance of the proposed OBISA technique is presented with experimental implementation on same benchmark circuits as used in the existing wire lifting technique. The security performance is evaluated with the most popular split manufacturing security metrics.

Analyzing Circuit Layout to Probing Attack

Probing attacks against Integrated Circuits (IC) for security critical applications have become a serious concern. With the help of modern IC debug technologies, an attacker could remove layers of materials and expose wires carrying security critical information for probing. Existing protection methods use active shields to detect such attacks. However, problems such as ineffective top layer wire mesh and reused hardware Intellectual Property (IP) blocks exist, which threatens active shield security. Moreover, protection for mass-produced products such as smartcards and security tokens has been overlooked, partly due to they can neither afford the area cost or technology requirements of state-of-the-art protection designs. In this chapter, we cover known techniques in performing probing attacks, the problem of protection against probing attacks, and present a layout-driven framework to assess designs for vulnerabilities to probing attacks.

Deterrent Approaches Against Hardware Trojan Insertion

Deterrent approaches against hardware Trojan insertions are techniques designed for device producers, especially integrated circuit (IC) producers to discourage hardware Trojan insertion into their products, as opposed to other hardware Trojan countermeasures that focus on determining whether an unspecified product is Trojan-free. In this chapter, we provide introduction and discussion on three main deterrent approaches: the monitoring approach, the obstructive approach, and the hybrid approach that combines features of both. For each approach, we introduce a few archetypal techniques of each approach, respectively. Relative strengths and weaknesses of introduced techniques are discussed with regard to the full range of possible adversaries and types of Trojans they may insert.

Probing Attacks on Integrated Circuits: Challenges and Research Opportunities

<italic>Editor’s note:</italic> As a type of invasive physical attacks, probing attacks are able to access and directly monitor security critical nets of an IC and extract sensitive information. In this paper, the authors summarize the state-of-the-art probing and anti-probing technologies and their challenges, and discuss the opportunities in the relevant research. <italic>—Yiran Chen, Duke University</italic>