Belling the CAD: Toward Security-Centric Electronic System Design

Jeyavijayan Rajendran, Aman Ali, Ozgur Sinanoglu, Ramesh Karri

Research output: Contribution to journalArticle

Abstract

In order to keep pace with the growing complexity of integrated circuits (ICs), IC and system designers are increasingly using electronic system level (ESL) design tools. ESL tool sales were around $460 million in 2011. The value of the ICs designed using these tools is at least an order of magnitude more. Concurrently, advanced IC reverse engineering techniques are being developed and used by attackers. In response, several anti-reverse engineering techniques have been proposed for integration into the IC design flow. An important class of defenses hardens the controllers that orchestrate the functionality of designs generated by ESL tools. We demonstrate an attack to recover the controller in any ESL-generated design even if the controller has been hardened using state-of-the-art controller hardening techniques. The attack analyzes the unhardened parts of the controller (i.e., the controller output logic and datapath) and reconciles this information with the architectural, controller, and timing constraints implicit in and underlying all ESL design methodologies. We then propose a countermeasure that inserts decoy connections into an ESL tool-generated design to thwart reverse engineering. We introduce a security metric to quantify the effectiveness of the developed attacks and defenses. We demonstrate the attack and defenses on designs generated by state-of-the-art ESL tools.

Original languageEnglish (US)
Article number7100906
Pages (from-to)1756-1769
Number of pages14
JournalIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
Volume34
Issue number11
DOIs
StatePublished - Nov 1 2015

Fingerprint

Computer aided design
Systems analysis
Controllers
Integrated circuits
Reverse engineering
Hardening
Sales

Keywords

  • Hardware security
  • High-level synthesis
  • Intellectual Property Protection
  • Piracy

ASJC Scopus subject areas

  • Electrical and Electronic Engineering
  • Computer Graphics and Computer-Aided Design
  • Software

Cite this

Belling the CAD : Toward Security-Centric Electronic System Design. / Rajendran, Jeyavijayan; Ali, Aman; Sinanoglu, Ozgur; Karri, Ramesh.

In: IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, Vol. 34, No. 11, 7100906, 01.11.2015, p. 1756-1769.

Research output: Contribution to journalArticle

@article{cbdf94982cce4ad48446316423cc130d,
title = "Belling the CAD: Toward Security-Centric Electronic System Design",
abstract = "In order to keep pace with the growing complexity of integrated circuits (ICs), IC and system designers are increasingly using electronic system level (ESL) design tools. ESL tool sales were around $460 million in 2011. The value of the ICs designed using these tools is at least an order of magnitude more. Concurrently, advanced IC reverse engineering techniques are being developed and used by attackers. In response, several anti-reverse engineering techniques have been proposed for integration into the IC design flow. An important class of defenses hardens the controllers that orchestrate the functionality of designs generated by ESL tools. We demonstrate an attack to recover the controller in any ESL-generated design even if the controller has been hardened using state-of-the-art controller hardening techniques. The attack analyzes the unhardened parts of the controller (i.e., the controller output logic and datapath) and reconciles this information with the architectural, controller, and timing constraints implicit in and underlying all ESL design methodologies. We then propose a countermeasure that inserts decoy connections into an ESL tool-generated design to thwart reverse engineering. We introduce a security metric to quantify the effectiveness of the developed attacks and defenses. We demonstrate the attack and defenses on designs generated by state-of-the-art ESL tools.",
keywords = "Hardware security, High-level synthesis, Intellectual Property Protection, Piracy",
author = "Jeyavijayan Rajendran and Aman Ali and Ozgur Sinanoglu and Ramesh Karri",
year = "2015",
month = "11",
day = "1",
doi = "10.1109/TCAD.2015.2428707",
language = "English (US)",
volume = "34",
pages = "1756--1769",
journal = "IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems",
issn = "0278-0070",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
number = "11",

}

TY - JOUR

T1 - Belling the CAD

T2 - Toward Security-Centric Electronic System Design

AU - Rajendran, Jeyavijayan

AU - Ali, Aman

AU - Sinanoglu, Ozgur

AU - Karri, Ramesh

PY - 2015/11/1

Y1 - 2015/11/1

N2 - In order to keep pace with the growing complexity of integrated circuits (ICs), IC and system designers are increasingly using electronic system level (ESL) design tools. ESL tool sales were around $460 million in 2011. The value of the ICs designed using these tools is at least an order of magnitude more. Concurrently, advanced IC reverse engineering techniques are being developed and used by attackers. In response, several anti-reverse engineering techniques have been proposed for integration into the IC design flow. An important class of defenses hardens the controllers that orchestrate the functionality of designs generated by ESL tools. We demonstrate an attack to recover the controller in any ESL-generated design even if the controller has been hardened using state-of-the-art controller hardening techniques. The attack analyzes the unhardened parts of the controller (i.e., the controller output logic and datapath) and reconciles this information with the architectural, controller, and timing constraints implicit in and underlying all ESL design methodologies. We then propose a countermeasure that inserts decoy connections into an ESL tool-generated design to thwart reverse engineering. We introduce a security metric to quantify the effectiveness of the developed attacks and defenses. We demonstrate the attack and defenses on designs generated by state-of-the-art ESL tools.

AB - In order to keep pace with the growing complexity of integrated circuits (ICs), IC and system designers are increasingly using electronic system level (ESL) design tools. ESL tool sales were around $460 million in 2011. The value of the ICs designed using these tools is at least an order of magnitude more. Concurrently, advanced IC reverse engineering techniques are being developed and used by attackers. In response, several anti-reverse engineering techniques have been proposed for integration into the IC design flow. An important class of defenses hardens the controllers that orchestrate the functionality of designs generated by ESL tools. We demonstrate an attack to recover the controller in any ESL-generated design even if the controller has been hardened using state-of-the-art controller hardening techniques. The attack analyzes the unhardened parts of the controller (i.e., the controller output logic and datapath) and reconciles this information with the architectural, controller, and timing constraints implicit in and underlying all ESL design methodologies. We then propose a countermeasure that inserts decoy connections into an ESL tool-generated design to thwart reverse engineering. We introduce a security metric to quantify the effectiveness of the developed attacks and defenses. We demonstrate the attack and defenses on designs generated by state-of-the-art ESL tools.

KW - Hardware security

KW - High-level synthesis

KW - Intellectual Property Protection

KW - Piracy

UR - http://www.scopus.com/inward/record.url?scp=84960860996&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84960860996&partnerID=8YFLogxK

U2 - 10.1109/TCAD.2015.2428707

DO - 10.1109/TCAD.2015.2428707

M3 - Article

AN - SCOPUS:84960860996

VL - 34

SP - 1756

EP - 1769

JO - IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems

JF - IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems

SN - 0278-0070

IS - 11

M1 - 7100906

ER -