# Protecting Critical Integrated Circuit Intellectual Property from Theft and Counterfeiting

### Ioannis Savidis

### Department of Electrical and Computer Engineering Drexel University

September 15, 2016







### Integrated Circuits and Electronics (ICE) Design and Analysis Laboratory



**Degrees:** B.S.E., Duke University M.S., University of Rochester Ph.D., University of Rochester (2013)

#### **Research Interests**

Analysis, modeling, and design methodologies for high performance digital and mixed-signal integrated circuits; Emerging integrated circuit technologies; Electrical and thermal modeling and characterization, signal and power integrity, and power and clock delivery for 3-D IC technologies; On-chip power management; Low-power circuit techniques; Algorithms and methodologies for secure IC design

2

#### LABORATORY & TEAM

- Three Ph.D. students
  - Kyle Juretus Secure IC design
  - Divya Pathak On-chip power management
  - Shazzad Hossain Near-threshold computing for low power applications
- Two M.S. students
  - Isuru Daulagala Clock tree synthesis for 3-D integrated circuits
  - Vaibhav Venugopal Rao Analog IC IP protection
- One B.S. student
  - Akash Rai Sinha
- 2,000 square feet of dedicated research space





### Research Foci

#### Hardware security

Real-time Trojan detection and EDA tool development

#### **Power management**

On-chip power delivery for 2-D and 3-D ICs



#### Securing nondigital ASICs

Analog IC and FPGA protection

Circuit techniques and methodologies for heterogeneous 2-D and 3-D ICs

### **3-D physical design**

Clock tree synthesis, multi-plane placement and routing

#### Near-threshold computing

Robust, low-noise clock and power delivery for NTC

# 3-D IC characterization

Synchronization, power distribution, thermal coupling

- Introduction to IP Protection
- Logic Encryption
- Reduced Overhead Logic Obfuscation
- Design for Trust
- Conclusions



- Introduction to IP Protection
  - Security Threats of Horizontal IC Design Flow
  - Countermeasures to Security Threats
- Logic Encryption
- Reduced Overhead Logic Obfuscation
- Design for Trust
- Conclusions



# Increased SoC Complexity



\* Courtesy of Freescale (i.MX6 SoC)

- Increase in the number and type of circuit blocks integrated into a single system-on-chip
- Multi-vendor IP integration
- ARM, OpenCores, Altera, Synopsys, Cadence, S3 Group, ....

# Globalization of the IC Supply Chain



 $\overline{7}$ 

• Globalization of the design, fabrication, packaging, and test processes



# Threats at Different Stages of IC Production





- Introduction to IP Protection
  - Security Threats of Horizontal IC Design Flow
  - Countermeasures to IP Theft and Counterfeiting
- Logic Encryption
- Reduced Overhead Logic Obfuscation
- Design for Trust
- Conclusions



# Split Manufacturing of Integrated Circuits



 Layout split into front end of line layers (FEOL) and back end of line layers (BEOL)

 Prevents a single foundry from gaining full access to the IC

Limitations

FEOL Layers

BEOL

Layers

- End-user able to reverse engineer IC
  - Does not prevent blackbox usage of a design



J. Rajendran, O. Sinanoglu, and R. Karri, "Is Split Manufacturing Secure?," in the Proceedings of the Design, Automation & Test in Europe Conference & Exhibition, pp. 1259-1264, 2013.

# IC Camouflaging

- Disguises layer connections with dummy contacts
  - Increases difficulty of reverse engineering the design
- Limitations
  - Foundry has access to information required to produce IC
    - Reverse engineer IC
    - Verproduce ICs
  - Design can be used as black-box



J. Rajendran, M. Sam, O. Sinanoglu, and R. Karri "Security Analysis of Integrated Circuit Camouflaging," in the proceedings of the ACM SIGSAC conference on Computing & communications security, pp. 709-720, 2013.

- Introduction to Hardware Security
- Logic Encryption
  - Fault Analysis-Based Logic Encryption
  - Reconfigurable Logic Barriers (LUTs)
  - Evaluating the Security of Logic Encryption
- Reduced Overhead Logic Obfuscation
- Design for Trust
- Conclusions



# Logic Encryption

- Inserts key gates into a design
  - Require key for correct operation
- Conceals design information from foundry and untrusted end-users
- Prevents black-box usage
- Increases difficulty to insert a hardware Trojan





# Logic Encryption

- Inserts key gates into a design
  - Require key for correct operation
- Conceals design information from foundry and untrusted end-users
- Prevents black-box usage
- Increases difficulty to insert a hardware Trojan





- Introduction to Hardware Security
- Logic Encryption
  - Fault Analysis-Based Logic Encryption
  - Reconfigurable Logic Barriers (LUTs)
  - Evaluating the Security of Logic Encryption
- Reduced Overhead Logic Obfuscation
- Design for Trust
- Conclusions



# **XOR Based Logic Encryption**

- Add XOR to output of gate
- Requires application of key (KEY0) to function correctly
- XOR acts as buffer when KEY0 = 0
- XOR acts as inverter when KEY0 = 1
- Inverters are added before/after the XOR gate to increase the difficulty of determining KEY0





J. Rajendran, H. Zhang, C. Zhang, G. Rose, Y. Pino, O. Sinanoglu, and R. Karri, "Fault Analysis-Based Logic Encryption," IEEE Transactions on Computers, Vol. 64, No. 2, pp. 410–424, February 2015.

# 2x1 MUX Based Encryption



- Insert 2x1 MUX after gate
- Connect one input to original gate
- Other input is the "false" input from another net in the design

**Drexe** UNIVERSITY J. Rajendran, H. Zhang, C. Zhang, G. Rose, Y. Pino, O. Sinanoglu, and R. Karri, "Fault Analysis-Based Logic Encryption," IEEE Transactions on Computers, Vol. 64, No. 2, pp. 410–424, February 2015.

17

# 50% Hamming Distance Metric



- Maximize output ambiguity seen by adversary
  - Incorrect key produces correct output
  - Incorrect key produces complete corruption
- Modeled as N (number of outputs) choose Q (number of incorrect outputs) probability
  - Maximized when Q = N/2

J. Rajendran, H. Zhang, C. Zhang, G. Rose, Y. Pino, O. Sinanoglu, and R. Karri, "Fault Analysis-Based Logic Encryption," IEEE Transactions on Computers, Vol. 64, No. 2, pp. 410–424, February 2015.

# Evaluation of Gate Selection Algorithm



**Drexel** UNIVERSITY

J. Rajendran, H. Zhang, C. Zhang, G. Rose, Y. Pino, O. Sinanoglu, and R. Karri, "Fault Analysis-Based Logic Encryption," IEEE Transactions on Computers, Vol. 64, No. 2, pp. 410–424, February 2015.

- Introduction to Hardware Security
- Logic Encryption
  - Fault Analysis-Based Logic Encryption
  - Reconfigurable Logic Barriers (LUTs)
  - Evaluating the Security of Logic Encryption
- Reduced Overhead Logic Obfuscation
- Design for Trust
- Conclusions



# LUT Based Logic Encryption



Replace gate with LUT

 Removes the information of the original gate

• Key values determine the functionality of the gate

 Able to implement any 2-input function (more key combinations)



A. Baumgarten, A. Tyagi, and J. Zambreno, "Preventing IC Piracy Using Reconfigurable Logic Barriers," IEEE Design and Test of Computers, Vol. 27, No. 1, pp. 66–75, February 2010.

# Evaluation of ODC and Cut Height Selection





- ODC cut based selection achieves 50% Hamming distance much faster than random selection
- The *α* value of 50 reveals the least amount of information when attacking a single LUT



- Introduction to Hardware Security
- Logic Encryption
  - Fault Analysis-Based Logic Encryption
  - Preventing IC Theft Using Reconfigurable Logic Barriers
  - Evaluating the Security of Logic Encryption
- Reduced Overhead Logic Obfuscation
- Design for Trust
- Conclusions



# Attack Model for Logic Encryption

- Adversary has access to activated IC
  - Use as black-box to determine correct input/output combinations
- Utilize SAT solver to determine valid solutions
  Based on correct input/output constraints
- Divide keys in equivalence classes
  For all input/output constraints that match thus far
- Determine distinguishing input patterns to eliminate key values



# Overview of Attack Algorithm





1)  $\overrightarrow{X_1^d}$  generated as (1,0,1) 2)  $\overrightarrow{Y_1^d}$  evaluated as 1



# **Overview of Attack Algorithm**

Algorithm 4: Logic decryption algorithm **Input:** C and eval **Output:**  $\vec{K}_C$ i := 1; $F_1 = C(\overrightarrow{X}, \overrightarrow{K_1}, \overrightarrow{Y_1}) \land C(\overrightarrow{X}, \overrightarrow{K_2}, \overrightarrow{Y_2});$ while  $sat[F_i \land (\overrightarrow{Y_1} \neq \overrightarrow{Y_2})]$  do  $\overrightarrow{X_i^d} := sat\_assignment_{\overrightarrow{X}}[F_i \land (\overrightarrow{Y_1} \neq \overrightarrow{Y_2})];$ **2)**  $\overrightarrow{Y_i^d} := eval(\overrightarrow{X_i^d});$ **3)**  $F_{i+1} := F_i \wedge C(\overrightarrow{X_i^d}, \overrightarrow{K_1}, \overrightarrow{Y_i^d}) \wedge C(\overrightarrow{X_i^d}, \overrightarrow{K_2}, \overrightarrow{Y_i^d});$ i := i + 1: end  $\overrightarrow{K_C} := sat\_assignment_{\overrightarrow{K_i}}(F_i)$ 



1)  $\overrightarrow{X_1^d}$  generated as (1,0,1) 2)  $\overrightarrow{Y_1^d}$  evaluated as 1 3) (k1, k2) = (0,1)eliminated as valid key



# **Overview of Attack Algorithm**

Algorithm 4: Logic decryption algorithm **Input:** C and eval **Output:**  $\vec{K}_C$ i := 1; $F_1 = C(\overrightarrow{X}, \overrightarrow{K_1}, \overrightarrow{Y_1}) \land C(\overrightarrow{X}, \overrightarrow{K_2}, \overrightarrow{Y_2});$ while  $sat[F_i \land (\overrightarrow{Y_1} \neq \overrightarrow{Y_2})]$  do  $\overrightarrow{X_i^d} := sat\_assignment_{\overrightarrow{Y}}[F_i \land (\overrightarrow{Y_1} \neq \overrightarrow{Y_2})];$ **2)**  $\overrightarrow{Y_i^d} := eval(\overrightarrow{X_i^d});$ **3)**  $F_{i+1} := F_i \wedge C(\overrightarrow{X_i^d}, \overrightarrow{K_1}, \overrightarrow{Y_i^d}) \wedge C(\overrightarrow{X_i^d}, \overrightarrow{K_2}, \overrightarrow{Y_i^d});$ i := i + 1: end  $\overrightarrow{K_C} := sat\_assignment_{\overrightarrow{K_i}}(F_i)$ 



### Second Iteration

 1) \$\vec{X\_2^d}{Y\_2^d}\$ generated as (0,0,0)
 2) \$\vec{Y\_1^d}{Y\_1^d}\$ evaluated as 0
 3) (k1, k2) = (1,1) only valid key



### Susceptibility of Logic Encryption to SAT Attack

28



- XOR/XNOR encryption takes the longest time to solve and number of input/output combinations
- LUT is one the best performing in terms of number of input/output observations
  - Overhead is not constrained
- > 2x1 MUX does not perform well

**Drexel** UNIVERSITY

# Strength of Circuit Security to SAT Attack



- Smaller benchmark C2670 has one of the highest decryption times
- AND gate tree found within design
  - Requires unique distinguishing input for each key value

- Introduction to Hardware Security
- Logic Encryption
- Reduced Overhead Logic Obfuscation
  - **Overhead of Logic Encryption**
  - Gate Level Logic Encryption
- Design for Trust
- Conclusions



# Standard Cell Characterization

- 180 nm technology node characterized
- Standard cells designed for same drive strength
- ▶ 5 fF load driven by each cell

| Standard Cell | Prop. Delay<br>(ps) | Avg. Power<br>(nW) | Avg. Leakage<br>Power (pW) | Area (µm²) |
|---------------|---------------------|--------------------|----------------------------|------------|
| AND           | 69.79               | 70.40              | I 92.5                     | 30.73      |
| NAND          | 36.71               | 72.67              | 149.7                      | 23.25      |
| OR            | 92.90               | 64.52              | 252.3                      | 30.73      |
| NOR           | 42.09               | 96.85              | 193.6                      | 23.25      |
| XOR           | 91.23               | 148.0              | 455.3                      | 45.69      |
| XNOR          | 106.7               | 204.6              | 527.6                      | 41.95      |
| Average       | 73.24               | 109.5              | 295.2                      | 32.60      |



### **XOR** Overhead

### XOR-Based Logic Encryption

- 140.2% Average Performance Overhead
- 85.45% Average Power, 233.9% Average Leakage Power Overhead
- 124.9% Average Area Overhead

| Standard Cell | Prop. Delay | Avg. Power | Avg. Leakage<br>Power | Area   |
|---------------|-------------|------------|-----------------------|--------|
| AND           | 116.8%      | 113.6%     | 250.0%                | 107.4% |
| NAND          | 247.6%      | 95.68%     | 288.1%                | 174.1% |
| OR            | 69.54%      | 170.6%     | 162.2%                | 107.4% |
| NOR           | 219.1%      | 73.98%     | 235.2%                | 174.1% |
| XOR           | 99.28%      | 48.18%     | -                     | 84.95% |
| XNOR          | 88.66%      | 10.61%     | -                     | 101.4% |
| Average       | I 40.2%     | 85.45%     | 233.9%                | 124.9% |



## LUT Overhead

### LUT-Based Logic Encryption

- > 99.82% Average Performance Overhead
- > 73.95% Average Power, 368.2% Average Leakage Power Overhead
- > 197.2% Average Area Overhead

| Standard Cell | Prop. Delay    | Avg. Power | Avg. Leakage<br>Power | Area   |
|---------------|----------------|------------|-----------------------|--------|
| AND           | 75.53%         | 107.4%     | 365.3%                | 194.8% |
| NAND          | 239.4%         | 116.0%     | 462.3%                | 289.6% |
| OR            | 30.03%         | 120.4%     | 242.2%                | 194.8% |
| NOR           | 201.3%         | 63.96%     | 402.9%                | 289.6% |
| XOR           | 35.92%         | 29.59%     | -                     | 98.25% |
| XNOR          | 16.78%         | 6.305%     | -                     | 115.9% |
| Average       | <b>99.82</b> % | 73.95%     | 368.2%                | 197.2% |



- Introduction to Hardware Security
- Logic Encryption
- Reduced Overhead Logic Obfuscation
  - Overhead of Logic Encryption
  - Gate Level Logic Encryption
- Design for Trust
- Conclusions



# Gate Level Logic Encryption

- Design gates with inbuilt encryption
- Significantly lower performance, power, and area overheads of logic encryption
- Allow for more IC designs to implement security without hindering design constraints





# Method 1: Stack-Based Topology

- Transistors connected to output node with key input in order to control functionality
- Benefits from functionality that does not require replicated high and low connections

NAND/NOR Stack-Based Topology



**Truth Table** 

| KEY0 | Α | В | OUT |
|------|---|---|-----|
| 0    | 0 | 0 | I   |
| 0    | 0 | Ι | I   |
| 0    | Ι | 0 | I   |
| 0    | Ι | Ι | 0   |
| I    | 0 | 0 | I   |
| I    | 0 | Ι | 0   |
| I    | Ι | 0 | 0   |
| I    | Ι | Ι | 0   |



# Method 1: Stack-Based Topology

#### **AND/OR Stack-Based Topology**





**Truth Table** 

| KEY0 | Α | В | OUT |
|------|---|---|-----|
| 0    | 0 | 0 | I   |
| 0    | 0 | Т | I   |
| 0    | Ι | 0 | I   |
| 0    | Ι | Ι | 0   |
| I    | 0 | 0 | I   |
| I    | 0 | Ι | 0   |
| I    | Ι | 0 | 0   |
| I    | I | Ι | 0   |

- Input to KEY0 determines the functionality of the gate
- Either the pull-up network (KEY0 = 0) or the pull-down network (KEY0 = 1) is connected to the output node OUT

# Stack-Based Topology Shared Functionality

#### **AND/OR Stack-Based Topology**



#### Truth Table

38



- Common functionality between both the AND and OR gates are shared within the encrypted gate
- Sharing common input/output values reduces the complexity of the encrypted gate
  - Reduces area and power consumption



# Method 2-Transmission Gate Topology

- Transmission gates used to pass keys on certain logic conditions
- Reduces cost of replicated logic
- Removes additional level of logic due to key input transistor

| KEY0 | KEYI | Α | В | Ουτ |
|------|------|---|---|-----|
| 0    | 0    | Х | Х | 0   |
| 0    | I    | 0 | 0 | 0   |
| 0    | I    | 0 | Ι | 0   |
| 0    | I    | Ι | 0 | 0   |
| 0    | I    | Ι | Ι | I   |
| I    | 0    | 0 | 0 | I   |
| I    | 0    | 0 | Ι | I   |
| I    | 0    | Ι | 0 | I   |
| I    | 0    | I | Ι | 0   |
| I    | I    | X | Х | I   |

#### **Truth Table**

#### AND/NAND Transmission Gate Topology





# Method 2-Transmission Gate Topology

40



#### Truth Table



• Transmission gates pass the key value based on the inputs to the gate

#### **AND/NAND** Transmission Gate Topology





# Transmission Gate Topology

**Truth Table** KEY0 **KEYI** Α В OUT Х 0 Х 0 0 0 0 0 L 0 0 0 0 0 0 0 0 0 0 0 L 0 0 0 0 0 0 Х Х

- Unique input combination that produces only a single 0 or 1 output is determined by the bottom path
- Both transmission gates must be on for KEY1 to pass to the output

#### AND/NAND Transmission Gate Topology

41





# **Evaluation of Propagation Delay**



- > Stack-based topology provides average increase of 13.1% in performance
- Transmission gate topology reduces performance by 31.1% on average



### Average Power Consumption to Encrypt Gates



Stack-based provides average reduction of 47.3% in power consumption

Transmission gate reduces power consumption by 40.6% on average



# Area Occupied by Encrypted Gates



- Stack-based topology provides average reduction of 44.4% in used area
- Transmission gate topology reduces used area by 31.7% on average



- Introduction to Hardware Security
- Logic Encryption
- Reduced Overhead Logic Obfuscation
- Design for Trust
- Conclusions



# Integrating Security as Design Constraint

- Implementing hardware security creates tradeoffs with respect to other design constraints
  - > Area
  - Power
  - Performance
  - Design time
- Minimize the cost of adding hardware security to IC design process



46

Security Added



# Logic Encryption Design Flow



- Introduction to Hardware Security
- Logic Encryption
- Reduced Overhead Logic Obfuscation
- Design for Trust
- Conclusions



# Conclusions

- ICs are increasingly vulnerable to third party tampering and threats that include: IC counterfeiting, intellectual property theft, IC overproduction, and insertion of hardware Trojans
- Logic encryption requires a secure and low-overhead solution for wide spread adaptation
- Gate level logic encryption significantly lowers the per-gate overheads of logic encryption
  - Transmission gate topology: 31.1% improvement in performance improvement, 40.6% reduction in power, 31.7% area reduction
  - Stack-based topology: 13.1% improvement in performance, 47.3% reduction in power consumption, 44.4% area reduction
- Our research is focused on improving gate selection and optimization algorithms to create low cost secure designs



# Drexel ICE Laboratory Research

3-D Integrated Circuits

- 3-D/VLSI design methodologies for power and clock network design
- Multi-plane power noise modeling
  - Methodologies to mitigate cross-plane noise coupling

Power management for multidomain, multi-plane delivery
Clock tree synthesis for heterogeneous device planes Heterogeneous Systems Integration

Low Power Circuit Design Hardware - Security and Trust

 Detection of hardware Trojans

 Real time detection through side-channel monitoring
 Prevention of attack through design for trust

- Metrics to quantify gains of implemented security measure

50

- Algorithms and methodologies to obfuscate circuit design
- Techniques to protect analog circuits
   Securing FPGA functionality from theft

-Near-threshold circuits (NTC) for low-power applications - Implement circuit families including CMOS and

current mode logic in NTC

-Modify circuit techniques and methodologies for NTC

- Gate and circuit modifications to assure timing closure while meeting area constraints



# Thank you

