Netlist reverse engineering for high-level functionality reconstruction

Meade, Travis; Zhang, Shaojie; Jin, Yier

doi:10.1109/aspdac.2016.7428086

Cited by 67 publications

(25 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Note that the aforementioned surveys primarily focus on HT threats and corresponding HT detection (such as reverse engineering [40]- [43], logic testing [44], [45], and sidechannel analysis [46]- [49]) and prevention (such as detection assistance [50]- [52] and implantation prevention [53]- [55]) techniques. Compared with the existing surveys, this paper intends to review the specific HT threats and defense solutions from a different perspective of SoC life cycle.…”

Section: B Motivation and Contributionsmentioning

confidence: 99%

“…Moreover, non-destructive reverse engineering, which attempts to reverse the gate-level netlist of an IC design into a high-level description of the control logic, such as finite state machines [42], [43], [81], has also been investigated. For instance, Li et al proposed reversing the unknown ICs into the input-output track model via behavioral pattern mining and discovering the Trojan circuitry through behavioral pattern matching [82].…”

Section: -Reverse Engineeringmentioning

confidence: 99%

See 1 more Smart Citation

A Survey on Machine Learning Against Hardware Trojan Attacks: Recent Advances and Challenges

et al. 2020

View full text Add to dashboard Cite

The remarkable success of machine learning (ML) in a variety of research domains has inspired academic and industrial communities to explore its potential to address hardware Trojan (HT) attacks. While numerous works have been published over the past decade, few survey papers, to the best of our knowledge, have systematically reviewed the achievements and analyzed the remaining challenges in this area. To fill this gap, this article surveys ML-based approaches against HT attacks available in the literature. In particular, we first provide a classification of all possible HT attacks and then review recent developments from four perspectives, i.e., HT detection, design-for-security (DFS), bus security, and secure architecture. Based on the review, we further discuss the lessons learned in and challenges arising from previous studies. Despite current work focusing more on chip-layer HT problems, it is notable that novel HT threats are constantly emerging and have evolved beyond chips and to the component, device, and even behavior layers, therein compromising the security and trustworthiness of the overall hardware ecosystem. Therefore, we divide the HT threats into four layers and propose a hardware Trojan defense (HTD) reference model from the perspective of the overall hardware ecosystem, therein categorizing the security threats and requirements in each layer to provide a guideline for future research in this direction.

show abstract

Section: B Motivation and Contributionsmentioning

confidence: 99%

Section: -Reverse Engineeringmentioning

confidence: 99%

A Survey on Machine Learning Against Hardware Trojan Attacks: Recent Advances and Challenges

et al. 2020

View full text Add to dashboard Cite

show abstract

“…Gascón et al [GSD + 14] addressed this problem with a templatebased solution. Meade et al [MZJ16] extended FSM reverse engineering by retrieving the state transition function from ASIC gate-level netlists. Wallat et al [WFSP17] presented insights on offensive reverse engineering aspects such as the removal of watermarks and the weakening of stream cipher implementations.…”

Section: Gate-level Netlist Reverse Engineeringmentioning

confidence: 99%

“…While previous solutions offer methods for algorithmic FSM reverse engineering [STGR10,MZJ16], they specifically target non-obfuscated ASIC gate-level netlists. Recently, Meade et al [MZZ + 17] introduced theoretical attack descriptions on several FSM obfuscation schemes (a subset of our schemes covered in Section 4), however, they did not perform a practical evaluation of the aforementioned attacks.…”

Section: Gate-level Netlist Reverse Engineeringmentioning

confidence: 99%

On the Difficulty of FSM-based Hardware Obfuscation

Fyrbiak

Wallat

Déchelotte

et al. 2018

TCHES

View full text Add to dashboard Cite

In today’s Integrated Circuit (IC) production chains, a designer’s valuable Intellectual Property (IP) is transparent to diverse stakeholders and thus inevitably prone to piracy. To protect against this threat, numerous defenses based on the obfuscation of a circuit’s control path, i.e. Finite State Machine (FSM), have been proposed and are commonly believed to be secure. However, the security of these sequential obfuscation schemes is doubtful since realistic capabilities of reverse engineering and subsequent manipulation are commonly neglected in the security analysis. The contribution of our work is threefold: First, we demonstrate how high-level control path information can be automatically extracted from third-party, gate-level netlists. To this end, we extend state-of-the-art reverse engineering algorithms to deal with Field Programmable Gate Array (FPGA) gate-level netlists equipped with FSM obfuscation. Second, on the basis of realistic reverse engineering capabilities we carefully review the security of state-of-the-art FSM obfuscation schemes. We reveal several generic strategies that bypass allegedly secure FSM obfuscation schemes and we practically demonstrate our attacks for a several of hardware designs, including cryptographic IP cores. Third, we present the design and implementation of Hardware Nanomites, a novel obfuscation scheme based on partial dynamic reconfiguration that generically mitigates existing algorithmic reverse engineering.

show abstract

“…Finite State Machine (FSM) from gatelevel netlists. Meade et al [24] extended this technique in order to retrieve the state transition function for the reverse engineered FSMs. In further work, Meade et al [25] developed a technique to separate control unit registers from datapath registers.…”

Section: Gate-level Netlist Reverse Engineeringmentioning

confidence: 99%

Hardware reverse engineering: Overview and open challenges

Fyrbiak

Strauß

Kison

et al. 2017

2017 IEEE 2nd International Verification and Security Workshop (IVSW)

View full text Add to dashboard Cite

Hardware reverse engineering is a universal tool for both legitimate and illegitimate purposes. On the one hand, it supports confirmation of IP infringement and detection of circuit malicious manipulations, on the other hand it provides adversaries with crucial information to plagiarize designs, infringe on IP, or implant hardware Trojans into a target circuit. Although reverse engineering is commonplace in practice, the quantification of its complexity is an unsolved problem to date since both technical and human factors have to be accounted for. A sophisticated understanding of this complexity is crucial in order to provide a reasonable threat estimation and to develop sound countermeasures, i.e. obfuscation transformations of the target circuit, to mitigate risks for the modern IC landscape.The contribution of our work is threefold: first, we systematically study the current research branches related to hardware reverse engineering ranging from decapsulation to gate-level netlist analysis. Based on our overview, we formulate several open research questions to scientifically quantify reverse engineering, including technical and human factors. Second, we survey research on problem solving and on the acquisition of expertise and discuss its potential to quantify human factors in reverse engineering. Third, we propose novel directions for future interdisciplinary research encompassing both technical and psychological perspectives that hold the promise to holistically capture the complexity of hardware reverse engineering.

show abstract

Netlist reverse engineering for high-level functionality reconstruction

Cited by 67 publications

References 18 publications

A Survey on Machine Learning Against Hardware Trojan Attacks: Recent Advances and Challenges

A Survey on Machine Learning Against Hardware Trojan Attacks: Recent Advances and Challenges

On the Difficulty of FSM-based Hardware Obfuscation

Hardware reverse engineering: Overview and open challenges

Contact Info

Product

Resources

About