? 矛与盾:集成电路伪装技术的发展历程
Journal of Computer Science and Technology
Quick Search in JCST
 Advanced Search 
      Home | PrePrint | SiteMap | Contact Us | Help
 
Indexed by   SCIE, EI ...
Bimonthly    Since 1986
Journal of Computer Science and Technology 2018, Vol. 33 Issue (1) :42-57    DOI: 10.1007/s11390-018-1807-6
Computer Architecture and Systems << Previous Articles | Next Articles >>
矛与盾:集成电路伪装技术的发展历程
Xue-Yan Wang1, Student Member, ACM, IEEE, Qiang Zhou1,*, Senior Member, CCF, Member, ACM, IEEE, Yi-Ci Cai1, Senior Member, CCF, Member, IEEE, Gang Qu2, Senior Member, IEEE
1 Department of Computer Science and Technology, Tsinghua University, Beijing 100084, China;
2 Department of Electrical and Computer Engineering, University of Maryland, College Park, MD 20740, U.S.A
Spear and Shield: Evolution of Integrated Circuit Camouflaging
Xue-Yan Wang1, Student Member, ACM, IEEE, Qiang Zhou1,*, Senior Member, CCF, Member, ACM, IEEE, Yi-Ci Cai1, Senior Member, CCF, Member, IEEE, Gang Qu2, Senior Member, IEEE
1 Department of Computer Science and Technology, Tsinghua University, Beijing 100084, China;
2 Department of Electrical and Computer Engineering, University of Maryland, College Park, MD 20740, U.S.A

摘要
参考文献
相关文章
Download: [PDF 864KB]  
摘要 知识产权保护是硬件安全的核心问题之一。然而,半导体行业仍然缺乏有效和主动的防御措施来防止基于逆向工程的电路剽窃。集成电路伪装技术填补了这一空白,它用专门设计的逻辑单元(称为伪装门)代替电路中的一些传统的逻辑门而不改变电路的功能。伪装的门可以执行不同的逻辑功能且保持相同的外观,从而防止攻击者直接通过逆向工程工具获取电路的设计信息。自2012年首次被提出以来,电路伪装技术已经成为硬件安全研究的热点之一,且主要集中在两个基本问题上。如何选择伪装门的类型,并决定在哪里插入它们,以便同时最小化性能开销同时最大化逆向攻击复杂性?攻击者如何还原被伪装的电路并完成逆向工程攻击?在这篇文章中,我们回顾了电路伪装技术发展中的攻击和防御技术,即矛与盾。我们首先介绍了基于真/假连接,静态随机存取存储器,掺杂和新兴器件四种不同类型伪装单元的设计方法。然后详细阐述了四种具有代表性的攻击方法:暴力枚举攻击,基于测试技术的攻击,基于可满足性问题的攻击和基于电路划分的攻击,以及相应的防御方法:基于干扰的伪装,CamoPerturb,基于与树的伪装,和基于等价类的伪装。我们认为,目前的重点研究工作应该是减少电路伪装引起的开销,并防御可能的还原攻击。我们指出,探索新型器件的特征并用来设计伪装单元是一个值得探索的方向。最后,作为对电路伪装技术的补充,我们总结了当前其他先进的电路保护技术。
关键词电路伪装   逆向工程   知识产权保护   硬件安全     
Abstract: Intellectual property (IP) protection is one of the hardcore problems in hardware security. Semiconductor industry still lacks effective and proactive defense to shield IPs from reverse engineering (RE) based attacks. Integrated circuit (IC) camouflaging technique fills this gap by replacing some conventional logic gates in the IPs with specially designed logic cells (called camouflaged gates) without changing the functions of the IPs. The camouflaged gates can perform different logic functions while maintaining an identical look to RE attackers, thus preventing them from obtaining the layout information of the IP directly from RE tools. Since it was first proposed in 2012, circuit camouflaging has become one of the hottest research topics in hardware security focusing on two fundamental problems. How to choose the types of camouflaged gates and decide where to insert them in order to simultaneously minimize the performance overhead and optimize the RE complexity? How can an attacker de-camouflage a camouflaged circuit and complete the RE attack? In this article, we review the evolution of circuit camouflaging through this spear and shield race. First, we introduce the design methods of four different kinds of camouflaged cells based on true/dummy contacts, static random access memory (SRAM), doping, and emerging devices, respectively. Then we elaborate four representative de-camouflaging attacks:brute force attack, IC testing based attack, satisfiability-based (SAT-based) attack, and the circuit partition based attack, and the corresponding countermeasures:clique-based camouflaging, CamoPerturb, AND-tree camouflaging, and equivalent class based camouflaging, respectively. We argue that the current research efforts should be on reducing overhead introduced by circuit camouflaging and defeating de-camouflaging attacks. We point out that exploring features of emerging devices could be a promising direction. Finally, as a complement to circuit camouflaging, we conclude with a brief review of other state-of-the-art IP protection techniques.
Keywordscircuit camouflaging   reverse engineering   intellectual property (IP) protection   hardware security     
Received 2017-03-22;
本文基金:

This work is supported by the National Natural Science Foundation of China under Grant No. 61774091. Gang Qu is supported in part by Air Force Office of Scientific Research Multi-University Research Initiative of USA under Award No. FA9550-14-1-0351.

通讯作者: Qiang Zhou     Email: zhouqiang@mail.tsinghua.edu.cn
About author: Xue-Yan Wang received her B.S. degree in computer science and technology from Shandong University, Jinan, in 2013. She is currently pursuing her Ph.D. degree from the Department of Computer Science and Technology, Tsinghua University, Beijing. She is involved in research with the EDA (Electronic Design Automation) Laboratory. From 2015 to 2016, she was a visiting student in University of Maryland, College Park, MD, USA. Her current research interests include hardware security and efficient algorithms for VLSI physical design.
引用本文:   
Xue-Yan Wang, Qiang Zhou, Yi-Ci Cai, Gang Qu.矛与盾:集成电路伪装技术的发展历程[J]  Journal of Computer Science and Technology , 2018,V33(1): 42-57
Xue-Yan Wang, Qiang Zhou, Yi-Ci Cai, Gang Qu.Spear and Shield: Evolution of Integrated Circuit Camouflaging[J]  Journal of Computer Science and Technology, 2018,V33(1): 42-57
链接本文:  
http://jcst.ict.ac.cn:8080/jcst/CN/10.1007/s11390-018-1807-6
Copyright 2010 by Journal of Computer Science and Technology