Elsevier

Integration

Volume 74, September 2020, Pages 93-106
Integration

A cellular automata guided two level obfuscation of Finite-State-Machine for IP protection

https://doi.org/10.1016/j.vlsi.2020.04.001Get rights and content

Highlights

  • The paper presents a Cellular Automata (CA) guided Finite State Machine obfuscation strategy using a special class of non-group CA, called D1 ∗ CA and its dual counterpart D1 ∗ CAdual.

  • Unlike the existing FSM obfuscation strategies, our technique does not rely on obfuscation mode state-transitions to obfuscate the FSM. Instead, we propose a key-based obfuscation to obfuscate each state-transition of the FSM.

  • We also offer a second layer of protection by logically encrypting the state-transition logic of the FSM.

  • Unlike the scan-based designs, our technique does not expose the internal state-elements to the attackers, thus offers better protection against scan-based side-channel attacks.

  • An in-depth security analysis shows the proposed method can prevent the state-of-the-art reverse engineering attacks, SAT, and circuit unrolling attacks.

Abstract

A popular countermeasure against IP piracy is to obfuscate the Finite State Machine (FSM) which is assumed to be the heart of a digital system. Most of the existing FSM obfuscation strategies rely on additionally introduced set of obfuscation mode state-transitions to protect the original state-transitions of the FSM. Although these methods assume that it is difficult to extract the FSM behavior from the flattened gate-level netlist, some recent reverse engineering attacks could successfully break the defense of these schemes. The capability of differentiating obfuscation mode state-transitions from normal mode state-transitions makes these attacks powerful. As a countermeasure against these attacks, we propose a new strategy that offers a key-based obfuscation to each state-transition of the FSM. We use a special class of non-group additive cellular automata (CA), called D1 ∗ CA, and it's counterpart D1∗CAdual to obfuscate each state-transition of the FSM. Each state-transition has its own customized key, which must be configured correctly in order to get correct state-transition behavior from the synthesized FSM. A second layer of protection to the state-transition logic enhances the security of the proposed scheme. An in-depth security analysis of the proposed easily testable key-controlled FSM synthesis scheme demonstrates its ability to thwart the majority of the state-of-the-art attacks, such as FSM reverse engineering, SAT, and circuit unrolling attacks. Thus, the proposed scheme can be used for IP protection of the digital designs. Experimentations on various IWLS′93 benchmark FSM designs show that the average area, power, and delay overheads our proposed multi-bit key-based obfuscated FSM design are 56.43%, 6.87%, and 23.41% while considering the FSMs as standalone circuits. However, experimentation on the Amber23 processor core shows these overheads drastically reduce (reported area, power, and delay overheads values are 0.0025%, 0.44%, and 0%, respectively) while compared with respect to the entire design.

Introduction

The current global business model of the semiconductor industry divulges the Intellectual Property (IP) of a design to multiple third-party agents involved in different phases of IC development. Especially, the fabrication of the ICs are often outsourced to dedicated specialist fab houses. Many leading companies do not have their in-house foundries. They rely on several offshore fablabs for the fabrication of their chips. Not only that, recently test, assembly and packaging services are also outsourced to outsourced assembly and test (OSAT) companies such as ASE [1], Amkor [2], STATS ChipPAC [3] etc. While the involvement of various third-party foundries and OSAT companies ensures better technology at a lower price, at the same time, it also reinforces the inevitable concern of IP piracy, counterfeiting, and reverse engineering, resulting in a loss of several billions of dollars every year [4]. As a countermeasure, several IP protection schemes have been proposed in the literature [[5], [6], [7], [8], [9], [10], [11], [12], [13], [14], [15], [16], [17]], which mainly rely on obfuscating the Register-Transfer-Level (RTL) or gate-level netlist of the design.

Gate level obfuscation, which is popularly known as logic encryption/locking, inserts some additional logic elements to obfuscate the design [[5], [6], [7], [8], [9], [10], [11], [16], [17]]. These logic elements are called key-gates, which can be either XOR/XNOR gate or AND/OR gate, MUX, look-up-table (LUT) etc. These key-gates require additional inputs, called key-inputs. The obfuscated design exhibits correct functionality only under the application of the correct key, which is the designer's secret. Without the knowledge of the correct key, an unauthorized agent cannot use or redistribute the illegally acquired IP of a design. However, time and again, the security of different logic locking strategies have been questioned by various attacks [7,[18], [19], [20]]. Among them, the Boolean Satisfiability (SAT) based attack has tremendous power of breaking virtually all possible logic lockings [18]. Despite several works in this field, the never-ending cat-and-mouse race between the attacks and defence strategies shows that the semiconductor industry is still missing a robust logic locking technique.

On the other hand, RTL-level obfuscation offers protection at a higher abstraction level [[12], [13], [14], [15]]. RTL-level obfuscation primarily obfuscates the Finite-State-Machine (FSM) of a design. FSM being the primary building block of a sequential circuit, it is a popular choice to obfuscate the FSM to conceal the entire functionality of the design. Several FSM obfuscation strategies have been proposed in the literature [[12], [13], [14], [15]]. However, various recent attacks [[21], [22], [23], [24]] could successfully break the defense of these FSM obfuscation techniques. The primary objective of this paper is to overcome the limitations of the existing schemes by proposing a novel FSM obfuscation strategy, which can combat the state-of-the-art attacks, such as FSM reverse engineering, SAT, and circuit unrolling attacks.

Before presenting our FSM obfuscation strategy, we first investigate the resilience of the existing FSM obfuscation techniques against several reverse-engineering attacks. Section 2 presents this detailed discussion of the existing literature. Section 3 highlights the motivation of the present work and summarizes the contribution of the paper. Section 4 introduces the basics of Cellular Automata (CA) and testable FSM design techniques using a special class of CA called D1 ∗ CA. The obfuscation strategy of D1 ∗ CA based FSM design is presented in Section 5, which obfuscates each state-transition of the FSM using a single-bit key. Section 6 extends this scheme to a multi-bit key-based obfuscation, which offers better protection compared to the single-bit key-based strategy. Section 7 shows how this proposed reconfigurable D1 ∗ CA based FSM design can be used for both obfuscated state-transition and testing the FSM. Section 8 shows how the proposed single-bit and multi-bit key-based obfuscations work on an FSM benchmark circuit. Section 9 presents an in-depth security analysis of our proposed scheme, followed by the experimental results in Section 10. Finally, Section 11 concludes the proposed work.

Section snippets

Related works on FSM obfuscation

One of the preliminary works in FSM obfuscation was proposed in Ref. [12], which is popularly known as HARPOON. This method modifies the original FSM with a set of preceding states that form an obfuscation mode, which must be traversed in a correct order to reach the initial state of the original FSM. The traversal order is the designer's secret, without the knowledge of which the FSM enters into a black hole state. The input sequence required to be applied to reach the original start state S0

Motivation and contribution

One important observation about the FSM obfuscation schemes discussed so far is that all of them augment the original FSM with a preceding obfuscation mode, which must be traversed in a correct sequence by applying a correct enabling key to reach the initial state of the original FSM. Minimal transitions between obfuscation mode and normal mode, as well as no return path from the so-called black hole states to the original states, help the reverse engineering attacks identifying the original

Basics of Finite State Machine and cellular automata

Finite State Machine: An FSM consists of a finite number of states and transitions between them. Formally, an FSM is a computational model which can be defined using a 6-tuple (S,I,δ,s0,O,λ), where S represents a finite set of states, I is the set of all possible input combinations, δ:S×IS is the state transition function, s0 ∈ S is the initial state, O is the finite set of output symbols, and λ:S×IO is the output function. An FSM can be in exactly one of a finite number of states at any

Proposed obfuscation strategy of D1 ∗ CA based FSM design

In the previous section, we have observed that a dual CA can be obtained by complementing the XOR function of an odd number of CA-cells. Interestingly, the same CA structure can be used for both D1 ∗ CA and D1CAdualA. Only an external input CA is required to use the left-most CA cell as a reconfigurable XOR/XNOR gate. We can also choose to make a different XOR gate reconfigurable. For example, a different dual-CA can be obtained by complementing the 3rd leftmost CA-cell, which can be

FSM obfuscation using multi-bit key

So far, we have observed that a single-bit external control input (Ckey) has been used to obfuscate each state-transition of the FSM. This single-bit input modifies an XOR gate (the 3rd one from the left in Fig. 1) of the XOR Logic to a reconfigurable XOR/XNOR gate, resulting in two possible next states based on the value of Ckey. However, the designer may wish to introduce reconfiguration into more number of XOR gates of the XOR Logic. In fact, for a n-cell CA, a n-bit key can reconfigure all

Different modes of operation

The synthesized FSM works in two modes: 1) FSM Mode, and 2) Test Mode. FSM Mode uses the Interrupt Mode in D1 ∗ CA to perform normal state transitions of the original FSM, which are controlled by the Interrupt Vectors and Cmkey. On the other hand, Test Mode masks the Interrupt Vectors, and eventually runs the CA in Autonomous Modes of D1 ∗ CA and D1CAdualA, which are controlled by CA (As CA controls the Test Mode, we name it as Ctest). Fig. 10 shows the test infrastructure of a 4-cell D1 ∗ CA/D

Case study

In this section, we demonstrate the entire key-controlled FSM obfuscation scheme on an FSM benchmark train11, which has eleven states, and 25 state-transitions. Since the FSM has eleven states, a reconfigurable 4-cell D1 ∗ CA is required to implement the FSM. Out of sixteen possible codes, eleven codes are assigned to different states of the FSM. Fig. 12 shows the codes assigned to each state by our proposed State Encoding Algorithm. Both single-bit key-based obfuscation (Fig. 13) and multi-bit

Security analysis

In this section, we evaluate the security of our proposed FSM obfuscation scheme.

Experimental results

In this section, we have presented the result of our experimentation on several FSM benchmarks from the IWLS′93 benchmark suite, which are available in KISS2 format. A Python code has been used to implement the proposed state-encoding algorithm. After assigning code to each state of the FSM, another Python code has been used to generate the Interrupt Vectors for each state transition controlled by the key Cmkey. The Interrupt Vectors of all the state-transitions together form the truth-table of

Conclusion

In this paper, we have proposed a Cellular Automata guided FSM obfuscation scheme utilizing two variations of non-group CA, i.e., D1 ∗ CA and D1∗CAdual. The key-controlled obfuscation of each state-transition along with obfuscated Interrupt Logic helps us addressing the shortcomings of the existing FSM obfuscation schemes, which becomes vulnerable to reverse engineering attacks if the adversary can identify the actual initial state of the original FSM. Unlike the DfT based test infrastructure,

CRediT authorship contribution statement

Rajit Karmakar: Conceptualization, Methodology, Software, Data curation, Writing - original draft, Visualization, Investigation, Writing - review & editing. Suman Sekhar Jana: Software, Data curation, Investigation. Santanu Chattopadhyay: Supervision, Writing - review & editing.

Declaration of competing interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Acknowledgement

This work is partially supported by Dept. of Higher Education, Science & Technology and Biotechnology, Govt. of West Bengal, India.

References (29)

  • A. Room

    Silicon Laboratories and Ase Announce Milestone Shipment of 10 Million Tested Integrated Circuits

    (2014)
  • M. Berry et al.

    Outsourcing TestWhat Are the Most Valuable Engagement Periods?

    (2014)
  • Test services

  • Trends in the global ic design service market, DIGITIMES Research

  • J.A. Roy et al.

    Epic: ending piracy of integrated circuits

  • J. Rajendran et al.

    Fault analysis-based logic encryption

    IEEE Trans. Comput.

    (2015)
  • M. Yasin et al.

    On improving the security of logic locking

    IEEE TCAD

    (2015)
  • R. Karmakar et al.

    Encrypt flip-flop: a novel logic encryption technique for sequential circuits

  • R. Karmakar et al.

    A new logic encryption strategy ensuring key interdependency

  • R. Karmakar et al.

    On finding suitable key-gate locations in logic encryption

  • R. Karmakar et al.

    Enhancing security of logic encryption using embedded key generation unit

  • R.S. Chakraborty et al.

    Harpoon: an obfuscation-based soc design methodology for hardware protection

    IEEE Trans. CAD Integrated Circuits Syst.

    (2009)
  • Y. Alkabani et al.

    Active hardware metering for intellectual property protection and security

  • J. Dofe et al.

    Novel dynamic state-deflection method for gate-level design obfuscation

    TCAD

    (2018)
  • Cited by (4)

    • Cellular automata-based multi-objective hybrid grey wolf optimization and particle swarm optimization algorithm for wellbore trajectory optimization

      2021, Journal of Natural Gas Science and Engineering
      Citation Excerpt :

      A mobile space clarifies how cells are connected. In two-dimensional CA, a lattice arrangement is applied to represent the space (Zheng et al. 2019; Karmakar et al. 2020; Chaudhuri et al., 1997). In a multi-objective case, the Algorithm provides the solution of all objective functions for each particle based on the Pareto optimality that produces leaders to guide the particles.

    • Practical Implementation of Robust State-Space Obfuscation for Hardware IP Protection

      2024, IEEE Transactions on Very Large Scale Integration (VLSI) Systems
    • Text-to-speech on health monitoring bracelet for the visually impaired

      2023, Bulletin of Electrical Engineering and Informatics
    • Hardware IP Protection Using Logic Encryption and Watermarking

      2020, Proceedings - International Test Conference

    A preliminary version of this paper has been presented at Design Automation Conference (DAC) 2019 [29].

    View full text