TY - JOUR
T1 - A New Paradigm in Split Manufacturing
T2 - Lock the FEOL, Unlock at the BEOL
AU - Sengupta, Abhrajit
AU - Nabeel, Mohammed
AU - Ashraf, Mohammed
AU - Knechtel, Johann
AU - Sinanoglu, Ozgur
N1 - Funding Information:
Funding: This work is partially sponsored by the New York University/New York University Abu Dhabi (NYU/NYUAD) Center for Cyber Security (CCS). The work of A. Sengupta was supported in part by the Global Ph.D. Fellowship at NYU/NYU AD.
Publisher Copyright:
© 2022 by the authors. Licensee MDPI, Basel, Switzerland.
PY - 2022/6
Y1 - 2022/6
N2 - Split manufacturing was introduced as a countermeasure against hardware-level security threats such as IP piracy, overbuilding, and insertion of hardware Trojans. However, the security promise of split manufacturing has been challenged by various attacks which exploit the well-known working principles of design tools to infer the missing back-end-of-line (BEOL) interconnects. In this work, we define the security of split manufacturing formally and provide the associated proof, and we advocate accordingly for a novel, formally secure paradigm. Inspired by the notion of logic locking, we protect the front-end-of-line (FEOL) layout by embedding secret keys which are implemented through the BEOL in such a way that they become indecipherable to foundry-based attacks. At the same time, our technique is competitive with prior art in terms of layout overhead, especially for large-scale designs (ITC’99 benchmarks). Furthermore, another concern for split manufacturing is its practicality (despite successful prototyping). Therefore, we promote an alternative implementation strategy, based on package-level routing, which enables formally secure IP protection without splitting at all, and thus, without the need for a dedicated BEOL facility. We refer to this as “poor man’s split manufacturing” and we study the practicality of this approach by means of physical-design exploration.
AB - Split manufacturing was introduced as a countermeasure against hardware-level security threats such as IP piracy, overbuilding, and insertion of hardware Trojans. However, the security promise of split manufacturing has been challenged by various attacks which exploit the well-known working principles of design tools to infer the missing back-end-of-line (BEOL) interconnects. In this work, we define the security of split manufacturing formally and provide the associated proof, and we advocate accordingly for a novel, formally secure paradigm. Inspired by the notion of logic locking, we protect the front-end-of-line (FEOL) layout by embedding secret keys which are implemented through the BEOL in such a way that they become indecipherable to foundry-based attacks. At the same time, our technique is competitive with prior art in terms of layout overhead, especially for large-scale designs (ITC’99 benchmarks). Furthermore, another concern for split manufacturing is its practicality (despite successful prototyping). Therefore, we promote an alternative implementation strategy, based on package-level routing, which enables formally secure IP protection without splitting at all, and thus, without the need for a dedicated BEOL facility. We refer to this as “poor man’s split manufacturing” and we study the practicality of this approach by means of physical-design exploration.
KW - logic locking
KW - proximity attack
KW - split manufacturing
UR - http://www.scopus.com/inward/record.url?scp=85130102893&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85130102893&partnerID=8YFLogxK
U2 - 10.3390/cryptography6020022
DO - 10.3390/cryptography6020022
M3 - Article
AN - SCOPUS:85130102893
VL - 6
JO - Cryptography
JF - Cryptography
SN - 2410-387X
IS - 2
M1 - 22
ER -