Deep Learning Analysis for Split-Manufactured Layouts with Routing Perturbation

Haocheng Li, Satwik Patnaik, Mohammed Ashraf, Haoyu Yang, Johann Knechtel, Bei Yu, Ozgur Sinanoglu, Evangeline F.Y. Young

Research output: Contribution to journalArticlepeer-review


Split manufacturing of integrated circuits means to delegate the front-end-of-line (FEOL) and back-end-of-line (BEOL) parts to different foundries, in order to prevent overproduction, intellectual property (IP) piracy, or targeted insertion of hardware Trojans (i.e., threats arising from adversaries in the FEOL foundry). This article challenges the security promise of split manufacturing by formulating various layout-level placement and routing hints as vector-based and image-based features that enable a sophisticated deep neural network (DNN), which can infer the missing BEOL connections with high accuracy. Compared with the network-flow attack (Wang et al., 2018), we achieve on average $1.21 \times $ and $1.12 \times $ of their correct connection rate (CCR; the higher, the better) when splitting after M1 and M3, respectively, with less than 1% of their runtime (across the same set of ISCAS-85 and ITC-99 benchmarks). Compared with Zeng et al. (2019), ours reduces the candidate list (the smaller, the better) by 47% with only 1% loss of accuracy, and we further achieve an average CCR of $2.2 \times $ of that of Zeng et al. (2019). Aside from these superior results, we propose a randomized, routing-blockage-centric defense strategy to escalate the resilience against our and other attacks. Our defense strategy, which can be integrated into any commercial design flow, leads on average to $22.78~pp$ (percentage points) degradation in CCR when compared with unprotected layouts, while inducing only 3.3% and 3.2% overheads on power and timing, respectively, within the same die outlines (i.e., zero area cost). The source code of our heterogeneous feature extraction is available at, and the source code of our DNN is available at

Original languageEnglish (US)
Pages (from-to)1995-2008
Number of pages14
JournalIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
Issue number10
StatePublished - Oct 2021


  • Deep learning (DL)
  • feature extraction
  • hardware security
  • intellectual property (IP) protection
  • routing perturbation
  • split manufacturing
  • very large scale integration (VLSI)

ASJC Scopus subject areas

  • Software
  • Computer Graphics and Computer-Aided Design
  • Electrical and Electronic Engineering


Dive into the research topics of 'Deep Learning Analysis for Split-Manufactured Layouts with Routing Perturbation'. Together they form a unique fingerprint.

Cite this