TY - GEN
T1 - Is robust design-for-security robust enough? attack on locked circuits with restricted scan chain access
AU - Limaye, Nimisha
AU - Sengupta, Abhrajit
AU - Nabeel, Mohammed
AU - Sinanoglu, Ozgur
N1 - Funding Information:
This work was supported by New York University NY/Abu Dhabi Center for Cyber Security and Intel Corporation.
Publisher Copyright:
© 2019 IEEE.
PY - 2019/11
Y1 - 2019/11
N2 - The security of logic locking has been called into question by various attacks, especially a Boolean satisfiability (SAT) based attack, that exploits scan access in a working chip. Among other techniques, a robust design-for-security (DFS) architecture was presented to restrict any unauthorized scan access, thereby, thwarting the SAT attack (or any other attack that relies on scan access). Nevertheless, in this work, we successfully break this technique by recovering the secret key despite the lack of scan access. Our security analysis on a few benchmark circuits protected by the robust DFS architecture demonstrates the effectiveness of our attack; on average ?95% of the key bits are correctly recovered, and almost 100% in most cases. To overcome this and other prevailing attacks, we propose a defense by making fundamental changes to the robust DFS technique; the new defense can withstand all logic locking attacks. We observe, on average, lower area overhead (?1.65%) than the robust DFS design (?5.15%), and similar test coverage (?99.88%).
AB - The security of logic locking has been called into question by various attacks, especially a Boolean satisfiability (SAT) based attack, that exploits scan access in a working chip. Among other techniques, a robust design-for-security (DFS) architecture was presented to restrict any unauthorized scan access, thereby, thwarting the SAT attack (or any other attack that relies on scan access). Nevertheless, in this work, we successfully break this technique by recovering the secret key despite the lack of scan access. Our security analysis on a few benchmark circuits protected by the robust DFS architecture demonstrates the effectiveness of our attack; on average ?95% of the key bits are correctly recovered, and almost 100% in most cases. To overcome this and other prevailing attacks, we propose a defense by making fundamental changes to the robust DFS technique; the new defense can withstand all logic locking attacks. We observe, on average, lower area overhead (?1.65%) than the robust DFS design (?5.15%), and similar test coverage (?99.88%).
KW - ATPG
KW - IP piracy
KW - Logic locking
KW - SAT attack
KW - Scan chain
UR - http://www.scopus.com/inward/record.url?scp=85077799306&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85077799306&partnerID=8YFLogxK
U2 - 10.1109/ICCAD45719.2019.8942047
DO - 10.1109/ICCAD45719.2019.8942047
M3 - Conference contribution
AN - SCOPUS:85077799306
T3 - IEEE/ACM International Conference on Computer-Aided Design, Digest of Technical Papers, ICCAD
BT - 2019 IEEE/ACM International Conference on Computer-Aided Design, ICCAD 2019 - Digest of Technical Papers
PB - Institute of Electrical and Electronics Engineers Inc.
T2 - 38th IEEE/ACM International Conference on Computer-Aided Design, ICCAD 2019
Y2 - 4 November 2019 through 7 November 2019
ER -