#### 1/20

# Reversible Denial-of-Service by Locking Gates Insertion for IP Cores Design Protection

### Brice Colombier\*, Lilian Bossuet\*, David Hély+

\*Laboratoire Hubert Curien Université Jean Monnet Saint-Étienne – France

<sup>+</sup>LCIS, Grenoble Institute of Technology Valence - France







## Outline



2 Logic locking

**3** Implementation results



Context and state-of-the-art

### **Design-and-reuse paradigm**



### Problem

The designer cannot control **how many times** the IP is used.

- Overusing,
- Illegal copying.

### **One solution**

Make the IP unusable unless it has been previously **activated**.  $\Rightarrow$  Illegal copies are useless.

# Logic masking

In 2008, Roy et al.<sup>1</sup> proposed to **randomly** insert XOR/XNOR gates in the netlist.



<sup>&</sup>lt;sup>1</sup>Roy, Koushanfar, Markov EPIC: Ending Piracy of Integrated Circuits Design, Automation and Test in Europe, 2008

# Logic masking

In 2013, Rajendran et al.<sup>2</sup> improved the **node selection** method.

# Fault analysis-based node selection

- Requires a fault simulator,
- Computationally expensive.

<sup>&</sup>lt;sup>2</sup> Rajendran, Zhang, Rose, Pino, Sinanoglu, Karri Fault analysis-based logic encryption IEEE Transactions on Computers, 2013

<sup>&</sup>lt;sup>3</sup>Plaza, Markov Protecting Integrated Circuits from Piracy with Test-aware Logic Locking International Conference on Computer Aided Design, 2014

# Logic masking

In 2013, Rajendran et al.<sup>2</sup> improved the **node selection** method.

# Fault analysis-based node selection

- Requires a fault simulator,
- Computationally expensive.

## Security flaw

There is a **gradient** towards the correct key.

# A hill climbing attack <sup>3</sup> can be mounted.

<sup>&</sup>lt;sup>2</sup> Rajendran, Zhang, Rose, Pino, Sinanoglu, Karri Fault analysis-based logic encryption IEEE Transactions on Computers, 2013

<sup>&</sup>lt;sup>3</sup>Plaza, Markov Protecting Integrated Circuits from Piracy with Test-aware Logic Locking International Conference on Computer Aided Design, 2014

# Protecting IP cores by inserting extra gates

## Where are we?

- Insertion methods are expensive,
- Security level is very low.

## Each has its role:

**Security** : relies on a **cryptographic primitive**. **Disabling** : specific masking/**locking** module.



# 2 Logic locking

**3** Implementation results



Logic locking



Logic locking



Logic locking



Logic locking



Logic locking

## What is logic locking?



## Principle

Propagating a **locking value** through a sequence of nodes. Forcing an internal node **locks a primary output**.

### Condition

For all the nodes in the sequence (orange nodes):  $V_{forced} \in V_{locks}$ (The nodes in the sequence are **forced** to a logic value that **locks** the following logic gate) Reversible Denial-of-Service by Locking Gates Insertion for IP Cores Design Protection  $\square$  Logic locking

## Which node should be forced?

1st step: Build a graph from the netlist.



| Conversion |               |          |
|------------|---------------|----------|
| Nodes      | $\rightarrow$ | Edges    |
| Gates      | $\rightarrow$ | Vertices |
|            |               |          |

# **Graph labelling**

-

**2nd step:** Label vertices with  $V_{forced}$  and  $V_{locks}$  values.

# Labelling

- *V<sub>forced</sub>* depends on the **preceding** logic gate.
- $V_{locks}$  depends on the **following** logic gate.



| Node | V <sub>forced</sub> | V <sub>locks</sub>   |
|------|---------------------|----------------------|
| G1   | 0                   | 1                    |
| G2   | 0                   | 0                    |
| G3   | 1                   | $\sim V_{locks}(G4)$ |
| G5   | 0                   | {0, 1}               |

# **Graph simplification**

**3rd step:** Delete **incoming edges** of nodes for which  $V_{forced} \notin V_{locks}$ . Those nodes **cannot propagate** the locking value.



# Graph cleaning

4th step: Delete connected components that contain no output.



# **Nodes selection**

In the disconnected final graph, which nodes should be locked?



One source vertex

Select the source vertex.

### **Nodes selection**

In the disconnected final graph, which nodes should be locked?

G6

G3

G7

G4

G8



One source vertex

Multiple source vertices

Select the source vertex.

Select the furthest node spanning all the outputs.

### **Nodes selection**

In the disconnected final graph, which nodes should be locked?





One source vertex

Multiple source vertices

Multiple source vertices not all outputs spanned

Select the source vertex.

Select the furthest node spanning all the outputs.

Sort the nodes w.r.t to the number of outputs they span and select them greedily.

Logic locking

# Locking gates insertion

So far, we have:

- list of nodes to lock,
- associated V<sub>locks</sub> values.







Implementation results

## Outline

Context and state-of-the-art

2 Logic locking

**3** Implementation results

# 4 Conclusion

### Area overhead

**Overhead metric:** percentage of locking gates to add. Implemented on ITC'99 benchmarks (1k to 225k logic gates)



 $\sim 2x$  smaller than logic masking (+5.7%)

# Analysis time

| Benchmark | #logic<br>gates | Fault analysis-based<br>logic masking <sup>2</sup> | Graph analysis-based<br>logic locking |
|-----------|-----------------|----------------------------------------------------|---------------------------------------|
| c432      | 160             | 20min                                              | 0.03s                                 |
| c7552     | 3512            | 4h30min                                            | 0.87s                                 |
| b19_C     | 225k            | Х                                                  | 1h15min                               |



<sup>2</sup> Rajendran, Zhang, Rose, Pino, Sinanoglu, Karri Fault analysis-based logic encryption IEEE Transactions on Computers, 2013

# Security margin

In the final graph, all nodes are available for logic locking.



**More nodes** can be forced to increase locking strength. The designer **tunes** the resources overhead/locking strength **ratio**. Context and state-of-the-art

2 Logic locking

**3** Implementation results



| Reversible Denial-of-Service by Locking Gates Insertion for IP Cores Design Protection |   |
|----------------------------------------------------------------------------------------|---|
| Conclusion                                                                             |   |
|                                                                                        | _ |

# Conclusion

- Graph analysis-based logic locking is a **powerful** way to make the circuit **unusable**,
- The induced resources overhead is low,
- Computationally efficient analysis makes EDA integration simple,
- Logic masking/locking alone is not secure,
- A cryptographic primitive is necessary for security.

All Python scripts are available on the SALWARE project webpage<sup>4</sup>.

<sup>&</sup>lt;sup>4</sup>http://www.univ-st-etienne.fr/salware/FOGP.html

# Conclusion

- Graph analysis-based logic locking is a **powerful** way to make the circuit **unusable**,
- The induced resources overhead is low,
- Computationally efficient analysis makes EDA integration simple,
- Logic masking/locking alone is not secure,
- A cryptographic primitive is necessary for security.

Questions

All Python scripts are available on the SALWARE project webpage<sup>4</sup>.

<sup>&</sup>lt;sup>4</sup>http://www.univ-st-etienne.fr/salware/FOGP.html