A hardware Trojan insertion prevention method based on layout filling with A2-RO circuit
-
摘要:
集成电路芯片制造过程中,攻击者可以利用电路版图中的空白区域植入硬件木马。为此,提出了一种基于A2-RO电路版图填充的硬件木马抗植入方法, 以减小电路版图中的空白区域为防护目标,设计了能够动态监测稀有节点翻转情况的功耗表征结构A2-RO,并提出了迭代填充算法及路径构建算法,通过在电路版图的空白区域中智能化地构建A2-RO电路,提高了电路的安全防护水平。基于SMIC 180 nm工艺,以ISCAS’85和ISCAS’89中的基准电路作为研究对象进行仿真验证。仿真结果表明:版图填充后,芯片的面积利用率提高至95%以上,剩余空白区域无法填充最小尺寸的标准单元。A2-RO电路移除攻击后的侧信道电流变化值为1.921 mA,有效实现了对版图空白区域的防护。版图填充的额外布线资源开销可控制在7%以内,对关键路径延时的影响在1.2%以内。
Abstract:During the chip manufacturing process of integrated circuits, attackers can use blank areas in the circuit layout to implant hardware Trojans. For this reason, this paper proposes a method to prevent inserting hardware Trojans by filling the layout with A2-RO circuit. The goal of protection is reducing the blank areas in the circuit layout. This paper designs the power consumption characterization structure named A2-RO that can dynamically monitor the flipping of rare nodes. And the iterative filling algorithm and the path construction algorithm are proposed. We construct the A2-RO circuit in the blank area intelligently to improve the security level of the circuit. We apply the benchmark circuits in ISCAS'85 and ISCAS'89 as the research object for simulation based on the SMIC 180 nm process. The simulation results show that after filling the layout, the area utilization rate of the chip will be increased to more than 95%, and the remaining blank area cannot be filled with the smallest standard cell. After the removal attack of A2-RO circuit, the change of side channel current is 1.921 mA. The A2-RO circuit can effectively protect the blank areas. The additional routing overhead for layout filling can be controlled within 7%, and the impact on the critical path delay is within 1.2%.
-
Key words:
- integrated circuit /
- hardware Trojan /
- layout filling /
- rare node /
- standard cell
-
表 1 标准单元信息
Table 1. Standard cell information
标准单元名称 高度/μm 宽度/μm INVX1 5.04 1.32 INVX2 5.04 1.98 INVX3 5.04 2.64 INVX8 5.04 3.96 INVX12 5.04 8.58 AND2X1 5.04 2.64 A2 5.04 18.48 表 2 基准电路填充结果
Table 2. Reference circuit filling results
基准电路 初始面积利用率/% 最终面积利用率/% A2数目/个 逻辑单元数目/个 c6288 84.90 95.43 4 105 90.03 97.35 2 67 c7552 84.97 95.71 4 104 90.08 96.79 2 62 s1423 85.21 95.90 2 82 90.31 96.90 2 52 s13207 85.90 95.88 18 618 90.10 96.41 13 445 -
[1] GUIN U, ZHOU Z, SINGH A. Robust design-for-security architecture for enabling trust in IC manufacturing and test[J]. IEEE Transactions on Very Large Scale Integration Systems, 2018, 26(5): 818-830. doi: 10.1109/TVLSI.2018.2797019 [2] YASIN M, RAJENDRAN J, SINANOGLU O, et al. On improving the security of logic locking[J]. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 2016, 35(9): 1411-1424. doi: 10.1109/TCAD.2015.2511144 [3] ZHANG J L, QU G. Recent attacks and defenses on FPGA-based systems[J]. ACM Transactions on Reconfigurable Technology and Systems, 2019, 12(3): 1-25. [4] HOSSEIN-TALAEE H, JAHANIAN A. Layout vulnerability reduction against Trojan insertion using security-aware white space distribution[C]//2017 IEEE Computer Society Annual Symposium on VLSI. Piscataway: IEEE Press, 2017, 1: 551-555. [5] SALMANI H, TEHRANIPOOR M. Vulnerability analysis of a circuit layout to hardware Trojan insertion[J]. IEEE Transactions on Information Forensics and Security, 2016, 11(6): 1214-1225. doi: 10.1109/TIFS.2016.2520910 [6] 黄钊, 王泉, 杨鹏飞. 硬件木马: 关键问题研究进展及新动向[J]. 计算机学报, 2019, 42(5): 67-91. https://www.cnki.com.cn/Article/CJFDTOTAL-JSJX201905005.htmHUANG Z, WANG Q, YANG P F. Hardware Trojan: Research progress and new trends on key problems[J]. Chinese Journal of Computers, 2019, 42(5): 67-91(in Chinese). https://www.cnki.com.cn/Article/CJFDTOTAL-JSJX201905005.htm [7] LI H, LIU Q, ZHANG J L. A survey of hardware Trojan threat and defense[J]. Integration, 2016, 55: 426-437. doi: 10.1016/j.vlsi.2016.01.004 [8] COCCHI R P, BAUKUS J P, CHOW L W, et al. Circuit camouflage integration for hardware IP protection[C]//2014 51st ACM/EDAC/IEEE Design Automation Conference. Piscataway: IEEE Press, 2014: 1-5. [9] XIAO K, FORTE D, TEHRANIPOOR M. A novel built-in self-authentication technique to prevent inserting hardware Trojans[J]. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, 2014, 33(12): 1778-1791. doi: 10.1109/TCAD.2014.2356453 [10] BA P S, DUPUIS S, PALANICHAMY M, et al. Hardware trust through layout filling: A hardware Trojan prevention technique[C]//2016 IEEE Computer Society Annual Symposium on VLSI. Piscataway: IEEE Press, 2016: 254-259. [11] SUPON T M, SEYEDBARHAGH M, RASHIDZADEH R, et al. Hardware Trojan prevention through limiting access to the active region[C]//14th International Conference on Design & Technology of Integrated Systems in Nanoscale Era. Piscataway: IEEE Press, 2019: 1-6. [12] LIU Y, ZHAO Y, HE J, et al. A statistical test generation based on mutation analysis for improving the hardware Trojan detection[J]. Journal of Circuits, Systems and Computers, 2020, 29(3): 10-25. [13] YANG K, HICKS M, DONG Q, et al. A2: Analog malicious hardware[C]//Security & Privacy. Piscataway: IEEE Press, 2016: 18-37. [14] SAHA S, CHAKRABORTY R S, NUTHAKKI S S, et al. Improved test pattern generation for hardware Trojan detection using genetic algorithm and boolean satisfiability[C]//International Workshop on Cryptographic Hardware and Embedded Systems. Berlin: Springer, 2015: 577-596. [15] 赵永嘉, 戴树岭. 基于图像骨架和贪婪算法的无人机航路规划[J]. 北京航空航天大学学报, 2010, 36(4): 474-477. https://bhxb.buaa.edu.cn/CN/Y2010/V36/I4/474ZHAO Y J, DAI S L. Unmanned aircraft vehicle path planning based on image skeleton and greedy algorithm[J]. Journal of Beijing University of Aeronautics and Astronautics, 2010, 36(4): 474-477(in Chinese). https://bhxb.buaa.edu.cn/CN/Y2010/V36/I4/474 [16] 李红, 张志宾. 基于快速模拟退火的组合聚类算法[J]. 北京航空航天大学学报, 2019, 45(8): 1646-1652. doi: 10.13700/j.bh.1001-5965.2018.0647LI H, ZHANG Z B. Ensemble clustering algorithm based on rapid simulated annealing[J]. Journal of Beijing University of Aeronautics and Astronautics, 2019, 45(8): 1646-1652(in Chinese). doi: 10.13700/j.bh.1001-5965.2018.0647