Abstract
Modern System-on-Chip designs typically use Network-on-Chip (NoC) fabrics to implement coordination among integrated hardware blocks. An important class of security vulnerabilities involves a rogue foundry reverse-engineering the NoC topology and routing logic. In this paper, we develop an infrastructure, ObNoCs, for protecting NoC fabrics against such attacks. ObNoCs systematically replaces router connections with switches that can be programmed after fabrication to induce the desired topology. Our approach provides provable redaction of NoC functionality: switch configurations induce a large number of legal topologies, only one of which corresponds to the intended topology. We implement the ObNoCs methodology on Intel Quartus™ Platform, and experimental results on realistic SoC designs show that the architecture incurs minimal overhead in power, resource utilization, and system latency.
- [1] [n. d.]. Intel Baytrail Products. https://ark.intel.com/content/www/us/en/ark/products/codename/55844/bay-trail.htmlGoogle Scholar
- [2] [n. d.]. Intel Quartus Prime Software. https://www.intel.com/content/www/us/en/products/details/fpga/development-tools/quartus-prime.html/.
[Online] .Google Scholar - [3] [n. d.]. Intel® Agilex™ I-Series FPGA and SoC FPGA. https://www.intel.com/content/www/us/en/products/details/fpga/agilex/i-series/docs.htmlGoogle Scholar
- [4] . 2019. Sweep to the secret: A constant propagation attack on logic locking. In Proceedings of the 2019 IEEE Asian Hardware-Oriented Security and Trust Symposium (AsianHOST’19). IEEE, 1–6. Google ScholarCross Ref
- [5] . 2020. Dana universal dataflow analysis for gate-level netlist reverse engineering. IACR Transactions on Cryptographic Hardware and Embedded Systems 2020, 2 (2020), 129–155.Google Scholar
- [6] . 2021. MuxLink: Circumventing learning-resilient MUX-locking using graph neural network-based link prediction. 2022 Design, Automation & Test in Europe Conference & Exhibition (DATE), 694–699.Google Scholar
- [7] . 2014. Fort-NoCs: Mitigating the threat of a compromised NoC. In Proceedings of the 51st Annual Design Automation Conference (DAC’14). 1–6.Google ScholarDigital Library
- [8] . 2021. A Survey of Algorithmic Methods in IC Reverse Engineering. Cryptology ePrint Archive, Paper 2021/1278. https://eprint.iacr.org/2021/1278Google ScholarCross Ref
- [9] . 2021. Hardware trust and assurance through reverse engineering: A tutorial and outlook from image analysis and machine learning perspectives. J. Emerg. Technol. Comput. Syst. 17, 4, Article
62 (jun 2021), 53 pages. Google ScholarDigital Library - [10] . 2009. HARPOON: An obfuscation-based SoC design methodology for hardware protection. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 28, 1 (2009), 97–109. Google ScholarCross Ref
- [11] . 2010. RTL hardware IP protection using key-based control and data flow obfuscation. In 2010 23rd International Conference on VLSI Design. 405–410. Google ScholarDigital Library
- [12] . 2020. Securing network-on-chip using incremental cryptography. In Proceedings of the IEEE Computer Society Annual Symposium on VLSI (ISVLSI’20). IEEE, 53–58.Google ScholarCross Ref
- [13] . 2020. Security assurance of system-on-chip designs with NoC fabrics. IEEE Signal Processing Society Newsletter 37, 5 (2020), 31–36. Google ScholarCross Ref
- [14] . 2019. The end of logic locking? A critical view on the security of logic locking. IACR Cryptology ePrint Archive 2019 (2019), 747.Google Scholar
- [15] . 2003. A framework for security on NoC technologies. In IEEE Computer Society Annual Symposium on VLSI, 2003. Proceedings.113–117. Google ScholarCross Ref
- [16] . 2019. Defeating silicon reverse engineering using a layout-level standard cell camouflage. IEEE Transactions on Consumer Electronics 65, 1 (2019), 109–118. Google ScholarDigital Library
- [17] . 2012. Network-on-chip: Challenges for the interconnect and I/O-architecture. In 2012 International Conference on High Performance Computing & Simulation (HPCS’12). 252–253. Google ScholarCross Ref
- [18] . 2019. Three-dimensional imaging of integrated circuits with macro- to nanoscale zoom. Nature Electronics 2 (2019), 464–470.Google ScholarCross Ref
- [19] . 2017. Side-channel attack resilience through route randomisation in secure real-time Networks-on-Chip. In 2017 12th International Symposium on Reconfigurable Communication-centric Systems-on-Chip (ReCoSoC’17). 1–8. Google ScholarCross Ref
- [20] . 2020. Characterization of in-cone logic locking resiliency against the SAT attack. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 39, 8 (2020), 1607–1620. Google ScholarDigital Library
- [21] . 2018. Run time mitigation of performance degradation hardware Trojan attacks in network on chip. 2018 IEEE Computer Society Annual Symposium on VLSI (ISVLSI), 738–743.Google Scholar
- [22] . 2022. Advances in Logic Locking: Past, Present, and Prospects. Cryptology ePrint Archive, Paper 2022/260. https://eprint.iacr.org/2022/260 https://eprint.iacr.org/2022/260Google Scholar
- [23] . 2019. Full-lock: Hard distributions of SAT instances for obfuscating circuits using fully configurable logic and routing blocks. In Proceedings of the 56th Annual Design Automation Conference 2019 (Las Vegas, NV, USA) (
DAC’19 ). Association for Computing Machinery, New York, NY, USA, Article89 , 6 pages. Google ScholarDigital Library - [24] . 2021. Securing hardware via dynamic obfuscation utilizing reconfigurable interconnect and logic blocks. In 2021 58th ACM/IEEE Design Automation Conference (DAC’21). 229–234. Google ScholarDigital Library
- [25] . 2023. Redundancy attack: Breaking logic locking through oracleless rationality analysis. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 42, 4 (2023), 1044–1057. Google ScholarDigital Library
- [26] . 2017. Logic locking for secure outsourced chip fabrication: A new attack and provably secure defense mechanism. ArXiv abs/1703.10187 (2017).Google Scholar
- [27] . 2016. Gate-level netlist reverse engineering for hardware security: Control logic register identification. In 2016 IEEE International Symposium on Circuits and Systems (ISCAS’16). 1334–1337. Google ScholarDigital Library
- [28] . 2023. SeVNoC: Security validation of system-on-chip designs with NoC fabrics. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 42, 2 (2023), 672–682. Google ScholarCross Ref
- [29] . 2018. Task scheduling for many-cores with S-NUCA caches. In 2018 Design, Automation & Test in Europe Conference & Exhibition (DATE’18). 557–562. Google ScholarCross Ref
- [30] . 2020. Guard-NoC: A protection against side-channel attacks for MPSoCs. In Proceedings of the IEEE Computer Society Annual Symposium on VLSI (ISVLSI’20). IEEE, 47–52.Google ScholarCross Ref
- [31] . 2016. GOSSIP NoC–avoiding timing side-channel attacks through traffic management. In Proceedings of the IEEE Computer Society Annual Symposium on VLSI (ISVLSI’16). IEEE, 197–202.Google ScholarCross Ref
- [32] . 2016. Side channel attack on NoC-based MPSoCs are practical: NoC Prime+Probe attack. In 2016 29th Symposium on Integrated Circuits and Systems Design (SBCCI’16). 1–6. Google ScholarCross Ref
- [33] . 2017. Towards protected MPSoC communication for information protection against a malicious NoC. Procedia Computer Science 108 (2017), 1103–1112. Google ScholarCross Ref
- [34] . 2017. Cyclic obfuscation for creating SAT-Unresolvable circuits. In Proceedings of the on Great Lakes Symposium on VLSI 2017 (Banff, Alberta, Canada) (
GLSVLSI’17 ). Association for Computing Machinery, New York, NY, USA, 173–178. Google ScholarDigital Library - [35] . 2018. Cross-lock: Dense layout-level interconnect locking using cross-bar architectures. In Proceedings of the 2018 on Great Lakes Symposium on VLSI (Chicago, IL, USA) (
GLSVLSI’18 ). Association for Computing Machinery, New York, NY, USA, 147–152. Google ScholarDigital Library - [36] . 2019. Design obfuscation through selective post-fabrication transistor-level programming. In 2019 Design, Automation & Test in Europe Conference & Exhibition (DATE’19). 528–533. Google ScholarCross Ref
- [37] . 2021. Challenging the security of logic locking schemes in the era of deep learning: A neuroevolutionary approach. J. Emerg. Technol. Comput. Syst. 17, 3, Article
30 (may 2021), 26 pages. Google ScholarDigital Library - [38] . 2021. Logic locking at the frontiers of machine learning: A survey on developments and opportunities. In 2021 IFIP/IEEE 29th International Conference on Very Large Scale Integration (VLSI-SoC’21). 1–6. Google ScholarCross Ref
- [39] . 2019. Side-channel protected MPSoC through secure real-time networks-on-chip. Microprocessors and Microsystems 68 (2019), 102888.Google Scholar
- [40] . 2015. Evaluating the security of logic encryption algorithms. In 2015 IEEE International Symposium on Hardware Oriented Security and Trust (HOST’15). IEEE, 112–117.Google Scholar
- [41] . 2014. Reverse engineering digital circuits using structural and functional analyses. IEEE Transactions on Emerging Topics in Computing 2, 1 (2014), 63–80. Google ScholarCross Ref
- [42] . 2011. The state-of-the-art in semiconductor reverse engineering. In 2011 48th ACM/EDAC/IEEE Design Automation Conference (DAC’11). 333–338.Google ScholarDigital Library
- [43] . 2013. SurfNoC: A low latency and provably non-interfering approach to secure networks-on-chip. SIGARCH Comput. Archit. News 41, 3 (
jun 2013), 583–594. Google ScholarDigital Library - [44] . 2016. SARLock: SAT attack resistant logic locking. In Proceedings of the 2016 IEEE International Symposium on Hardware Oriented Security and Trust, HOST 2016. Institute of Electrical and Electronics Engineers Inc., 236–241. Google ScholarCross Ref
- [45] . 2016. On improving the security of logic locking. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 35, 9 (
Sept. 2016), 1411–1424.Publisher Copyright: © 1982-2012 IEEE. .Google ScholarDigital Library - [46] . 2017. Provably-secure logic locking: From theory to practice. In Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (Dallas, Texas, USA) (
CCS’17 ). Association for Computing Machinery, New York, NY, USA, 1601–1618. Google ScholarDigital Library - [47] . 2023. C-SAR: SAT attack resistant logic locking for RSFQ circuits. ArXiv abs/2301.10216 (2023).Google Scholar
Index Terms
- ObNoCs: Protecting Network-on-Chip Fabrics Against Reverse-Engineering Attacks
Recommendations
Characterization of Timing-based Software Side-channel Attacks and Mitigations on Network-on-Chip Hardware
Modern network-on-chip (NoC) hardware is an emerging target for side-channel security attacks. A recent work implemented and characterized timing-based software side-channel attacks that target NoC hardware on a real multicore machine. This article ...
A Survey of Network-on-Chip Security Attacks and Countermeasures
With the advances of chip manufacturing technologies, computer architects have been able to integrate an increasing number of processors and other heterogeneous components on the same chip. Network-on-Chip (NoC) is widely employed by multicore System-on-...
A hardened network-on-chip design using runtime hardware Trojan mitigation methods
Due to the globalized semiconductor business model, malicious hardware modifications, known as hardware Trojans (HTs), have risen up as a big concern for chip security. HT detection and mitigation methods for general integrated circuits have been ...
Comments