{"title":"Improving on State Register Identification in Sequential Hardware Reverse Engineering","authors":"M. Brunner, Johanna Baehr, G. Sigl","doi":"10.1109/HST.2019.8740844","DOIUrl":null,"url":null,"abstract":"In the past years, new hardware reverse engineering methods for sequential gate-level netlists have been developed to detect Hardware Trojans and counteract Design Piracy. A critical part of sequential gate-level netlist reverse engineering is the identification of state registers. A promising method to solve this problem, RELIC, proposed by T. Meade et al., is based on input structure similarities of registers to differentiate between state and non-state registers. We propose an improvement to this method, fastRELIC: it outperforms RELIC in terms of speed and computational complexity. A complexity analysis shows the upper bound of $\\mathcal{O}(R^2)$ (R: # registers) for both methods, but a linear lower bound Ω(R) for fastRELIC. Empirical results with fastRELIC provide a speedup of up to 100x. This allowed us to analyze real-life designs with more than 4,000 registers and 50,000 gates.","PeriodicalId":146928,"journal":{"name":"2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","volume":"84 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"12","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE International Symposium on Hardware Oriented Security and Trust (HOST)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/HST.2019.8740844","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 12
Abstract
In the past years, new hardware reverse engineering methods for sequential gate-level netlists have been developed to detect Hardware Trojans and counteract Design Piracy. A critical part of sequential gate-level netlist reverse engineering is the identification of state registers. A promising method to solve this problem, RELIC, proposed by T. Meade et al., is based on input structure similarities of registers to differentiate between state and non-state registers. We propose an improvement to this method, fastRELIC: it outperforms RELIC in terms of speed and computational complexity. A complexity analysis shows the upper bound of $\mathcal{O}(R^2)$ (R: # registers) for both methods, but a linear lower bound Ω(R) for fastRELIC. Empirical results with fastRELIC provide a speedup of up to 100x. This allowed us to analyze real-life designs with more than 4,000 registers and 50,000 gates.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
