Advertisement

Springer Nature is making SARS-CoV-2 and COVID-19 research free. View research | View latest news | Sign up for updates

The Old Frontier of Reverse Engineering: Netlist Partitioning

  • 451 Accesses

  • 4 Citations

Abstract

Without access to high-level details of commercialized integrated circuits (IC), it might be impossible to find potential design flaws or limiting use cases. To assist in high-level recovery, many IC reverse engineering solutions have been proposed. This paper focuses on a hard problem facing reverse engineering researchers, that of netlist partitioning. To assist in this endeavor, we propose our own methods that focus on signal matching by analyzing fan-in trees. This analysis extends to representing signal’s fan-ins numerically by their structural properties. These values go through certain common dimension reducing algorithms; clustering practices are also leveraged to assist in our proposed partitioning process. Adversely researchers have almost never agreed on the metric for evaluating such netlist partitioning methods. To keep our results unbiased, we leverage the Normalize Mutual Information (NMI) to evaluate our proposed partitioning method and compare its results with other techniques that aim to solve the same problem. Lastly, we show how our proposed methods are capable of effectively partition netlists of larger scale than previously proposed schemes.

This is a preview of subscription content, log in to check access.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11

Notes

  1. 1.

    The netlist partitioning mentioned in the paper involves breaking the signals of a netlist into smaller disjoint subsets that can represent either different words, modules, or even IPs. It should not be confused with the optimization problem presented in [9] or [10].

References

  1. 1.

    Hicks M, Finnicum M, King ST, Martin MM, Smith JM (2010) Overcoming an untrusted computing base: detecting and removing malicious hardware automatically. In: 2010 IEEE symposium on security and privacy (SP). IEEE, pp 159–172

  2. 2.

    Banga M, Hsiao MS (2010) Trusted rtl: Trojan detection methodology in pre-silicon designs. In: 2010 IEEE international symposium on hardware-oriented security and trust (HOST). IEEE, pp 56–59

  3. 3.

    Love E, Jin Y, Makris Y (2012) Proof-carrying hardware intellectual property: a pathway to trusted module acquisition. IEEE Trans Inf Forensics Secur 7(1):25–40

  4. 4.

    Sturton C, Hicks M, Wagner D, King ST (2011) Defeating uci: building stealthy and malicious hardware. In: 2011 IEEE symposium on security and privacy (SP). IEEE, pp 64–77

  5. 5.

    Torrance R, James D (2009) The state-of-the-art in ic reverse engineering. In: CHES, vol 5747. Springer, New York, pp 363–381

  6. 6.

    Torrance R, James D (2011) The state-of-the-art in semiconductor reverse engineering. In: Proceedings of the 48th design automation conference. ACM, pp 333–338

  7. 7.

    Subramanyan P, Tsiskaridze N, Li W, Gascón A, Tan WY, Tiwari A, Shankar N, Seshia SA, Malik S (2014) Reverse engineering digital circuits using structural and functional analyses. IEEE Trans Emerging Topics Comput 2(1):63–80

  8. 8.

    Meade T, Zhang S, Jin Y (2016) Netlist reverse engineering for high-level functionality reconstruction. In: 2016 21st Asia and South Pacific design automation conference (ASP-DAC). IEEE, pp 655–660

  9. 9.

    Areibi S, Vannelli A (2000) Tabu search: a meta heuristic for netlist partitioning. VLSI Design 11(3):259–283

  10. 10.

    Buntine WL, Su L, Newton AR, Mayer A (1997) Adaptive methods for netlist partitioning. In: Proceedings of the 1997 IEEE/ACM international conference on computer-aided design. IEEE Computer Society, pp 356–363

  11. 11.

    Dai YY, Brayton RK (2017) Circuit recognition with deep learning

  12. 12.

    Shi Y, Ting CW, Gwee B-H, Ren Y (2010) A highly efficient method for extracting fsms from flattened gate-level netlist. In: Proceedings of 2010 IEEE international symposium on circuits and systems (ISCAS). IEEE, pp 2610–2613

  13. 13.

    Li W, Gascon A, Subramanyan P, Tan WY, Tiwari A, Malik S, Shankar N, Seshia SA (2013) Wordrev: finding word-level structures in a sea of bit-level gates. In: 2013 IEEE international symposium on hardware-oriented security and trust (HOST). IEEE, pp 67–74

  14. 14.

    Tashjian E, Davoodi A (2015) On using control signals for word-level identification in a gate-level netlist. In: Proceedings of the 52nd annual design automation conference. ACM, p 78

  15. 15.

    Couch J, Reilly E, Schuyler M, Barrett B (2016) Functional block identification in circuit design recovery. In: 2016 IEEE international symposium on hardware oriented security and trust (HOST). IEEE, pp 75–78

  16. 16.

    Lancichinetti A, Fortunato S, Kertész J (2009) Detecting the overlapping and hierarchical community structure in complex networks. New J Phys 11(3):033015

  17. 17.

    Meade T, Jin Y, Tehranipoor M, Zhang S (2016) Gate-level netlist reverse engineering for hardware security: control logic register identification. In: 2016 IEEE international symposium on circuits and systems (ISCAS). IEEE, pp 1334–1337

  18. 18.

    Danon L, Diaz-Guilera A, Duch J, Arenas A (2005) Comparing community structure identification. J Stat Mech: Theory Exp 2005(09):P09008

  19. 19.

    Li W, Wasson Z, Seshia SA (2012) Reverse engineering circuits using behavioral pattern mining. In: 2012 IEEE international symposium on hardware-oriented security and trust, pp 83– 88

  20. 20.

    Li W, Gascon A, Subramanyan P, Tan WY, Tiwari A, Malik S, Shankar N, Seshia SA (2013) Wordrev: finding word-level structures in a sea of bit-level gates. In: 2013 IEEE international symposium on hardware-oriented security and trust (HOST), pp 67–74

  21. 21.

    Subramanyan P, Tsiskaridze N, Li W, Gascón A, Tan WY, Tiwari A, Shankar N, Seshia SA, Malik S (2014) Reverse engineering digital circuits using structural and functional analyses. IEEE Trans Emerging Topics Comput 2(1):63–80

Download references

Funding

The work is partially supported by the National Science Foundation (NSF-1812071, NSF-1703602).

Author information

Correspondence to Yier Jin.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Meade, T., Shamsi, K., Le, T. et al. The Old Frontier of Reverse Engineering: Netlist Partitioning. J Hardw Syst Secur 2, 201–213 (2018). https://doi.org/10.1007/s41635-018-0043-4

Download citation

Keywords

  • Reverse engineering
  • Gate-level netlist
  • Hardware Trojan
  • Structure analysis