摘要
芯片代工厂可能进行诸如IP盗版、过度生产和硬件木马插入等一系列的恶意攻击.分离制造是一种抵御来自芯片代工厂芯片攻击的重要技术.针对分离制造工艺,目前最好的攻击方法是基于网络流的邻近攻击算法,但在多数情况下,这种邻近攻击算法并不能完全恢复出原始电路.本文提出了一种基于布尔可满足性的攻击方法(SplitSAT),它利用功能正常的电路作为黑箱模型,利用多路复用器对待攻击的不完整电路建模为逻辑加密电路,将恢复电路连接关系的问题转化为逻辑解密的可满足性问题,采用已有的CycSAT算法求解带环路的可满足性问题,可显著提高邻近攻击的成功率.考虑到SAT算法可求解的问题规模有限,本文提出经验式的解空间缩减方法,利用现有物理信息和自动化布局布线工具的特点,降低了解空间规模,提高了SplitSAT攻击效率.实验结果验证了本文提出SplitSAT算法的有效性.
Split manufacturing is an important technique to defend against fab-based malicious activities such as IP piracy,over-production,and hardware Trojan insertion.The state-of-the-art attack on split manufacturing is the network flow-based proximity attack.However,such a proximity attack in most general cases cannot fully restore the original circuit,as shown in their results.In this paper,we propose a SAT-based attack method called SplitSAT.By leveraging the oracle access to a functional circuit,as a black-box,and modeling the incomplete netlist to a logic encryption netlist with multiplexers,the recovery of missing connections is transformed to logic decryption based on SAT.The existing CycSAT algorithm is used to solve the problem with cycles.SplitSAT can dramatically improve the success rates over proximity attacks.Considering the scaling problem of SAT problem,heuristics of physical information and design tools are used for the solution space reduction.Experimental results demonstrate the effectiveness of SplitSAT.
作者
刘佳琳
陆昆
严昌浩
周海
周电
曾璇
LIU Jialin;LU Kun;YAN Changhao;ZHOU Hai;ZHOU Dian;ZENG Xuan(State Key Laboratory of ASIC&Systems,Fudan University,Shanghai 201203,China)
出处
《复旦学报(自然科学版)》
CAS
CSCD
北大核心
2019年第6期696-705,718,共11页
Journal of Fudan University:Natural Science
