Rethinking Split Manufacturing: An Information-Theoretic Approach with Secure Layout Techniques
Split manufacturing is a promising technique to defend against fab-based malicious activities such as IP piracy, overbuilding, and insertion of hardware Trojans. Still, so-called proximity attacks aim to recover the missing BEOL connections while mainly leveraging the physical proximity of connected FEOL components, but also while accounting for the heuristics of physical design tools and the details of technology libraries (such as load constraints).
In this work, we present two practical layout techniques towards secure split manufacturing: (i) gate-level graph coloring and (ii) clustering of same-type gates. We also provide—for the first time—a theoretical framework for quantifying the layout-level resilience against any proximity-induced information leakage. Towards this end, we leverage the notion of mutual information. Overall, our placement-centric protection schemes offer superior resilience against proximity attacks which is observed by lowering the success rate of the attack by 5.27x, 3.19x, and 1.73x while splitting at M1, M2, and M3, respectively, when compared to unprotected layouts.
Correct connections and mutual information versus wirelength overheads, when splitting c7552 at M1. For layout randomization (represented by the blue line and the dark-yellow, dashed line), gates are randomly selected in steps of 10% and their locations shuffled.
Gate-level graph coloring
Here we leverage graph coloring to hide the connectivity information; coloring a netlist mandates that there are no connections remaining between gates of the same color. The “colored netlist” is then partitioned by clustering all cells of same colors together and the placement of cells is confined within their respective cluster regions.
Clustering of same-type gates
This technique (a.k.a. g-security) comes in two flavors—we either consider (i) only the functionality of the gates (g-type1), or (ii) both the functionality of the gates as well as the number of their inputs (g-type2). That is, for g-type2 we do differentiate between a 2-input NAND gate and a 3-input NAND gate. Doing so is motivated by our experimental results which indicate that utilizing more partitions renders a design more resilient against proximity attacks in practice.
Concerted Wire Lifting: Enabling Secure and Cost-Effective Split Manufacturing
In this work, we advance the protection of split manufacturing (SM)-based layouts through the judicious and well-controlled handling of interconnects. We explore the cost-security trade-offs of SM, which are limiting its adoption. Aiming to resolve this issue, we propose effective and efficient strategies to lift nets to the BEOL. Further, we define and promote a new metric, Percentage of Netlist Recovery (PNR), which can quantify the resilience against gate-level theft of intellectual property (IP) in a manner more meaningful than established metrics. Our protection strategies notably outperform the recent prior art regarding security. For example, we reduce the correct connection rate (CCR) to 0% for considered benchmarks.
Conceptional illustration of a regular, unprotected layout. The red dots represent open pins, which would induce dangling wires once the layout is split at each respective layer. Note that the majority of nets are completed inlower layers, hence fewer open pins are observed for higher layers. (b) Conceptional illustration of a layout protected by wire lifting. Here the majority of nets are completed in M7 (without loss of generality). Hence, any split below M7 induces many open pins to be tackled by an attacker.
Strategy 1: Lifting High-fanout Nets (HiFONs)
We begin by lifting high-fanout nets (HiFONs) for two reasons: (i) any wrong connection made by an attacker propagates the error to multiple locations, and (ii) lifting HiFONs helps introduce many open BEOL connections (also referred to as OPPs in the remainder).
Strategy 2: Controlling distances of Open-pin pairs (OPPs)
Besides increasing the number of OPPs, it is also necessary to control the distances between their pins. We note that doing so is difficult for prior art which relies on implicit wire lifting. In our method, we can control the distances for OPPs at will, simply by controlling the placement of the elevating cells.
Strategy 3: Obfuscating Short nets
For short nets, however, enlarging the distances between OPPs requires routing detours outside of the net’s bounding box. Furthermore, short nets may be easy for an attacker to identify and localize, based on the typically low driver strength. We obfuscate short nets by linking them together with a dummy driver into another type of elevating cell. The dummy driver is chosen such that an attacker reconnecting the corresponding dummy net observes no combinatorial loops. Besides, the strength of the dummy driver is also adapted during ECO optimization. As result for the attacker, the dummy driver and the real driver appear equally promising to reconnect to the sink of the short net.
Our protection flow, implemented as custom scripts in Cadence Innovus 16.15
If you are interested in this work, feel free to access the following files from here and/or get in touch with us. The files contain protected and split layouts for 4 different benchmarks and the library and LEF definitions of our customized cells.