Characterization of In-Cone Logic Locking Resiliency Against the SAT Attack

Abstract

The resiliency of in-cone logic locking techniques to the satisfiability (SAT) attack is characterized in this paper. An analysis of the parameters of the SAT solver that impact security and a characterization of the effect netlist topology has on the security of the circuit is presented. The analysis of SAT solver parameters and logic structure is used to develop three novel logic locking gate selection algorithms based on maximum fanout free cones (MFFCs) and gate controllability for circuits implementing XOR, look-up table (LUT), and $2\times 1$ MUX-based logic obfuscation. The XOR, LUT, and MUX MFFC-based algorithms resulted in an average increase of, respectively, 61.8%, 123.6%, and 38.5% in the minimum number of iterations required to complete the SAT attack across 1,000 different variable orderings of the netlist while applying the locking techniques to 5% of the gates within the netlist. In addition, the SAT attack resiliency and output corruption of the developed algorithms are compared with out-of-cone locking techniques.