Hardware Trojan insertion and intellectual property (IP) theft are two major concerns when dealing with untrusted foundries. Most existing mitigation techniques are limited in protecting against both vulnerabilities. Split manufacturing is designed to stop IP piracy and integrated circuit (IC) cloning, but it fails at preventing untargeted hardware Trojan insertion and incurs significant overheads when high level of security is demanded. Built-in self-authentication (BISA) is a low-cost technique for preventing and detecting hardware Trojan insertion, but is vulnerable to IP piracy, IC cloning, or redesign attacks, especially on original circuitry. In this paper, we propose an obfuscated BISA technique that combines and optimizes both the techniques so that they complement and improve security against both vulnerabilities, while at the same time minimizing design overheads to the extent that the proposed method does not incur prohibitive cost for designs of industrial-level sophistication. Our evaluation on advanced encryption standard and data encryption standard cores shows that the proposed technique can reach security levels more than two times higher, satisfying all existing layout-based security metrics, while reducing overheads from hundreds of percents to less than 13% in power, 5% in delay, and zero percent in area, as compared to best reported performance in existing techniques.
Read full abstract