Hardware obfuscation

This article is about the obfuscation of electronic hardware. For obfuscation as used in computer software, see code obfuscation.

Hardware obfuscation is a technique by which the description or the structure of electronic hardware is modified to intentionally conceal its functionality, which makes it significantly more difficult to reverse-engineer. In essence, it is different from digital watermarking (where the ownership is concealed in the digital content itself), or from hardware intellectual property (IP) watermarking [1] where the ownership information is embedded and concealed in the description of a circuit. It is also different from cryptography-based hardware IP protection techniques common in the design flow of Field Programmable Gate Array.[2][3]

The importance of hardware watermarking has increased in the recent years due to widespread adoption of hardware IP based design practices for modern integrated circuits (ICs) such as system on chips (SoCs). Major security issues associated with hardware IPs include: (a) hardware intellectual property infringement during SoC design; (b) reverse engineering the manufactured ICs or the IC design database (in fabrication facilities) to produce counterfeit or clone ICs; and (c) malicious modifications of an IP through the insertion of hardware Trojan to cause in-field functional failure. Hardware obfuscation aims at minimizing these threats at IP or chip level by making it difficult for an adversary to comprehend the actual functionality of a design.

Hardware obfuscation techniques can be classified into two main categories: (a) the "passive" techniques, which do not directly affect the functionality of the electronic system, and (b) the "active" techniques, which directly alter the functionality of the system. Often the active hardware obfuscation techniques are "key-based", such that normal functionality of the obfuscated design can only be enabled by the successful application of a single pre-determined key or a sequence of secret keys at the input; otherwise the circuit operates in a mode, which exhibits incorrect functionality. This can be done by embedding a well-hidden finite state machine (FSM) in the circuit to control the functional modes based on application of key. The technique of key-based, active hardware obfuscation is similar in principle to private-key cryptographic approaches for information protection, since the "key sequence" for the obfuscated design plays a similar role as the cryptographic key. The technique can be applied at different levels of hardware description, namely gate-level or register transfer level (RTL) design and hence can be used to protect soft, firm and hard IP cores.[4] Obfuscation can also help to effectively hide security features in an IC and thus enable protection of ICs from counterfeiting and cloning in fabrication facilities.[5]

In contrast, the passive techniques modify the circuit description in a soft form (e.g. syntactic changes), such that it becomes difficult for a human reader to understand the functionality of the circuit. These approaches typically employ either string-substitution (including variable name change, comment removal, etc.),[6] or structural change in the hardware description language (HDL) description of a circuit (including loop unrolling, register renaming, etc.).[7] A major shortcoming of the passive approaches is that they do not modify the black box functionality of a circuit, and hence cannot prevent potential usage of an IP as black-box in a design. Moreover, the actual strength of such passive obfuscation is debatable, since, in general, black-box obfuscation does not exist, at least for software programs computing certain mathematical functions.[8]

Hardware watermarking can be used in conjunction with hardware obfuscation. In an obfuscated design, watermarking can be effective in providing a second line of defense against piracy efforts.[9]

Historical context

Hardware obfuscation in computing probably has its origins with mainframe CPUs, mainly ones made by IBM during the 1960s and 1970s. IBM, in order to maintain some competitive advantage -- implemented secret opcodes that would only be used by the closed source operating system on the mainframe.

In the 1980s when computer gaming came into being, many hardware game cards on ATARI and other machines implemented obfuscation techniques in order to keep the games from being reverse engineered.

See also

References

  1. E. Castillo, U. Meyer-Baese, A. Garcia, L. Parilla, and A. Lloris: "IPP@HDL: efficient intellectual property protection scheme for IP cores", IEEE Transactions on VLSI, 16(5), 2007.
  2. Xilinx Corporation: "Xilinx IP evaluation", , 2009.
  3. M. Wirthlin and B. McMurtrey: "IP delivery for FPGAs using Applets and JHDL", Design Automation Conference (DAC), 2002.
  4. R.S. Chakraborty and S. Bhunia: "RTL hardware IP protection using key-based control and data flow obfuscation", International Conference on Very Large Scale Integration Design (VLSID), 2010.
  5. J. Roy, F. Koushanfar, and I.L. Markov: "EPIC: ending piracy of integrated circuits," Design, Automation and Test in Europe (DATE), 2008.
  6. Thicket Family of Source Come Obfuscators
  7. M. Brzozowski and V. N. Yarmolik: "Obfuscation as intellectual rights protection in VHDL language", International Conference on Computer Information Systems and Industrial Management Applications (CISIM), 2007.
  8. B. Barak, O. Goldreich, R. Impagliazzo, S. Rudich, A. Sahai, S.P. Vadhan and K. Yang: "On the (im)possibility of obfuscating programs", Cryptology Conference on Advances in Cryptology (CRYPTO), 2001.
  9. R.S. Chakraborty and S. Bhunia: "HARPOON: An Obfuscation-Based SoC Design Methodology for Hardware Protection", IEEE Trans. on CAD of Integrated Circuits and Systems (TCAD), 2009.