Hardware Redaction via Designer-Directed Fine-Grained eFPGA Insertion
Prashanth Mohana, Oguz Atlib, Joseph Sweeneyc, Onur Kibard, Larry Pileggie and Ken Maif
Department of Electrical and Computer Engineering, Carnegie Mellon University Pittsburgh, PA, USA
apmohan@andrew.cmu.edu
baatli@andrew.cmu.edu
cjsweene1@andrew.cmu.edu
dokibar@andrew.cmu.edu
epileggi@andrew.cmu.edu
fkenmai@andrew.cmu.edu
ABSTRACT
In recent years, IC reverse engineering and IC fabrication supply chain security have grown to become significant economic and security threats for designers, system integrators, and end customers. Many of the existing logic locking and obfuscation techniques have shown to be vulnerable to attack once the attacker has access to the design netlist either through reverse engineering or through an untrusted fabrication facility. We introduce soft embedded FPGA redaction, a hardware obfuscation approach that allows the designer substitute security-critical IP blocks within a design with a synthesizable eFPGA fabric. This method fully conceals the logic and the routing of the critical IP and is compatible with standard ASIC flows for easy integration and process portability. To demonstrate eFPGA redaction, we obfuscate a RISC-V control path and a GPS P-code generator. We also show that the modified netlists are resilient to SAT attacks with moderate VLSI overheads. The secure RISC-V design has 1.89x area and 2.36x delay overhead while the GPS design has 1.39x area and negligible delay overhead when implemented on an industrial 22nm FinFET CMOS process.
Keywords: Hardware Security, Design Obfuscation, Fieldprogrammable Gate Array, FPGA.