This dynamically obfuscated scan chain (DOSC) structure for electronic hardware protects intellectual property from theft, tampering or counterfeiting. By restricting access to the test/scan architecture, this technique prevents would-be thieves or saboteurs from reverse engineering or determining the roles each part of a device plays. In a 2018 revelation called the “Big Hack,” spies in China managed to insert chips into computer systems that would have allowed external control of those systems. The spies accomplished this because numerous entities typically take part in the design, fabrication and assembly of complex electronic devices (such as the motherboards the spies sabotaged at one point during their manufacture). This incident points to the potential for IP theft, piracy, tampering, or counterfeiting, as well as for integrated circuit overproduction during production. While logic obfuscation mechanisms aim to prevent these threats by establishing trust across the production process, they remain ineffective due to their vulnerability to Boolean satisfiability (SAT) based attacks, which grant unauthorized access to obfuscated design information. Available SAT-resistant logic obfuscation techniques suffer from their own critical vulnerabilities as they are susceptible to “bypass attacks” that can easily circumvent the effect of the SAT-resistant logic locking scheme.
Researchers at the University of Florida have developed a dynamically obfuscated scan chain structure that improves obfuscated circuit design encryption by eliminating the threat of SAT attacks. Rather than directly making logic locking more resilient, this system prevents SAT attacks by denying unauthorized access to the scan chain and testing architecture of an integrated circuit, thereby rendering reverse engineering by SAT infeasible.
Logic obfuscation technique that makes integrated circuits resilient to IP piracy and modification by untrusted entities in the production process
This logic obfuscation technique takes scan chain length, obfuscation key length, permutation rate, and other factors as input parameters and automatically produces a dynamically obfuscated scan chain (DOSC) design that resists SAT and bypass attacks. The DOSC architecture employs of a feedback shift register that takes a trusted control vector as input and dynamically generates an obfuscation key as output, protecting it via a shadow chain. After generating scan cells based on the obfuscation key and shadow chains, the system combines test patterns and responses to confuse attackers as to the original obfuscated logic. This DOSC architecture in an integrated circuit denies unauthorized users access to the circuit’s testing infrastructure, eliminating vulnerability to SAT attacks.