Development of a Layout-Level Hardware Obfuscation Tool to Counter Reverse Engineering

Malik, Shweta

17 July 2015

Reverse engineering of hardware IP block is a common practice for competitive purposes in the semiconductor industry. What is done with the information gathered is the deciding legal factor. Once this information gets into the hands of an attacker, it can be used to manufacture exact clones of the hardware device. In an attempt to prevent the illegal copies of the IP block from flooding the market, layout-level obfuscation based on switchable dopant is suggested for the hardware design. This approach can be integrated into the design and manufacturing flow using an obfuscation tool (ObfusTool) to obfuscate the functionality of the IP core. The ObfusTool is developed in a way to be flexible and adapt to different standard cell libraries and designs. It enables easy and accurate evaluation of the area, power and delay v/s obfuscation trades-offs across different design approaches for hardware obfuscation. The ObfusTool is linked to an obfuscation standard cell library which is based on a prototype design created with Obfuscells and 4-input NAND gate. The Obfuscell is a standard cell which is created with switchable functionality based on the assigned dopant configurations. The Obfuscell is combined with other logic gates to form a standard cell library, which can replace any number of existing gates in the IP block without altering it's functionality. A total of 160 different gates are realized using permutated combinations starting with 26 unique gate functions. This design library provide a high level of obfuscation in terms of the number of combinations an adversary has to go through increase to 2 2000 approximately based on the design under consideration. The connectivity of the design has been ignored by previous approaches, which we have addressed in this thesis. The connectivity of a design leaks important information related to inputs and outputs of a gate. We extend the basic idea of dopant-based hardware obfuscation by introducing "dummy wires". The addition of dummy wires not only obfuscates the functionality of the design but also it's connectivity. This greatly reduces the information leakage and complexity of the design increases. To an attacker the whole design appears as one big 'blob'.This also curbs the attempts of brute force attacks. The introduced obfuscation comes at a cost of area and power overhead on an average 5x, which varies across different design libraries.

Hardware obfuscation

reverse engineering

Switchable dopant changes

IP protection

Optical inspection

dummy wires

A framework to manage sensitive information during its migration between software platforms

Ajigini, Olusegun Ademolu

06 1900

Software migrations are mostly performed by organisations using migration teams. Such migration teams need to be aware of how sensitive information ought to be handled and protected during the implementation of the migration projects. There is a need to ensure that sensitive information is identified, classified and protected during the migration process. This thesis suggests how sensitive information in organisations can be handled and protected during migrations by using the migration from proprietary software to open source software to develop a management framework that can be used to manage such a migration process.A rudimentary management framework on information sensitivity during software migrations and a model on the security challenges during open source migrations are utilised to propose a preliminary management framework using a sequential explanatory mixed methods case study. The preliminary management framework resulting from the quantitative data analysis is enhanced and validated to conceptualise the final management framework on information sensitivity during software migrations at the end of the qualitative data analysis. The final management framework is validated and found to be significant, valid and reliable by using statistical techniques like Exploratory Factor Analysis, reliability analysis and multivariate analysis as well as a qualitative coding process. / Information Science / D. Litt. et Phil. (Information Systems)

Closed Source Software

Information classification

Information protection

Information security

Information sensitivity

Information sensitivity

IP Protection

IS Migration

IS theory development

IT control frameworks

005.8

Information technology -- Management

Computer programs -- Software

Information science -- Software

Computer programs -- Security measures

Data protection