Hardware Security & Design for Trust Lecture-1 PDF

Summary

This document is a lecture on hardware security and design for trust techniques, covering topics such as security risks, design-based countermeasures, IC watermarking, fingerprinting, and camouflaging, likely for an undergraduate course.

Full Transcript

Hardware Security &
Design for Trust
Dr Cheng Deruo
A/P Gwee Bah Hwee

© 2021 Nanyang Technological University, Singapore. All Rights Reserved.
 Course Objectives
This course offers an introduction to various security risks and trustworthiness issues on
Integrated Circuits chips (and/or any hardware thereof), and various design-based
countermeasures aimed at fostering hardware security.

Upon completion of this course, the learners will be able to:
Describe security risks for hardware devices

Describe different types of vulnerabilities and security threats in the hardware development cycle

Explain the design level countermeasures for higher security features and trust in hardware devices

Identify various design methodologies and countermeasures for protection against hardware threats and
enhancement on hardware trustworthiness

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 1
 Course Structure
Live Online Sessions (5.5hrs)

– Lecture 1: Hardware Security Risks & Design for Trust Techniques 09:30 - 11:30 on 16th Nov

– E-consultation 19:30 - 21:00 on 20th Nov

– Lecture 2: Design for Trust Techniques 09:30 - 11:30 on 23rd Nov

Asynchronous E-learning (5.5hrs)

– Work Example (will be discussed during E-consultation)

– Videos

– Research Papers

Assessment

– Class Participation (20%) + Assignment (20%) + Online Quiz (60%)

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 2
 Instructor Information

Dr Cheng Deruo, Temasek Laboratories, NTU
Email: [email protected]

Assoc Prof Gwee Bah Hwee, School of EEE, NTU
Email: [email protected]

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 3
 Overview of Lecture 1
❖ Hardware Security Risks in Chip Design and Manufacturing

❖ Hardware Security with Design for Trust

❖ Design for Trust Techniques

IC Watermarking

IC Fingerprinting

IC Camouflaging

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 4
 Hardware Security
Risks in Chip Design
and Manufacturing

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 5
 Chip Design and Manufacturing

Frond-End Design
Design Specifications
Architectural Design
Behavioral Level Design & Verification
Netlist Generation & Design for Testability (DFT) Insertion
Formal Verification
© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 6
 Chip Design and Manufacturing

Back-End Design
Floor Planning & Placement
Routing
Clock Tree Synthesis & Timing Analysis
Layout Verification & Sign-Off

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 7
 Chip Design and Manufacturing

Manufacturing
Lithography
Mark Verification
Packaging & Testing
Chip (Final Product)
Post Silicon Validation
© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 8
 Hardware Security Risks
IP Piracy

Hardware
Trojans

Reverse
Engineering

Over-
production

…

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 9
 Hardware Security Risks
❖ IP Piracy: the unauthorized use of someone else's intellectual property, including counterfeiting,
copying, distributing without permission, etc.

❖ Hardware Trojan: malicious modification of the circuitry of an IC chip without the knowledge of
developers/manufacturers, causing chip malfunctioning, disabling, destroying, etc.

❖ Reverse Engineering: the process of learning about the inner workings of an IC chip by
extracting, examining, and classifying its circuits.

❖ Over-production: an IC design is produced in excess by an untrusted party such as an off-shore
foundry with access to the final GDSII file for the IC design.

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 10
 Hardware Security Risks
Commercial Parties Industry & Society
Financial Loss Erosion of Trust in Technology
IP Theft and Competitive Disadvantage Increased Cybercrime
Reduced Reputation and Consumer Economic and Market Loss
Trust Unfair Competition
Liability and Legal Risks

Consumers Government & National-level
Device Failures and Malfunctions Disruption of Critical Infrastructure
Privacy Violations Supply Chain Vulnerability
Financial Loss Compromised National Security

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 11
 Design for Trust
IP Piracy

Hardware IC Watermarking
Trojans IC Fingerprinting
Trojan Detection
Reverse
Engineering
IC Camouflaging
Logic Locking

Over- Split Manufacturing
production IC Metering

…

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 12
 IC Watermarking

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 13
 Introduction to IC Watermarking
Watermarking: establish identify of information to prevent unauthorized use
❖ They should be inseparable from the works they are embedded in
❖ They should be imperceptible in an ideal case
❖ They should only become visible as a result of a (special) viewing process

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 14
 Introduction to IC Watermarking
Watermarking: establish identify of information to prevent unauthorized use
❖ They should be inseparable from the works they are embedded in
❖ They should be imperceptible in an ideal case
❖ They should only become visible as a result of a (special) viewing process

Original Image Watermark Watermarked Image

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 15
 Introduction to IC Watermarking
Watermarking: establish identify of information to prevent unauthorized use
❖ They should be inseparable from the works they are embedded in
❖ They should be imperceptible in an ideal case
❖ They should only become visible as a result of a (special) viewing process

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 16
 Introduction to IC Watermarking
Inspirations for IC watermarking
❖ Digital media watermarking
Emerging approaches for embedding ownership information into digital media such as audio
and vision systems (inseparable, imperceptible, extractable)
❖ Productivity gap between design and silicon
Reusable IPs lead to the need of authorship proof

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 17
 Introduction to IC Watermarking
IC Watermarking: embed authorship signature into the design

❖ It is imperceptible to the end user
❖ It is easy to extract but hard to remove
❖ It is extractable by authorized parties

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 18
 Introduction to IC Watermarking
Watermark Embedding

Watermark Extraction

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 19
 IC Watermarking Techniques

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 20
 IC Watermarking Techniques
Constraint-based Watermarking
❖ NP-hard optimization problems are involved in IC design process.
❖ Heuristic algorithms with design constraints are used to search for near-optimal or quasi-optimal solutions.
❖ Author’s signature can be used to derive embedded constraints that will be added to the original problem.

Satisfy both cover and stego constraints

Strength ↑↓ Ratio of stego/original solution space

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 21
 IC Watermarking Techniques
Constraint-based Watermarking
❖ System Synthesis Level
Multiprocessor DSP code partitioning
Cache line coloring
❖ Behavioral Synthesis Level
Scheduling, Assignment, Allocation, Transformations, Template mapping
❖ Logic Synthesis Level
Multi-level logic minimization
Technology mapping
❖ Physical Synthesis Level
Floorplanning, placement, clock tree synthesis, scan chain generation, routing, etc.

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 22
 IC Watermarking Techniques
Digital Signal Processing (DSP)-based Watermarking
❖ Make slight modifications to the design requirements at algorithmic/architectural level

Divide the filter’s passband region into K-bits
Manipulate the magnitude response slightly
Positive change codes ‘1’ and negative change codes ‘0’

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 23
 IC Watermarking Techniques
Digital Signal Processing (DSP)-based Watermarking
❖ Modify the fundamental circuit blocks of pipelined structure without modifying the transfer function

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 24
 IC Watermarking Techniques
Finite State Machine (FSM)-based Watermarking
❖ Embed watermark at behavioral level by introducing additional FSM states or transitions
❖ A specific property is only present in the sequence of states traversed by a sequence of inputs
that corresponds to the watermark, but will rarely be present in other non-watermarked designs
❖ Categories of FSM-based Watermarking
State-based FSM Watermarking: add new states or change state encoding (weak against
attack)
Transition-based FSM Watermarking: add new transitions or utilize unused transitions

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 25
 IC Watermarking Techniques
Finite State Machine (FSM)-based Watermarking

Original State Transition Graph (STG)

Modified STG with Additional States
© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 26
 IC Watermarking Techniques
Finite State Machine (FSM)-based Watermarking

Original STG STG with Additional Transition STG with Extended Input
& Additional Transition

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 27
 IC Watermarking Techniques

Finite State Machine (FSM)-based Watermarking

❖ Requirements for FSM-based watermarking:

Watermarking states or transitions should be hidden into existing state space.

Watermarking states or transitions shouldn’t change the original functionality

Additional states or transitions should only introduce reasonable overhead

It shouldn’t be affected by design optimization during synthesis or physical design

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 28
 IC Watermarking Techniques
Test Structure-based Watermarking
❖ Embed watermark into a test sequence at the behavioral level
❖ The watermarked IPs will send output test patterns and watermark sequences
❖ The watermark is easy to detect, since it can be retrieved with test signals

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 29
 IC Watermarking Techniques
Test Structure-based Watermarking

IP Circuit

Watermark Generating Circuit

Test Circuit

The watermark generating circuit is synthesized with the IP/test circuit, so it is protected at all lower design levels.
© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 30
 IC Watermarking Techniques
Side Channel-based Watermarking
❖ Convert the watermark into a specific voltage signal using a pattern generator

The signature can be extracted
through the power supply pins. It is
detectable even when the IP core is in
operation

The signature is then hidden below
the noise floor, it is difficult to remove.
But it could be affected by the power
consumption of other IP cores.

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 31
 IC Watermarking Techniques
Localized & Hierarchical Watermarking
❖ Issues of Global Watermarking
Verification requires watermark extraction from the entire watermarked IP core
Design alteration by an attacker could affect the extraction of watermark, and thus failure of verification
❖ Local Watermarking
Authorship signature is converted into a set of smaller watermarks
Each of the smaller watermarks are randomly augmented into a part of the design
Verification is done in its locality, independently from the remainder of the design
To defunction the watermark protection, the attacker needs to alter a substantial part of the watermarked
design
❖ Hierarchical Watermarking
Insert multiple watermarks at different abstraction levels for better protection of IP cores
An attacker needs to remove all watermarks at different levels
Localized watermark can be combined into hierarchical watermark to reduce overhead

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 32
 IC Watermark Extraction
Static Watermarking
❖ Presence of watermark is verified indirectly by checking if the watermarked constraints generated
by the author signature are satisfied
❖ All the constraint-based watermarking schemes are static
❖ Procedures of verification
Reverse engineer the circuit-under-test to the level where the watermarked solution is
generated
Check if the stego constraints due to the authorship signature are satisfied
In this case, localized watermark will be more efficient as it does not require reverse
engineering of complete IP core

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 33
 IC Watermark Extraction
Static Watermarking
❖ Challenges at extraction
Reverse engineering the circuit-under-test to watermarked solution is a costly task =>
localized watermarking could reduce the required effort on reverse engineering
How stego constraints are generated will be exposed during the verification process => divide
stego constraints into public part and private part. Only recover the private part for verification
when the public part is suspected to be attacked

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 34
 IC Watermark Extraction
Dynamic Watermarking
❖ The watermark can be detected from the output response by injecting a specific input sequence
❖ FSM-based and test structure-based watermarking schemes are dynamic
❖ Procedures of verification
Run the watermarked design with a specific input sequence
Detect the watermark bits from the output sequence
Only the author of a design can observe and interpret information obtained through the output
sequence

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 35
 IC Watermark Extraction
Side-channel Watermarking
❖ The watermark is detected from side channels such as temperature, power, electromagnetic
radiation, etc.
❖ Procedures of verification
Measure side-channel information from the chip package
Correlate the measured data with a database of watermarks
❖ If multiple side-channel watermarks are inserted, the measured information could be superposed.
In this case, multiplexing or decoding of the different signal sources should be planned, or a
database is needed for correlation-based verification

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 36
 IC Fingerprinting

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 37
 Introduction to IC Fingerprinting
Watermarking vs. Fingerprinting
This is This is
My IP
Buyer-A My IP.a
Buyer-A

IP This is IP This is
Buyer-B Buyer-B
Owner My IP Owner My IP.b
…

…
This is This is
My IP
Buyer-? My IP.?
Buyer-?

Watermarking Fingerprinting

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 38
 Introduction to IC Fingerprinting
Purposes of Watermarking vs. Fingerprinting
❖ Watermarking: does this product contain my IP?
❖ Fingerprinting: does this product contain my IP and who is the authorized IP user?

Fingerprinting
❖ Distribute IPs with the same functionality but different fingerprint to different users
❖ Each IP instance/copy is now unique
❖ When a fingerprinted IP is illegally used, the affected IP copy and parties can be identified

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 39
 Introduction to IC Fingerprinting
Requirements of Fingerprinting
❖ High credibility: The fingerprint should be readily detectable in proving legal ownership, and the
probability of coincidence should be low.
❖ Low overhead: Once the demand for fingerprinted solutions exceeds the number of available
good solutions, the solution quality will necessarily degrade. Nevertheless, we seek to minimize
the impact of fingerprinting on the quality of the software or design.
❖ Resilience: The fingerprint should be difficult or impossible to remove without complete knowledge
of the software or design.
❖ Transparency: The addition of fingerprints to software and designs should be completely
transparent, so that fingerprinting can be used with existing design tools.

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 40
 Introduction to IC Fingerprinting
Requirements of Fingerprinting
❖ Part protection: Ideally, a good fingerprint should be distributed all over the software or design in
order to identify the buyer from any part of it.
❖ Collusion-secure: Different users will receive different copies of the solution with their own
fingerprints embedded. These fingerprints should be embedded in such a way that it is not only
difficult to remove them, but also difficult to forge a new fingerprint from existing ones (i.e., the
fingerprinted solutions should be structurally diverse).
❖ Short runtime: The (average) run-time for creating a fingerprinted solution should be much less
than the run-time for solving the problem from scratch.
❖ Preserving watermarks: Fingerprinting should not diminish the strength of the author’s watermark.

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 41
 IC Fingerprinting Techniques
Fingerprinting by Constraint Addition
❖ By careful manipulation of constraints in the design or problem, we can generate controllable
number of distinct fingerprinted copies that have almost zero run-time overhead.

Original graph New graph Solutions

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 42
 IC Fingerprinting Techniques
Fingerprinting by Iterative Refinement
❖ Many hard problems in IC design are solved
iteratively where an initial solution is first
obtained and then refined to improve the
quality repetitively until the solution becomes
satisfiable.
❖ In each iteration, the current and previous
solutions are analyzed carefully, and
additional conditionals could be added to
enforce that the solution found next will
always be new.

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 43
 IC Fingerprinting Techniques
Fingerprinting on Don’t-Care Conditions: Observability don’t care (ODC)
❖ An ODC condition occurs when local signal changes cannot be observed at a primary output
❖ Figure below shows creation of 1-bit fingerprint by fabricating with the flexibility of disconnecting
the wire from Y to the AND gate that generates X

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 44
 IC Fingerprinting Techniques
Fingerprinting on Don’t-Care Conditions: Satisfiability don’t care (SDC)
❖ SDCs are the values of certain signals that will never occur because of their logical dependence.
❖ Two circuits below have identical output signals for every input combination

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 45
 IC Fingerprinting Techniques
Fingerprinting on Don’t-Care Conditions: general flow
❖ A normal design is performed to get the best possible IP
❖ Certain ODC/SDC conditions are identified, and the circuit is modified to provide flexibility in
implementing the same IP
❖ Mask is built and identical circuits are fabricated
❖ Fingerprinted copies are created at post-silicon stage by choosing whether or not to keep the local
changes in these fingerprint locations.

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 46
 IC Fingerprinting Techniques
Fingerprinting based on Scan Chain
❖ Leverage the controllability and observability of scan chain

Embed fingerprints by altering the connection styles between SFFs.

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 47
 IC Camouflaging

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 48
 Introduction to IC Camouflaging
❖ Make subtle changes to obfuscate the actual circuit function
❖ Against image-based reverse engineering
The reverse engineers reveal the original chip design with microscopic images
The cells/gates and interconnects are then recognized → camouflaging makes this difficult

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 49
 Introduction to IC Camouflaging
❖ Process-level: utilize fabrication/process techniques that can hide the circuit structure, including
doping based, dummy contact-based techniques, etc.
❖ Interconnect-level: manipulate interconnection between transistors to create faults or virtual
connections
❖ Cell-level: leverage the fabrication techniques and develop different camouflaging cell designs to
achieve more functionalities with indistinguishable layouts. The camouflaging cells usually incur
overhead in terms of power, area, and timing.
❖ Logic-level: develop camouflaging cell insertion algorithms to maximize the resilience of the circuit
netlist against reverse engineering attacks given the overhead constraints.

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 50
 IC Camouflaging Techniques
Process-level Camouflaging: Source/Drain Doping
❖ Doping: modify transistor characteristics with little/no change in geometry
❖ Figure below shows how short circuit can be created by replacing P-type with N-type dopant
❖ Stuck-at faults are then created to confuse the reverse engineer’s analysis

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 51
 IC Camouflaging Techniques
Process-level Camouflaging: Source/Drain Doping

Stuck-at-1

Stuck-at-0

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 52
 IC Camouflaging Techniques
Process-level Camouflaging: Channel Doping
❖ Configure a transistor as depletion or enhancement type through channel doping

Enhancement Mode

Depletion Mode

PMOS NMOS
© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 53
 IC Camouflaging Techniques
Process-level Camouflaging: Channel Doping

MOSFET Type VGS ≪ 0 VGS = 0 VGS ≫ 0

N-channel
OFF OFF ON
Enhancement

N-channel Depletion OFF ON ON

P-channel
ON OFF OFF
Enhancement

P-channel Depletion ON ON OFF

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 54
 IC Camouflaging Techniques
Process-level Camouflaging: Dummy Contact

Dummy Contact

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 55
 IC Camouflaging Techniques
Process-level Camouflaging: Dummy Contact

Camouflaged cell could serve different functions
depending on which contacts are true/dummy

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 56
 IC Camouflaging Techniques
Process-level Camouflaging: Smart Fill
❖ Also known as Post Place & Route (PP&R) processing technique
❖ Overlaying active cell and metal geometries to resemble real logic cells and interconnect
❖ The fill layers also include contacts and vias, connected in a realistic fashion to create a dense
routing network
❖ Active signals may be included in this fill process

Increase RE workload, uncertainty, and error rate

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 57
 IC Camouflaging Techniques
Process-level Camouflaging: Smart Fill – Metal Layer

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 58
 IC Camouflaging Techniques
Process-level Camouflaging: Smart Fill – Active Layer

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 59
 IC Camouflaging Techniques
Cell-level Camouflaging: Layout Technique – Layout Comparison

0
Standard 1 Standard Camouflage Camouflage
NAND Cell NOR Cell NAND Cell NOR Cell

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 60
 IC Camouflaging Techniques
Cell-level Camouflaging: Layout Technique – SEM Image Comparison
Metal Layer SEM Images Active Layer SEM Images

0
1
NAND Cell NOR Cell NAND Cell NOR Cell
© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 61
 IC Camouflaging Techniques
Cell-level Camouflaging: Custom Camouflage Cell Library

Further, we can build a library of custom camouflage cells
Utilize only transistors of identical size and spacing
Every cell appears identical to every other cell in the library
Different logic functions are realized through use of camouflaged connections.
© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 62
 IC Camouflaging Techniques
Cell-level Camouflaging: Reconfigurable Cell with Process-level Techniques

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 63
 IC Camouflaging Techniques
Cell-level Camouflaging: Application Flow

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 64
 IC Camouflaging Techniques
Interconnect-level Camouflaging: Dummy Contact/Via

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 65
 IC Camouflaging Techniques
Interconnect-level Camouflaging: Chemical Mechanical Planarization (CMP)-based
❖ Chemical Mechanical Planarization (CMP) is the process used to flatten each fabricated layer of a
circuit after printing the layer features.
❖ CMP can adversely affect the final layer profile due to the phenomena of dishing and erosion
❖ Metal-fills help to provide line density uniformity across chip to allow for predictable CMP
performance
❖ Metal-fills surrounding an interconnect line can degrade the line during fabrication if placed at
improper distances, to create faults

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 66
 IC Camouflaging Techniques
Interconnect-level Camouflaging: Stealthy Signaling with Crosstalk
❖ If the Metal-fills nearby to a target signal line are connected to a clock or other controllable line,
then they will induce strong and controllable crosstalk on the signal line.

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 67
 IC Camouflaging Techniques
Interconnect-level Camouflaging: Stealthy Signaling with Crosstalk
❖ Crosstalk by running one interconnect, the victim, in one layer and another interconnect, the
aggressor, in adjacent layers in a zigzag pattern

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 68
 IC Camouflaging Techniques
Interconnect-level Camouflaging: Optical Proximity Correction-based Timing Fault
❖ Changing or removing line-biasing compensation enables thinning of the interconnect and
increasing the line resistance. This affects the delay through the interconnect

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 69
 IC Camouflaging Techniques
Logic-level Camouflaging: CMOS Circuit

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 70
 IC Camouflaging Techniques
Logic-level Camouflaging: Pass Transistors

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 71
 IC Camouflaging Techniques
Logic-level Camouflaging: Dynamic Logic and Differential Cascode Voltage Switch
(DCVS) Logic

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 72
 IC Camouflaging Techniques
Logic-level Camouflaging: Flip-flops

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 73
 IC Camouflaging Techniques
Logic-level Camouflaging: Flip-flops

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 74
 IC Camouflaging Techniques
Logic-level Camouflaging: Flip-flops

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 75
 Summary
❖ What have been discussed
- Hardware Security Risks

- Design for Trust Techniques

IC Watermarking

IC Fingerprinting

IC Camouflaging

© 2021 Nanyang Technological University, Singapore. All Rights Reserved. 76