ASIC design protection against reverse engineering during the fabrication process using automatic netlist obfuscation design flow



Computer Science and Engineering Department, Shahid Beheshti University, Tehran, Iran


Fab-less business model in semiconductor industry has led to serious concerns about trustworthy hardware. In untrusted foundries and manufacturing companies, submitted layout may be analyzed and reverse engineered to steal the information of a design or insert malicious Trojans. Understanding the netlist topology is the ultimate goal of the reverse engineering process. In this paper, we propose a netlist encryption mechanism to hide the interconnect topology inside an IC. Moreover, new special standard cells (Wire Scrambling cells) are designed to play the role of netlist encryption. Furthermore, a design ow is proposed to insert the WS-cells inside the netlist with the aim of maximum obfuscation and minimum overhead. It is worth noting that this mechanism is fully automated with no need to detail information of the functionality and structure of the design. Our proposed mechanism is implemented in an academic physical design framework (EduCAD). Experimental results show that reverse engineering can be hindered considerably in cost of negligible overheads by 23% in area, 3.25% in delay and 14.5% in total wire length. Reverse engineering is evaluated by brute-force attack, and the learned information is 0% and the Hamming distance is approximately 50%.


[1] V. Leest and P. Tuyls, "Anti-counterfeiting with hardware intrinsic security, "In Proceedings of the Conference on Design, Automation and Test in Europe, pp.1137- 1142, 2013.

[2] R.S. Chakraborty, S. Paul, and S. Bhunia, "On- Demand transparency for improving hardware Trojan detect-ability, "In Proceedings of international Workshop Hardware-Oriented Security and Trust (HOST 08), pp.48-50, 2008.

[3] S. Bhunia, M.S. Hsiao, M. Banga and S. Narashimhan, "Hardware Trojan Attacks: Threat Analysis and Countermeasures, " In Proceedings of IEEE, Vol.102, No.8, pp.1129-1247, 2014.

[4] R.S. Chakraborty, S. Bhunia, "Security Against Hardware Trojan Attacks Using Key-Based De- sign Obfuscation," In J. Electron Test, Vol.27, No.6, pp.767-785, 2011.

[5] R.S. Chakraborty and S. Bhunia, "Hardware Protection and Authentication through Netlist Level Obfuscation," In International Conference on Computer Aided Design, ICCAD 2008, IEEE/ACM, pp.674-677, 2008.

[6] R.S. Chakraborty and S. Bhunia, "HARPOON: An Obfuscation-Based SoC Design Methodology for Hardware Protection," In IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, TCAD 28(10), pp. 1493-1502, 2009.

[7] Y. Alkabani, F. koushanfar, M.Potkonjak, "Remote activation of ICs for piracy prevention and digital right management," In International conference on computer Aided Design, ICCAD 2007, IEEE, pp.674-677, 2007.

[8] J. Rajendran, A. Ali, O. Sinanoglu and R. Karri, "Belling the CAD: Toward Security-Centric Electronic System Design," in IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol. 34, no. 11, pp. 1756-1769, Nov. 2015.

[9] J.A Roy, F. Koushanfar, and I. Markov, "EPIC: Ending Piracy of Integrated Circuits," In proceedings of the Design, Automation and Test in Europe. DATE'08, pp.1069-1074, 2008.

[10] M. Yasin; J. Rajendran; O. Sinanoglu; R. Karri, "On Improving the Security of Logic Locking," in IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems, vol.PP, no.99, pp.1-1, 2015.

[11] J. Rajendran, Y. Pino, O. Sinanoglu and R. Karri, "Fault analysis-based logic encryption," In IEEE Transactions on computers, Vol.64, No.2, pp.410-424, 2015.

[12] S. Dupuis, P. Ba, G. D. Natale, M. Flottes, and B. Rouzeyre, "A Novel Hardware Logic Encryption Technique for Thwarting Illegal Overproduction and Hardware Trojans," in Proc. IEEE International On-Line Testing Symposium, 2014, pp.49-54.

[13] A. Baumgarten, A.Tyagi and J.Zambreno, "Preventing IC piracy using reconfigurable logic barriers, "In IEEE Design and Test of Computers, Vol.27, No.1, pp.66-75, 2010.

[14] S. Zamanzadeh and A. Jahanian. "Automaticnetlist scrambling methodology in ASIC design flow to hinder the reverse engineering," In VLSISoC, 2013 IFIP/IEEE 21st International Conference on, pp. 52-53, 2013.

[15] S. Khaleghi, Kai Da Zhao and Wenjing Rao, "IC Piracy prevention via Design Withholding and Entanglement," Design Automation Conference (ASP-DAC), 2015 20th Asia and South Pacific, Chiba, 2015, pp. 821-826.

[16] Xilinx Power Estimator User Guide, UG440 (v2.0) May 4, 2009. Available on: http://

[17] Z. Navabi, Digital System Test and Testable Design: Using HDL Models and Architectures, Springer, 2010.

[18] Y.W. Lee and N. Touba, "Improving Logic Obfuscation via Logic Cone professor of electrical and computer engineering at Analysis," in Proc. Latin-American Test Symposium, 2015, pp. 1-6.

[19] P. Subramanyan, S. Ray, and S. Malik, "Evaluating the Security of Logic Encryption Algorithms," in IEEE International Symposium on Hardware Oriented Security and Trust, 2015, pp. 137-143.

[20] ARM. (2010).i.MX35 applications processors for industrial and consumer products [Online]. Available:

i.MX357&fpsp=1&tab= Documentation_Tab

[21] S. Amanollahi and A. Jahanian, "EduCAD: an efficient, flexible and easily revisable physical design tool for educational purposes," In proceedings of the Design, Automation and Test in Europe, DATE 2011.

[22] IWLS 2005 benchmarks, [online] Available on:, 2005.