SIGNED: A Challenge-Response Based Interrogation Scheme for Simultaneous Watermarking and Trojan Detection
share
The emergence of distributed manufacturing ecosystems for electronic hardware involving untrusted parties has given rise to diverse trust issues. In particular, IP piracy, overproduction, and hardware Trojan attacks pose significant threats to digital design manufacturers. Watermarking has been one of the solutions employed by the semiconductor industry to overcome many of the trust issues. However, current watermarking techniques have low coverage, incur hardware overheads, and are vulnerable to removal or tampering attacks. Additionally, these watermarks cannot detect Trojan implantation attacks where an adversary alters a design for malicious purposes. We address these issues in our framework called SIGNED: Secure Lightweight Watermarking Scheme for Digital Designs. SIGNED relies on a challenge-response protocol based interrogation scheme for generating the watermark. SIGNED identifies sensitive regions in the target netlist and samples them to form a compact signature that is representative of the functional and structural characteristics of a design. We show that this signature can be used to simultaneously verify, in a robust manner, the provenance of a design, as well as any malicious alterations to it at any stage during design process. We evaluate SIGNED on the ISCAS85 and ITC benchmark circuits and obtain a detection accuracy of 87.61% even for modifications as low as 5-gates. We further demonstrate that SIGNED can benefit from integration with a logic locking solution, where it can achieve increased protection against removal/tempering attacks and incurs lower overhead through judicious reuse of the locking logic for watermark creation.
READ FULL TEXT
