Showing 1–5 of 5 results for author: Perez, T D

Impact of Orientation on the Bias of SRAM-Based PUFs

Authors: Zain Ul Abideen, Rui Wang, Tiago Diadami Perez, Geert-Jan Schrijen, Samuel Pagliarini

Abstract: This paper investigates the impact of memory orientation on the bias pattern of SRAM-based PUFs. We designed and fabricated a 65nm CMOS chip that contains eleven SRAM macros that exercise different memory- and chip-level parameters. At the memory level, several parameters passed to the SRAM compiler are considered, including the number of addresses, the number of words, the aspect ratio, and the c… ▽ More This paper investigates the impact of memory orientation on the bias pattern of SRAM-based PUFs. We designed and fabricated a 65nm CMOS chip that contains eleven SRAM macros that exercise different memory- and chip-level parameters. At the memory level, several parameters passed to the SRAM compiler are considered, including the number of addresses, the number of words, the aspect ratio, and the chosen bitcell. Chip-level decisions are considered during the floorplan, including the location and rotation of each SRAM macro in the testchip. In this study, we conduct a comprehensive analysis of different memory orientations and their effect on the biasing direction. Physical measurements performed on 50 fabricated chips revealed that specific memory orientations, namely R270 and MY90, exhibit a distinct negative biasing direction compared to other orientations. Importantly, this biasing direction remains consistent regardless of memory type, column mux ratio, memory size, or the utilization of SRAMs with different bitcells. Overall, this study highlights the significance of careful physical implementation and memory orientation selection in designing SRAM-based PUFs. Our findings can guide designers in the selection of SRAM memories with properties that make for better PUFs that potentially require less error correction effort to compensate for instability. △ Less

Submitted 13 August, 2023; originally announced August 2023.

A Security-aware and LUT-based CAD Flow for the Physical Synthesis of eASICs

Authors: Zain UlAbideen, Tiago Diadami Perez, Mayler Martins, Samuel Pagliarini

Abstract: Numerous threats are associated with the globalized integrated circuit (IC) supply chain, such as piracy, reverse engineering, overproduction, and malicious logic insertion. Many obfuscation approaches have been proposed to mitigate these threats by preventing an adversary from fully understanding the IC (or parts of it). The use of reconfigurable elements inside an IC is a known obfuscation techn… ▽ More Numerous threats are associated with the globalized integrated circuit (IC) supply chain, such as piracy, reverse engineering, overproduction, and malicious logic insertion. Many obfuscation approaches have been proposed to mitigate these threats by preventing an adversary from fully understanding the IC (or parts of it). The use of reconfigurable elements inside an IC is a known obfuscation technique, either as a coarse grain reconfigurable block (i.e., eFPGA) or as a fine grain element (i.e., FPGA-like look-up tables). This paper presents a security-aware CAD flow that is LUT-based yet still compatible with the standard cell based physical synthesis flow. More precisely, our CAD flow explores the FPGA-ASIC design space and produces heavily obfuscated designs where only small portions of the logic resemble an ASIC. Therefore, we term this specialized solution an "embedded ASIC" (eASIC). Nevertheless, even for heavily LUT-dominated designs, our proposed decomposition and pin swapping algorithms allow for performance gains that enable performance levels that only ASICs would otherwise achieve. On the security side, we have developed novel template-based attacks and also applied existing attacks, both oracle-free and oracle-based. Our security analysis revealed that the obfuscation rate for an SHA-256 study case should be at least 45% for withstanding traditional attacks and at least 80% for withstanding template-based attacks. When the 80\% obfuscated SHA-256 design is physically implemented, it achieves a remarkable frequency of 368MHz in a 65nm commercial technology, whereas its FPGA implementation (in a superior technology) achieves only 77MHz. △ Less

Submitted 12 July, 2022; originally announced July 2022.

G-GPU: A Fully-Automated Generator of GPU-like ASIC Accelerators

Authors: Tiago Diadami Perez, Márcio M. Gonçalves, José Rodrigo Azambuja, Leonardo Gobatto, Marcelo Brandalero, Samuel Pagliarini

Abstract: Modern Systems on Chip (SoC), almost as a rule, require accelerators for achieving energy efficiency and high performance for specific tasks that are not necessarily well suited for execution in standard processing units. Considering the broad range of applications and necessity for specialization, the design of SoCs has thus become expressively more challenging. In this paper, we put forward the… ▽ More Modern Systems on Chip (SoC), almost as a rule, require accelerators for achieving energy efficiency and high performance for specific tasks that are not necessarily well suited for execution in standard processing units. Considering the broad range of applications and necessity for specialization, the design of SoCs has thus become expressively more challenging. In this paper, we put forward the concept of G-GPU, a general-purpose GPU-like accelerator that is not application-specific but still gives benefits in energy efficiency and throughput. Furthermore, we have identified an existing gap for these accelerators in ASIC, for which no known automated generation platform/tool exists. Our solution, called GPUPlanner, is an open-source generator of accelerators, from RTL to GDSII, that addresses this gap. Our analysis results show that our automatically generated G-GPU designs are remarkably efficient when compared against the popular CPU architecture RISC-V, presenting speed-ups of up to 223 times in raw performance and up to 11 times when the metric is performance derated by area. These results are achieved by executing a design space exploration of the GPU-like accelerators, where the memory hierarchy is broken in a smart fashion and the logic is pipelined on demand. Finally, tapeout-ready layouts of the G-GPU in 65nm CMOS are presented. △ Less

Submitted 6 December, 2021; v1 submitted 11 November, 2021; originally announced November 2021.

From FPGAs to Obfuscated eASICs: Design and Security Trade-offs

Authors: Zain Ul Abideen, Tiago Diadami Perez, Samuel Pagliarini

Abstract: Threats associated with the untrusted fabrication of integrated circuits (ICs) are numerous: piracy, overproduction, reverse engineering, hardware trojans, etc. The use of reconfigurable elements (i.e., look-up tables as in FPGAs) is a known obfuscation technique. In the extreme case, when the circuit is entirely implemented as an FPGA, no information is revealed to the adversary but at a high cos… ▽ More Threats associated with the untrusted fabrication of integrated circuits (ICs) are numerous: piracy, overproduction, reverse engineering, hardware trojans, etc. The use of reconfigurable elements (i.e., look-up tables as in FPGAs) is a known obfuscation technique. In the extreme case, when the circuit is entirely implemented as an FPGA, no information is revealed to the adversary but at a high cost in area, power, and performance. In the opposite extreme, when the same circuit is implemented as an ASIC, best-in-class performance is obtained but security is compromised. This paper investigates an intermediate solution between these two. Our results are supported by a custom CAD tool that explores this FPGA-ASIC design space and enables a standard-cell based physical synthesis flow that is flexible and compatible with current design practices. Layouts are presented for obfuscated circuits in a 65nm commercial technology, demonstrating the attained obfuscation both graphically and quantitatively. Furthermore, our security analysis revealed that for truly hiding the circuit's intent (not only portions of its structure), the obfuscated design also has to chiefly resemble an FPGA: only some small amount of logic can be made static for an adversary to remain unaware of what the circuit does. △ Less

Submitted 13 October, 2021; v1 submitted 11 October, 2021; originally announced October 2021.

Comments: The results for the paper are given on the following link: https://github.com/Centre-for-Hardware-Security/eASIC

A Survey on Split Manufacturing: Attacks, Defenses, and Challenges

Authors: Tiago D. Perez, Samuel Pagliarini

Abstract: In today's integrated circuit (IC) ecosystem, owning a foundry is not economically viable, and therefore most IC design houses are now working under a fabless business model. In order to overcome security concerns associated with the outsorcing of IC fabrication, the Split Manufacturing technique was proposed. In Split Manufacturing, the Front End of Line (FEOL) layers (transistors and lower metal… ▽ More In today's integrated circuit (IC) ecosystem, owning a foundry is not economically viable, and therefore most IC design houses are now working under a fabless business model. In order to overcome security concerns associated with the outsorcing of IC fabrication, the Split Manufacturing technique was proposed. In Split Manufacturing, the Front End of Line (FEOL) layers (transistors and lower metal layers) are fabricated at an untrusted high-end foundry, while the Back End of Line (BEOL) layers (higher metal layers) are manufactured at a trusted low-end foundry. This approach hides the BEOL connections from the untrusted foundry, thus preventing overproduction and piracy threats. However, many works demonstrate that BEOL connections can be derived by exploiting layout characteristics that are introduced by heuristics employed in typical floorplanning, placement, and routing algorithms. Since straightforward Split Manufacturing may not afford a desirable security level, many authors propose defense techniques to be used along with Split Manufacturing. In our survey, we present a detailed overview of the technique, the many types of attacks towards Split Manufacturing, as well as possible defense techniques described in the literature. For the attacks, we present a concise discussion on the different threat models and assumptions, while for the defenses we classify the studies into three categories: proximity perturbation, wire lifting, and layout obfuscation. The main outcome of our survey is to highlight the discrepancy between many studies -- some claim netlists can be reconstructed with near perfect precision, while others claim marginal success in retrieving BEOL connections. Finally, we also discuss future trends and challenges inherent to Split Manufacturing, including the fundamental difficulty of evaluating the efficiency of the technique. △ Less

Submitted 12 October, 2020; v1 submitted 8 June, 2020; originally announced June 2020.