August_EDFA_Digital

edfas.org ELECTRONIC DEVICE FAILURE ANALYSIS | VOLUME 21 NO. 3 18 Information reverse engineering includes FPGA bit- stream and software extraction. Bitstream is a file that contains configuration data for the FPGA. Software or firmware reverse engineering is the process of convert- ing machine code into a human-readable format. Both bitstreamand firmware are stored in nonvolatilememory (NVM). Therefore, information reverse engineering focuses on reading the NVM using FA tools. SECURITY THREATS AND HARDWARE ASSURANCE Reverse engineering involves two main goals: 1) Extracting chip/PCB netlist and functionality: Recent advancements in imaging and deprocessing techniques have facilitated the layout and netlist extraction method through reverse engineering. Therefore, the IP becomes susceptible to theft, counterfeiting, and hardware trojan insertion. Hardware trojans are considered a malicious change in circuitry, functionality, or parametric change of an IC. Due to their stealthy nature, hardware trojans are difficult to activate and detect using random input patterns. Test approaches basedon functional testing and side-channel fingerprinting have been widely proposed to detect hardware trojans at the post-silicon stage. [1] In thosemethods, functionality or side-channel information for the IC under authentication (IUA) is compared with a “golden IC” that represents the expected behavior of a trojan-free chip. The main challenge to these methods is that the “golden IC” can only be identified from full-blown reverse engineering. Reverse engineering has gained attention in recent years and is experiencing communitywide acceptance as an effective approach to hardware trojan detection. Assuming a golden layout of the chip is available, machine learning approaches have been used to compare SEM images of IC internal layers/components with the as- designed chip layout for detecting hardware trojans. [5-6] Similarly, hardware trojans can also be detected in PCBs using x-ray. 2) Localizing IP blocks and sensitivewires: Layout infor- mation extracted through reverse engineering can expose the location of security-critical modules, memory blocks, or sensitivewires of the chip. An adversary can learn about the securitymeasures or cryptographic key implemented in the chip and perform a more accurate and less time- consuming attack. Various passive and active countermeasures against reverse engineering have been proposed. Existing coun- termeasures against reverse engineering aim to greatly increase the required execution time, expertise, and cost of reverse engineering. Passive countermeasures like protecting servicemanuals anddocumentation, hardware watermarking, splitmanufacturing, chip editor, and hard- ware metering have been proposed as possible solutions toprevent a foundry fromcloning devices. [7-8] Obfuscation, camouflaging, and tamper protection layers are well- known countermeasures against reverse engineering. Obfuscation is a powerful tool to hide design secrets from a potential adversary. The objective of obfusca- tion is to obscure a design through modification while allowing the system or design to maintain the original functionality. Obfuscation can be grouped into two cat- egories, system-level and circuit-level techniques. Two system-level obfuscation options include locking the chip functionality by inserting additional logic elements or using finite state machines. All techniques require a certain input sequence to unlock the circuit functionality. Circuit-level obfuscation includes cell camouflage, dummy contacts, and insertion of filler cells to protect the chip layout from reverse engineering attacks. Tamper-proof fitting enclosures that include components such as Torx custom screws and adhesive bonding are widely used for protection against physical attack on PCBs. Deposition of high-Z material like tantalum and tungsten on PCBs can prevent nondestructive reverse engineering by introduc- ing inevitable imaging artifacts during x-ray tomography. The IEEE Standard 1149.1 Joint Test Action Group and Fig. 2 Steps and relevant methods used in the IC reverse engineering process.