High-Level Synthesis based Methodologies for Hardware Security, Trust and IP Protection
High-Level Synthesis based Methodologies for Hardware Security, Trust and IP Protection presents state-of-the art high-level synthesis methodologies for hardware security and trust, including IP protection through synthesis-based watermarking and structural obfuscation.
All modern electronic gadgets have complex system-on-chips (SoCs) that rely heavily on data intensive application specific processors, for digital signal processing (DSP), machine learning, and image processing applications. These data-intensive cores, in the form of intellectual property (IP), form an integral part of various modern equipment and consumer applications, such as smart phones, smart watches, and tablets.
High level synthesis (HLS) frameworks play a pivotal role in designing these application specific processors. However, the design of such processors can be exposed to several trust issues and hardware security threats, such as IP piracy, fraud IP ownership, and reverse engineering.
Written by an expert author, this book is a source of information for readers on HLS solutions for hardware security. It covers topics such as HLS-based watermarking using retinal biometrics, HLS-based structural obfuscation, and detective countermeasure against HLS-based hardware Trojan attacks.
This book is a useful resource for researchers, graduate students, and practising engineers working in electronics and chip design.
- Book DOI: 10.1049/PBCS084E
- Chapter DOI: 10.1049/PBCS084E
- ISBN: 9781837241170
- e-ISBN: 9781837241187
- Page count: 327
- Format: PDF
-
Front Matter
- + Show details - Hide details
-
p.
(1)
-
1 Introduction to hardware security and trust and high-level synthesis
- + Show details - Hide details
-
p.
1
–24
(24)
The chapter provides the readers with a formal introduction to achieving hardware security and trust through high-level synthesis (HLS) followed by its motivation and comprehensive exploration of different hardware attack scenarios and countermeasures. An adversary (situated in different design phases) may potentially leverage various attack scenarios to compromise the confidentiality, integrity, and reliability of electronic systems comprising reusable hardware designs. Addressing these threats necessitates a comprehensive understanding of hardware security and a proactive approach to fortify systems against potential threats. This chapter aims to contribute to the development of secure and trustworthy computing systems by providing a basic foundation for security aware HLS-based hardware design methodology, different attack scenarios, and effective countermeasures. This chapter therefore bridges the gap between the existing hardware security challenges and its advanced countermeasure strategies.
The rest of the chapter is structured as follows: Section 1.1 provides the introduction of the chapter including motivation for hardware security and trust; Section 1.2 discusses different attack scenarios; Section 1.3 provides different security countermeasures; Section 1.4 discusses the utility of the HLS framework for integrating security countermeasures; Section 1.5 presents a brief summary of the book; Section 1.6 concludes the chapter by summarizing its significance and implications.
-
2 High-level synthesis-based watermarking using protein molecular biometric with facial biometric encryption
- + Show details - Hide details
-
p.
25
–45
(21)
This chapter discusses a watermarking-based hardware security methodology using an encrypted protein molecular biometric signature to secure hardware intellectual property (IP) cores against counterfeiting, IP piracy, and false assertion of IP ownership. In this method, the protein molecular biometric signature (watermark) is generated from the IP seller's protein sample using protein sequencing, followed by robust encryption using facial biometric signature-based encryption key. Subsequently, the obtained watermark (encrypted protein signature) is transformed into covert security constraints using the IP seller's mapping/embedding rule, which are then embedded into the design as an IP seller's digital evidence. Integration of the IP seller's authentic watermark provides a detective countermeasure against IP piracy and nullification of false assertion of IP ownership. The encrypted protein molecular watermarking methodology provides stronger digital evidence against piracy and greater resilience against tampering.
-
3 High-level synthesis-based watermarking using retinal biometrics
- + Show details - Hide details
-
p.
47
–85
(39)
The chapter describes a high-level synthesis (HLS) driven methodology for designing secure hardware intellectual property (IP) cores using retinal biometrics (Chaurasia and Sengupta, 2023a, 2023b). In this methodology, firstly, the retinal biometrics of the original IP vendor is captured, which is subsequently exploited for extracting unique retinal features and generating the retinal digital template. The generated retinal template (binarized) is then encoded into its corresponding hardware security constraints using IP vendor-specified encoding algorithm. Next, these generated secret constraints are covertly embedded into the design during the register allocation phase of the HLS framework. The embedding process results in the retinal signature implanted hardware IP core design at the register transfer level (RTL). These embedded, retinal biometric-driven encoded security constraints serve as digital evidence, fortifying the IP core design against piracy by providing a detective countermeasure. Thus, HLS-driven hardware security methodology based on retinal biometrics enables robust and seamless detective control against pirated versions of the IP design, thereby enabling integration of authentic designs into the end system (through isolation of pirated/fake versions, not containing authentic IP vendor security mark).
The rest of the chapter has been organized as follows: Section 3.1 provides the introduction of the chapter; Section 3.2 outlines the benefits to both consumer and consumer electronics (CE) system designer; Section 3.3 encapsulates the key highlights of the chapter; Section 3.4 discusses prior similar works on biometrics and non-biometrics based hardware security; Section 3.5 delves into the realm of retinal biometrics-based hardware security and trust; Section 3.6 elucidates the process of embedding security constraints, demonstrated through a case study; Section 3.7 shows detection of pirated IPs using retinal biometric; Section 3.8 explores the security properties of retinal biometrics, emphasizing robust hardware security; Section 3.9 provides a detailed analysis and discussion; and Section 3.10 concludes the chapter by summarizing the chapter's findings and implications.
-
4 HLS-based mathematical watermarks for hardware security and trust
- + Show details - Hide details
-
p.
87
–107
(21)
Ensuring security and trust within the global hardware design supply chain process is paramount. Intellectual property (IP) piracy and false IP ownership assertion are two primary threats that exist within the global design supply chain process. This chapter discusses a high-level synthesis (HLS)-based mathematical watermarking approach that exploits the characteristics of the design parameters and design space, viz. dispersion matrix and eigen decomposition framework, respectively. In this chapter, the IP seller is considered the defender and the system-on-chip (SoC) integration house is the attacker. The discussed mathematical watermarking methodology demonstrates a security framework that leverages the characteristics of the design space parameters chosen by the IP seller, as well as the design space's size in terms of resource configurations selected by the IP seller, to embed them as unique features for safeguarding the IP design. The discussed approach also employs AES encryption to generate encrypted watermarking constraints, which are further integrated/embedded into the hardware design (serving as digital evidence) and provide detective security countermeasures against potential intellectual property piracy and false IP ownership claim.
-
5 High-level synthesis-based watermarking using multimodal biometric
- + Show details - Hide details
-
p.
109
–135
(27)
This chapter discusses hardware security methodologies for securing the transient fault-secured hardware intellectual property (IP) designs using unified multimodal biometric and an encoded dictionary. The explained framework leverages a high-level synthesis (HLS) process to create transient fault-secured hardware IPs. Further, it integrates encoded unified biometric-based hardware security constraints into the hardware design to protect the designs from IP piracy and false IP ownership claim. This ensures the creation of watermarked fault-secured hardware designs, thereby enhancing IP seller's and end consumer's safety by mitigating the risk of using pirated/unreliable designs. The discussed watermarking methodologies provide stronger digital evidence for piracy detection and greater resilience against tampering attack.
-
6 High-level synthesis-based watermarking using crypto-chain signature framework
- + Show details - Hide details
-
p.
137
–166
(30)
Designing reusable hardware intellectual property (IP) core (such as JPEG-CODEC) for multimedia/electronic systems involves managing competing design goals like latency and area during high-level synthesis (HLS). Additionally, it requires addressing the critical aspect of hardware security to prevent IP piracy and false IP ownership claim. This chapter discusses the generation of low-cost, secure IP design using the firefly algorithm (FA) based space exploration or design space exploration (DSE) and crypto-based watermarking (security) framework. The discussed crypto (key-driven) watermarking approach leads to the generation of watermarking constraints, which are further implanted into the hardware design through an HLS-based embedding process. This discussed low-cost security methodology facilitates IP piracy detection and resolution of false IP ownership assertion.
-
7 HLS-based fingerprinting
- + Show details - Hide details
-
p.
167
–186
(20)
The utilization of hardware intellectual property (IP) cores within system-on-chip computing architectures offers a distinct advantage by enhancing design productivity while reducing the overall design cycle time. However, it is necessary to secure these IP designs against potential threats from the perspective of both, the seller and the buyer within the global design supply chain process. This chapter discusses an IP fingerprinting and symmetrical IP protection mechanism for securing IP buyer's and IP seller's rights. This chapter demonstrates the embedding of both a buyer's fingerprint and a seller's watermark simultaneously using the high-level synthesis (HLS) process. By integrating the buyer's fingerprint and seller's watermark into the IP design, robust protection against IP piracy/unauthorized usage and false IP ownership claim is ensured.
-
8 Hardware obfuscation-high level synthesis-based structural obfuscation for hardware security and trust
- + Show details - Hide details
-
p.
187
–227
(41)
The chapter describes a high-level synthesis (HLS)-driven methodology for generating secure hardware intellectual property (IP) core design with fault detectability feature using multi-cut-based structural obfuscation and physical biometric (Chaurasia and Sengupta, 2023a). In this methodology, firstly, the IP design is leveraged with transient fault detectability feature and is transformed/obscured using multi-cut-based structural obfuscation. This transformation serves as the first layer of security, ensuring the protection of the design against potential reverse engineering attempts by an adversary. Subsequently, the design is covertly embedded with physical biometric of IP vendor. The embedded naturally unique biometric information of genuine IP vendor serves as the second layer of security, ensuring the protection of the design against IP piracy. Thus, HLS-driven hardware security methodology can concurrently offer security of "fault-detectable IP designs" against the following hardware threats: (a) potential reverse engineering threat by an adversary from the SoC layout stage in an untrustworthy foundry and (b) IP piracy by an adversary that may present in the SoC integration house.
The rest of the chapter is structured as follows: Section 8.1 provides the introduction of the chapter; Section 8.2 delves into the various threat model scenario; Section 8.3 provides background on transient fault; Section 8.4 explores the multi-cut-based structural obfuscation technique and physical biometrics for enhanced hardware IP security; Section 8.5 presents a case study on IIR filter application framework; Section 8.6 presents security features of the methodology; Section 8.7 analyzes the security of IP design achieved through multi-cut based structural obfuscation and physical biometrics; Section 8.8 concludes the chapter by summarizing its findings and implications.
-
9 Hardware obfuscation-algorithmic transformation-based obfuscation for secure floorplan-driven high-level synthesis
- + Show details - Hide details
-
p.
229
–262
(34)
The chapter describes an integrated methodology that leverages algorithmic transformation-based obfuscation with crypto-watermarking for generating HLS-driven secure floorplan for loop-based IP designs (Sengupta and Kachave, 2017; Sengupta and Rathor, 2020; Sengupta et al., 2017). The significance is that most of the modern electronics systems are integrated with complex loop-based applications to perform important functions such as filtering, convolution, image processing, etc. Loop-based applications can deliver efficient performance if designed using dedicated hardware intellectual property (IP) cores using high-level synthesis (HLS). However, globalization in the design supply chain introduces security vulnerabilities during IP design that need robust countermeasures. More explicitly, the chapter presents a discussion on the following: (a) methodology for generating HLS-driven secure floorplan for loop unrolled hardware IPs; (b) integration of algorithmic transformation-based obfuscation with crypto-watermarking during HLS to provide sturdy detective countermeasure against IP piracy and false IP ownership claim, while simultaneously reducing latency; (c) security-aware physical design-based HLS that is capable to convert a loop-based high-level code (representing a computation-intensive application) into its respective early secure floorplan that considers watermark embedding information of the datapath modules.
The rest of the chapter has been organized as follows: Section 9.1 provides the introduction of the chapter; Section 9.2 discusses prior similar methodologies; Section 9.3 provides details on methodology for algorithmic transformation-based obfuscation for secure floorplan-driven HLS; Section 9.4 provides a detailed analysis and discussion; and Section 9.5 concludes the chapter by summarizing the chapter's findings and implications.
-
10 Fundamentals on HLS-based hardware Trojan
- + Show details - Hide details
-
p.
263
–277
(15)
The chapter describes the fundamentals of high-level synthesis (HLS)-based hardware Trojan and its various types. This chapter provides an overview of hardware Trojan and discusses the motivation for an adversary to perform an HLS-based hardware Trojan attack. Further, it highlights the potential sites for hardware Trojan insertion in the semiconductor design supply chain. It discusses in detail the three different types of HLS-based hardware Trojan attacks followed by hardware Trojan in 3PIP modules.
The organization of the chapter is as follows: Section 10.1 discusses a brief overview of hardware Trojan, different ways of the hardware Trojan insertion followed by the Trojan insertion during HLS and its potential effects; Section 10.2 provides an overview of three different types of HLS-based hardware Trojan attacks, viz. battery exhaustion, degradation, and downgrade, and discusses the threat scenario. Section 10.3 presents insights on battery exhaustion attacks with a motivational example. Section 10.4 presents insights on degradation attacks with a motivational example while discussing its impact on security and overhead. Section 10.4 presents insights on downgrade attack and explains with the help of compromising secure hash algorithm; Section 10.5 presents insights on hardware Trojan in 3PIP modules and explains using an example; Section 10.6 concludes the chapter.
-
11 Hardware Trojans - detective countermeasure against HLS-based hardware Trojan attack
- + Show details - Hide details
-
p.
279
–292
(14)
The focus of this chapter is to discuss a lightweight and efficient countermeasure for detecting high-level synthesis (HLS)-based hardware Trojan attacks. This chapter first describes the HLS-based Trojan attack and the contemporary solutions to counter them. Further, a lightweight countermeasure for high-level Trojan detection (LC-HLTD) is discussed in detail along with the case studies on some applications.
The organization of the chapter is as follows: Section 11.1 discusses the trustworthiness of computer-aided-design (CAD) tools; Section 11.2 introduces the black-hat HLS; Section 11.3 discusses contemporary solutions to battery exhaustion attack; Section 11.4 presents the lightweight countermeasure for high-level Trojan detection, i.e., LC-HLTD while discussing salient features of LC-HLTD, threat scenario of LC-HLTD, high-level transformation (HLT) tool for the detective countermeasure, different phases of LC-HLTD approach, and applying LC-HLTD for detecting the battery exhaustion attack (due to pseudo operations insertion); Section 11.5 analyzes some case studies on digital signal processing (DSP) applications; and Section 11.6 concludes the chapter.
-
12 Conclusion
- + Show details - Hide details
-
p.
293
–296
(4)
Research on HLS has been ongoing for the last two decades by the scientific community. However, HLS exploited for security, has become the focus in recent years. It has been an active area of interest for the security community all over the globe, especially in the last few years due to manifold benefits offered by HLS such as lower overhead, flexibility in architecture exploration, and design automation. Security and trust in hardware have become more important than ever before due to the emergence of several points of vulnerabilities and the growing sophistication of cyber-attacks.
Through this book, a reader gained valuable insights on how efficiently the HLS framework can be leveraged to offer several benefits for hardware security. This is particularly important when designing specialized hardware (or IPs/modules) for data-intensive/power-hungry applications such as convolutional layer in CNN, signal filtering through digital filters, image processing through image processing filters, multimedia compression/decompression using JPEG CODECs, as well as other digital signal processing applications, etc. The hardware IPs of such algorithms/applications are typically designed using HLS instead of starting from RTL (or lower levels) due to the complexity involved. Therefore, it is natural, that the security of such hardware IPs should be dealt with by exploiting the HLS framework such that it results in lower overhead, lesser design time, and greater flexibility for the designer. Hardware security of smaller applications with lesser complexity such as traditional combinational/sequential circuit blocks can be handled at the RTL or gate level. However, it's not pragmatic to do so for the aforementioned complex applications.
This book, therefore, provided an important guide for readers to understand how to design secure specialized hardware IPs using HLS. The book covers how HLS flow can be used to address critical security threats (that can potentially affect reusable hardware IPs) such as IP piracy, IP ownership abuse, watermark collision, ghost insertion search attack, tampering attack, forgery attack, reverse engineering, malicious RTL alteration, SCA, etc.
-
Back Matter
- + Show details - Hide details
-
p.
(1)