Hardware-Enabled Design For Security (DFS) Solution
The Integrated Circuit (IC) supply chains of modern companies often involve multiple business entities on a global scale, including offshore manufacturing, system integration and distribution of VLSI chips and systems. While the industry is trying to lower the risks imposed by the global supply chain production model, most existing techniques, such as Physical Uncolonable Function (PUF),
logic obfuscation, and hardware metering often suffer from their unreliability characteristics
for their parametric nature or high implementation cost of the whole security system. Therefore, IC/IP Design for Security (DFS) solutions that are efficient and practical
for the industry are still yet to be discovered.
In this dissertation we study the behavior of PUFs and propose several sources of randomness to construct stability-guaranteed PUFs through Locally Enhanced Defectivity (LED) mechanisms, such as Directed Self Assembly (DSA) and transistor gate oxide breakdown. These PUFs are fabricated and demonstrated to be stable and random, which can be used as reliable sources of hardware root-of-trust for DFS techniques.
To study the security of PUFs and to show the benefits of our proposed stability-guaranteed PUFs, we present a new unified framework for evaluating PUF security through guesswork analysis. This framework enables us to evaluate and quantify the effect of noise, bias and model attacks on security. We also relate guesswork to other security measures such as min-entropy, and mutual information. The model quantitatively measures the security of various PUFs under different scenarios, and by doing so enables us to compare the security level of different sorts of PUFs.
To further utilize the stable PUFs, a secure lightweight entity authentication hardware primitive (SLATE) is proposed and shown to be much smaller than existing strong PUFs and lightweight ciphers. The proposed SLATE is a practical DFS solution for its extremely lightweight implementation and is proven to be secure from both empirical and theoretical perspectives.
Finally, the dissertation proposes an effective attack to reconstruct missing connections in 2.5D split manufacturing, which is a technique used to prevent reverse engineering from malicious foundry. A Satisfiability Modulo Theories (SMT) based grouping algorithm depending purely on the circuit functionality but not physical implementation is proposed to significantly reduce the runtime of Boolean Satisfiability (SAT) solver, which is used to recover configuration keys of the connection network. Defence strategies of our attacks are also studied.