DANA Universal Dataflow Analysis for Gate-Level Netlist Reverse Engineering

网络列表 数据流 逆向工程 专用集成电路 计算机科学 嵌入式系统 计算机硬件 设计流量 现场可编程门阵列 地点和路线 计算机体系结构 并行计算 操作系统
作者
Nils Albartus,Max Hoffmann,Sebastian Temme,Leonid Azriel,Christof Paar
出处
期刊:IACR transactions on cryptographic hardware and embedded systems 卷期号:: 309-336 被引量:11
标识
DOI:10.46586/tches.v2020.i4.309-336
摘要

Reverse engineering of integrated circuits, i.e., understanding the internals of Integrated Circuits (ICs), is required for many benign and malicious applications. Examples of the former are detection of patent infringements, hardware Trojans or Intellectual Property (IP)-theft, as well as interface recovery and defect analysis, while malicious applications include IP-theft and finding insertion points for hardware Trojans. However, regardless of the application, the reverse engineer initially starts with a large unstructured netlist, forming an incomprehensible sea of gates.This work presents DANA, a generic, technology-agnostic, and fully automated dataflow analysis methodology for flattened gate-level netlists. By analyzing the flow of data between individual Flip Flops (FFs), DANA recovers high-level registers. The key idea behind DANA is to combine independent metrics based on structural and control information with a powerful automated architecture. Notably, DANA works without any thresholds, scenario-dependent parameters, or other “magic” values that the user must choose. We evaluate DANA on nine modern hardware designs, ranging from cryptographic co-processors, over CPUs, to the OpenTitan, a stateof- the-art System-on-Chip (SoC), which is maintained by the lowRISC initiative with supporting industry partners like Google and Western Digital. Our results demonstrate almost perfect recovery of registers for all case studies, regardless whether they were synthesized as FPGA or ASIC netlists. Furthermore, we explore two applications for dataflow analysis: we show that the raw output of DANA often already allows to identify crucial components and high-level architecture features and also demonstrate its applicability for detecting simple hardware Trojans.Hence, DANA can be applied universally as the first step when investigating unknown netlists and provides major guidance for human analysts by structuring and condensing the otherwise incomprehensible sea of gates. Our implementation of DANA and all synthesized netlists are available as open source on GitHub.

科研通智能强力驱动
Strongly Powered by AbleSci AI
科研通是完全免费的文献互助平台,具备全网最快的应助速度,最高的求助完成率。 对每一个文献求助,科研通都将尽心尽力,给求助人一个满意的交代。
实时播报
1秒前
yoyo完成签到 ,获得积分10
2秒前
生动梦松发布了新的文献求助400
3秒前
bkagyin应助优秀世界采纳,获得10
3秒前
4秒前
侯康发布了新的文献求助10
5秒前
华仔应助Aisaka采纳,获得10
5秒前
Young发布了新的文献求助30
6秒前
7秒前
远方发布了新的文献求助10
8秒前
文龙之子发布了新的文献求助10
8秒前
huxiaomin完成签到,获得积分10
8秒前
9秒前
科研通AI6.3应助qianlailai采纳,获得10
10秒前
10秒前
月月发布了新的文献求助10
10秒前
11秒前
开放剑鬼完成签到,获得积分10
12秒前
科研通AI6.3应助Millie采纳,获得10
13秒前
乙肝结核梅毒艾滋完成签到,获得积分10
13秒前
13秒前
100发布了新的文献求助10
13秒前
Akim应助派大星采纳,获得10
14秒前
14秒前
充电宝应助lajdb采纳,获得10
16秒前
ggy发布了新的文献求助10
16秒前
17秒前
英俊的铭应助堀川采纳,获得10
19秒前
MX120251336发布了新的文献求助10
20秒前
huiluowork发布了新的文献求助10
20秒前
Ziyi发布了新的文献求助10
21秒前
21秒前
丘比特应助沉默的晓曼采纳,获得10
22秒前
大个应助科研通管家采纳,获得10
22秒前
无花果应助科研通管家采纳,获得10
22秒前
Copyright应助科研通管家采纳,获得10
22秒前
Akim应助科研通管家采纳,获得10
22秒前
我是老大应助科研通管家采纳,获得10
22秒前
在水一方应助科研通管家采纳,获得10
22秒前
科目三应助科研通管家采纳,获得10
22秒前
高分求助中
Principles of Economics, 11th Edition 10000
Prescott's Microbiology: 2026 Release ISE 10000
University Physics with Modern Physics, 16th edition 10000
Cronologia da história de Macau 5000
Environmental Leverage in Times of Climate Crisis: Product Standards, Carbon Border Measures and Preferential Trade Agreements 1000
Interactions of Vowel Quality and Prosody in East Slavic 1000
Matrix Methods in Data Mining and Pattern Recognition 510
热门求助领域 (近24小时)
化学 材料科学 医学 生物 纳米技术 工程类 有机化学 化学工程 生物化学 计算机科学 内科学 物理 复合材料 催化作用 细胞生物学 无机化学 光电子学 物理化学 电极 基因
热门帖子
关注 科研通微信公众号,转发送积分 7158082
求助须知:如何正确求助?哪些是违规求助? 8802220
关于积分的说明 18601311
捐赠科研通 6760146
什么是DOI,文献DOI怎么找? 3162234
关于科研通互助平台的介绍 2297577
邀请新用户注册赠送积分活动 2136854