Viterbi Faculty of Electrical Engineering, Technion
IC Reverse Engineering with Scan Side Channel
We investigate the Scan Side Channel, where the Scan Design for Test (DFT) technique intended for efficient production test can be exploited for malicious purposes. Previous research points to the risk of exposing internal secrets by observing the registers on the scan chain, usually relying on dynamic switching between functional and scan modes. Our research reveals a different type of vulnerability – possibility of reverse engineering of an entire Integrate Circuit (IC) via the scan side channel. This finding essentially refutes the commonly accepted view of the reverse engineering of hardware as an invasive operation. Access to scan turns the reverse engineering task to the task of learning a combinational Boolean function. We developed a set of heuristic-based algorithms that allow for efficient learning of combinational functions implemented in an IC. Next, I will present how these methods can be applied to constructive task, in particular to the detection of hardware IP theft. Finally, I will present the results of partial reverse engineering of an industry microcontroller. * PhD seminar under supervision of Prof. Ran Ginosar and Prof. Avi Mendelson.
Date: Sun 15 Sep 2019
Start Time: 10:30
End Time: 11:30
815 | Electrical Eng. Building