When creating an electronic circuit, manufacturing steps are usually performed by third-party actors. In order to build confidence that the circuit built is not tempered with and is not used by third-parties, a variety of methods have been devised. A common approach, logic locking, is to introduce additional logic that requires the correct key to function as designed.
This mangling makes it more difficult to reverse-engineer the circuit, to add trojans, or simply to reuse without the correct key.
This repository provides a Yosys plugin to add logic locking functionality to a circuit and perform security analysis.
Slides and Video from Free Silicon Conference 2023
The most common technique for logic locking is to insert XOR/NXOR gates on some wires of the design, such that an extra input with the correct value is required for them to act as a (buffered) wire again. This value is 1 for NXOR and 0 for XOR. The key needs to be supplied as an input to unlock the circuit. This is the method used by the plugin.
Any gate that keeps the previous functionality could be inserted. For example, we can mix signals using multiplexers. A MUX is inserted on a wire with an irrelevant signal connected to the other input of the MUX. In this case, the key value selects between the correct signal and the irrelevant one. Another possibility is to replace gates with lookup-tables, which will have to be programmed correctly.
Several attacks have been designed against logic locking. This plugin provides countermeasures against common attacks based on Sat solvers.
Key handling (getting the key onto the chip) is highly application-specific and is left to the user.
The plugin defines a new logic_locking
command. To run Yosys with the plugin:
yosys -m moosic
And in Yosys:
# First synthetize and flatten our design; hierarchical designs are not supported
synth; flatten
# Look at the command documentation
help logic_locking
# Add logic locking with a 16b key, with hexadecimal key 048c
logic_locking -nb-locked 16 -key 048c
# Add logic locking up to 5% of the module size, maximizing output corruption, with an auto-generated key
logic_locking -nb-locked 5% -target corruption
# Check if the key can be recovered by a Sat attack after locking
ll_sat_attack -key 048c
A new port is created on the selected module, named moosic_key
by default.
The module will work as designed only when the correct key is provided as an input.
To install this plugin
make
sudo make install
Moosic allows you to explore the tradeoffs between performance and security. This will suggest many possible solutions with different tradeoffs (a Pareto front). It is up to you to pick one that works best for your usecase.
# Run design space exploration on area, delay and corruption
# Export solution identifiers and results to explore.csv
ll_explore -area -delay -corruption -output explore.csv
# Show the gates that will be locked by a solution
ll_show -locking 38b0e
# Compute more information (area, delay, security, ...) on a solution
ll_analyze -locking 38b0e
# Apply a locking solution returned by design space exploration
# Modify the design, adding a key input port and key gates
ll_apply -locking 38b0e -key 048
You can ask any question you have on the Matrix channel. Don't hesitate to file an issue if you find a bug.