310 likes | 327 Vues
Copy Detection for Intellectual Property Protection of VLSI Design. Andrew B. Kahng, Darko Kirovski, Stefanus Mantik , Miodrag Potkonjak and Jennifer L. Wong UCLA Computer Science Dept., Los Angeles, CA ICCAD 1999 Supported in part by a grant from Cadence Design Systems, Inc.
E N D
Copy Detection forIntellectual Property Protectionof VLSI Design Andrew B. Kahng, Darko Kirovski, Stefanus Mantik, Miodrag Potkonjak and Jennifer L. Wong UCLA Computer Science Dept., Los Angeles, CA ICCAD 1999 Supported in part by a grant from Cadence Design Systems, Inc. by the MARCO Gigascale Silicon Research Center, and by a grant from the NSF.
Motivation • More functionality integrated on a single chip • Shorter design cycle times design reuse methodology • Intellectual Property Protection (IPP) • prevention of unauthorized use • detection of unauthorized use • Copy detection techniques • watermarking, fingerprinting, etc. • applicable after an illegal copy is found how to find the illegal copy in the first place?
General Copy Detection Problem • Given: • a library of n registered pieces of IP • a new unregistered piece of IP • Determine: • is any significant portion of any registered IP present in the unregistered IP?
Previous Work • String matching [BoyerM’77, KnuthMP’77, KarpR’81] • Text copy detection [BrinDG’95, ShivakumarG’96, and Manber’94] • Copy detection in biotechnology [Benson’98] and image processing [ForsythF’97] • Speed-up database query with “Iceberg Queries” [FangSGMU’98] • LVS [OhlrichEGS’93, ChiangNL’89, NiewczasMS’98]
Outline • Motivations • General Copy Detection Methodology • Specific Copy Detection Techniques • Scheduling in High-Level Synthesis • Gate-Level Netlist • Experimental Confirmations • Conclusions
Generic Copy Detection Methodology • Identify a common structural representation of solutions (IPs) and what constitutes an element of the solution structure • program: execution orders, instruction sets • circuit: netlist hypergraphs, vertices, hyperedges
Generic Copy Detection Methodology • Identify a common structural representation of solutions (IPs) and what constitutes an element of the solution structure • Understand the model of adversary • what may the adversary do to the IP? • must know what can be stolen, and possible forms of theft, before knowing what protection is needed
Generic Copy Detection Methodology • Identify a common structural representation of solutions (IPs) and what constitutes an element of the solution structure • Understand the model of adversary • Identify a means of calculating locally context dependent signatures for such elements • allows detection of partial IPs
Generic Copy Detection Methodology • Identify a common structural representation of solutions (IPs) and what constitutes an element of the solution structure • Understand the model of adversary • Identify a means of calculating locally context dependent signatures for such elements • Identify rare and/or distinguishing elements of a registered IP • rare instructions, “strange” cells, etc. [FangSGMU’98]
Generic Copy Detection Methodology • Identify a common structural representation of solutions (IPs) and what constitutes an element of the solution structure • Understand the model of adversary • Identify a means of calculating locally context dependent signatures for such elements • Identify rare and/or distinguishing elements of a registered IP • Apply “good” comparison methods to identify suspicious unregistered IPs • linear complexity, DIFF, etc.
Outline • Motivations • General Copy Detection Methodology • Specific Copy Detection Techniques • Scheduling in High-Level Synthesis • Gate-Level Netlist • Experimental Confirmations • Conclusions
Scheduling in High-Level Synthesis • IP: high-level procedures linked arbitrarily • Assumptions for the adversary: • extracts procedures from the IP, and embeds the extracted code into his/her design • relinks the extracted procedures in an arbitrary fashion, without significant modification of the actual specification within each of the procedures • may inline a procedure in the newly created specification or conduct local perturbations
Copy Detection for HLS Scheduling • Given: • a set P of registered procedures • a suspected instruction sequence S • Find: • the subset P0 P consisting of all instruction sequences Pi P that occur in S
Copy Detection (Pre-Processing) • Select a set B of rare instructions (0 < pbj < e), pbj = occurrence probability for bj , bj B • Identify locations of all bj in B in all Pi P • use dynamic execution order
2030 2034 2038 203C C304 C308 Copy Detection (Pre-Processing) • Select a set B of rare instructions (0 < pbj < e), pbj = occurrence probability for bj , bj B • Identify locations of all bj in B in all Pi P • Pseudo-randomly select K-tuples of instructions from B with max distance in the sequence order between any two instructions is smaller than q • each K-tuple is a pattern • use inexact distance (within a neighborhood of cardinality N ) ... mov AX, BX addl AX, #BF04 subl BX, ES jnz AX xor ES, ES addl ES, BX ...
Copy Detection (Pre-Processing) • Select a set B of rare instructions (0 < pbj < e), pbj = occurrence probability for bj , bj B • Identify locations of all bj in B in all Pi P • Pseudo-randomly select K-tuples of instructions from B with max distance in the sequence between any two instructions is smaller than q • Create Constrained PoolPatterns • pati has probability ppati of occurrence in specific location in S • find minimal set of patterns such that each Pi P contains at least one pattern
Copy Detection (Pre-Processing) • Select a set B of rare instructions (0 < pbj < e), pbj = occurrence probability for bj , bj B • Identify locations of all bj in B in all Pi P • Pseudo-randomly select K-tuples of instructions from B with max distance in the sequence between any two instructions is smaller than q • Create Constrained PoolPatterns • Identify a rare instruction setC such that each pattern in Constrained PoolPatterns contains at least one instruction in C, and the sum of occurrence probabilities of cj C is minimum
1F24 1F28 1F2C 2030 1F30 2034 1F34 2038 CF38 203C CF3C C304 CF40 C308 Copy Detection Steps • For each instruction cj C found in S • Match all patterns from constrained PoolPatterns that contain cj to S (use linear search) Suspected IP ... mov AX, BX addl AX, #BF04 xor AX, #FFFF subl BX, ES jnz AX xor ES, ES mov SI, DX addl ES, BX ... Registered IP ... mov AX, BX addl AX, #BF04 subl BX, ES jnz AX xor ES, ES addl ES, BX ... 3+1 3
Gate-Level Netlists • IP: design netlists • Assumption for the adversary: • extracts sub-netlists from the IP, and embeds the extracted sub-netlists into larger netlist • performs local perturbations (buffer insertions and/or deletions, gate decompositions, etc.)
Ci,1 ci Ni,1 Ni,2 Signature of a Gate • |Ni,1| = cardinality of the set of distinct nets incident to gate ci • |Ci,1| = cardinality of the set of distinct cells on the nets in {Ni,1} • |Ni,2| = cardinality of the set of distinct nets incident to the cells in {Ci,1} • etc.
k=1 d1 d2 d3 in out in-out Signature of a Gate • Signature sequence of |Ni,1|, |Ci,1|, |Ni,2|, ... • 6 values: first k elements of sequence, k = 6 • 3 variants: restrict by pin direction ( in, out, in-out ) • 3 variants: vary underlying netlist (deleting hyperedges with degree greater than some threshold d ( d = 4, 7, 10 ) • 6 x 3 x 3 = 54 numbers ( x1, x2, x3, x4, x5, x6, x7, x8, x9, …, x54 )
... I ... I ... O ... B ... O ... B 2 1 1 0 1 0 4 3 2 1 1 1 ci 4 3 2 5 1 4 Gate Signature: Example d=3 d=6 k=1 k=2 k=3 ( 1, 1, 0, 2, 1, 0, #, #, #, 3, 1, 1, 4, 2, 1, #, #, #, 3, 1, 4, 4, 2, 5, #, #, #, … )
Copy Detection Steps Pre-Processing • Compute signatures of registered netlists • Sort signatures of registered netlists Copy Detection Process • Compute signatures of the suspected netlist • Sort signatures of the suspected netlist • Perform linear-time matching by walking through sorted lists • Matching credit = 2(x -1) / 9 (x = position of match) • Calculate % matching
Outline • Motivations • General Copy Detection Methodology • Specific Copy Detection Techniques • Scheduling in High-Level Synthesis • Gate-Level Netlist • Experimental Confirmations • Conclusions
Experiments for HLS Scheduling • Standard multimedia benchmark applications • PFA probability of false alarm • Average pre-processing: 46 hours
Experiments for Gate-Level Netlists • 6 design testcases (from 3k to 118k cells) • Matching between full designs • Possible copy has high percentage for matching • Test cases E & F from the same company
Experiments for Gate-Level Netlists • Matching of partial designs against full designs • A’ A, B’ B, C’ C, etc. • CPU for 118k: 13 hours (setup) 0.21 sec (detect)
Outline • Motivations • General Copy Detection Methodology • Specific Copy Detection Techniques • Scheduling in High-Level Synthesis • Gate-Level Netlist • Experimental Confirmations • Conclusions
Conclusions • Generic copy detection methodology for VLSI CAD • Specific copy detection techniques • Scheduling in High-Level Synthesis • Gate-Level Netlist • Sensitive detection for partial copy of IP • Current research: • complementary interaction with watermarking • stronger techniques immune to topological change • automated techniques for tracing ancestors • Thank You !
2030 2034 2038 203C C304 C308 Copy Detection (Pre-Processing) • Select a set B of rare instructions (0 < pbj < e), pbj = occurrence probability for bj , bj B • Identify locations of all bj in B in all Pi P • use dynamic execution order Dynamic execution order ... mov AX, BX addl AX, #BF04 subl BX, ES jnz AX addl BX, CX ... xor ES, ES addl ES, BX ... ... mov AX, BX addl AX, #BF04 subl BX, ES jnz AX xor ES, ES addl ES, BX ... Actual order