Copy Detection for Intellectual Property Protection of VLSI Design Andrew B. Kahng, Darko Kirovski,...

Copy Detection forIntellectual Property Protection

of VLSI Design

Andrew B. Kahng, Darko Kirovski, Stefanus Mantik,

Miodrag Potkonjak and Jennifer L. Wong

UCLA Computer Science Dept., Los Angeles, CA

ICCAD 1999Supported in part by a grant from Cadence Design Systems, Inc.

by the MARCO Gigascale Silicon Research Center,

and by a grant from the NSF.

Motivation

• More functionality integrated on a single chip• Shorter design cycle times

design reuse methodology• Intellectual Property Protection (IPP)

– prevention of unauthorized use– detection of unauthorized use

• Copy detection techniques– watermarking, fingerprinting, etc.– applicable after an illegal copy is found

how to find the illegal copy in the first place?

General Copy Detection Problem

• Given:– a library of n registered pieces of IP– a new unregistered piece of IP

• Determine:– is any significant portion of any registered IP present in

the unregistered IP?

Previous Work

• String matching [BoyerM’77, KnuthMP’77, KarpR’81]

• Text copy detection [BrinDG’95, ShivakumarG’96, and Manber’94]

• Copy detection in biotechnology [Benson’98] and image processing [ForsythF’97]

• Speed-up database query with “Iceberg Queries” [FangSGMU’98]

• LVS [OhlrichEGS’93, ChiangNL’89, NiewczasMS’98]

Outline

• Motivations• General Copy Detection Methodology• Specific Copy Detection Techniques

– Scheduling in High-Level Synthesis– Gate-Level Netlist

• Experimental Confirmations• Conclusions

Generic Copy Detection Methodology

• Identify a common structural representation of solutions (IPs) and what constitutes an element of the solution structure– program: execution orders, instruction sets– circuit: netlist hypergraphs, vertices, hyperedges


• Identify a common structural representation of solutions (IPs) and what constitutes an element of the solution structure

• Understand the model of adversary– what may the adversary do to the IP?– must know what can be stolen, and possible forms of

theft, before knowing what protection is needed



• Understand the model of adversary• Identify a means of calculating locally context

dependent signatures for such elements– allows detection of partial IPs




dependent signatures for such elements• Identify rare and/or distinguishing elements of a

registered IP– rare instructions, “strange” cells, etc. [FangSGMU’98]




dependent signatures for such elements• Identify rare and/or distinguishing elements of a

registered IP• Apply “good” comparison methods to identify

suspicious unregistered IPs– linear complexity, DIFF, etc.

Outline




Scheduling in High-Level Synthesis

• IP: high-level procedures linked arbitrarily

• Assumptions for the adversary:– extracts procedures from the IP, and embeds the

extracted code into his/her design– relinks the extracted procedures in an arbitrary fashion,

without significant modification of the actual specification within each of the procedures

– may inline a procedure in the newly created specification or conduct local perturbations

Copy Detection for HLS Scheduling

• Given:– a set P of registered procedures– a suspected instruction sequence S

• Find:– the subset P0 P consisting of all instruction sequences

Pi P that occur in S

Copy Detection (Pre-Processing)

• Select a set B of rare instructions (0 < pbj < ),pbjoccurrence probability for bj , bj B

• Identify locations of all bj in B in all Pi P– use dynamic execution order



• Identify locations of all bj in B in all Pi P

• Pseudo-randomly select K-tuples of instructions from B with max distance in the sequence order between any two instructions is smaller than – each K-tuple is a pattern– use inexact distance

(within a neighborhood of cardinality N )

...mov AX, BXaddl AX, #BF04subl BX, ESjnz AXxor ES, ESaddl ES, BX...

203020342038203CC304C308




• Pseudo-randomly select K-tuples of instructions from B with max distance in the sequence between any two instructions is smaller than

• Create Constrained PoolPatterns – pati has probability ppati of occurrence in specific location

in S

– find minimal set of patterns such that each Pi P contains at least one pattern

K

jij

Nbji patbpppat

1

12 ),)1(1(




• Pseudo-randomly select K-tuples of instructions from B with max distance in the sequence between any two instructions is smaller than

• Create Constrained PoolPatterns• Identify a rare instruction set C such that each

pattern in Constrained PoolPatterns contains at least one instruction in C, and the sum of occurrence probabilities of cj C is minimum

Copy Detection Steps

• For each instruction cj C found in S

• Match all patterns from constrained PoolPatterns that contain cj to S (use linear search)

...mov AX, BXaddl AX, #BF04xor AX, #FFFFsubl BX, ESjnz AXxor ES, ESmov SI, DXaddl ES, BX...

1F2C1F301F34CF38CF3CCF40

1F281F24

3

3+1...mov AX, BXaddl AX, #BF04subl BX, ESjnz AXxor ES, ESaddl ES, BX...

203020342038203CC304C308

Registered IP

Suspected IP

Gate-Level Netlists

• IP: design netlists

• Assumption for the adversary:– extracts sub-netlists from the IP, and embeds the

extracted sub-netlists into larger netlist– performs local perturbations (buffer insertions and/or

deletions, gate decompositions, etc.)

Signature of a Gate

• |Ni,1| = cardinality of the set of distinct nets incident to gate ci

• |Ci,1| = cardinality of the set of distinct cells on the nets in {Ni,1}

• |Ni,2| = cardinality of the set of distinct nets incident to the cells in {Ci,1}

• etc.

ciNi,1

Ci,1

Ni,2

Signature of a Gate

• Signature sequence of |Ni,1|, |Ci,1|, |Ni,2|, ...• 6 values: first k elements of sequence, k = 6• 3 variants: restrict by pin direction ( in, out, in-out )• 3 variants: vary underlying netlist (deleting

hyperedges with degree greater than some threshold d ( d = 4, 7, 10 )

• 6 x 3 x 3 = 54 numbers

( x1, x2, x3, x4, x5, x6, x7, x8, x9, …, x54 )

inout

in-out

d1 d2 d3

k=1

Gate Signature: Example

ci

I O B I O Bd=3

1 1 013 1

3 1 4

2 1 04 2 1

4 2 5

... ... ... ... ... ...

d=6

k=1

k=2

k=3

( 1, 1, 0, 2, 1, 0, #, #, #, 3, 1, 1, 4, 2, 1, #, #, #, 3, 1, 4, 4, 2, 5, #, #, #, … )

Copy Detection Steps

Pre-Processing• Compute signatures of registered netlists• Sort signatures of registered netlists

Copy Detection Process• Compute signatures of the suspected netlist• Sort signatures of the suspected netlist• Perform linear-time matching by walking through

sorted lists• Matching credit = 2(x -1) / 9 (x = position of match)• Calculate % matching

Outline




• Standard multimedia benchmark applications• PFA probability of false alarm

• Average pre-processing: 46 hours

Experiments for HLS Scheduling

Application Suspected IP P FA CPU time

Code Size Procedures DetectionJPEG encoding 391 24 3.3E-07 1.8sJPEG decoding 379 24 1.8E-08 1.2sPGP encryption 443 36 2.1E-09 3.2sMPEG decoding 114 17 5.2E-11 2.9sG.721 encoding 26 4 9.1E-05 0.04sGSM encoding 98 8 8.1E-07 0.7s

patterns all ,patterns all

)1(i ijj

jiFA ppatppatP

Experiments for Gate-Level Netlists

A B C D E FA 100% 7.99% 2.90% 4.19% 2.84% 2.84%B 2.89% 100% 1.27% 2.12% 1.26% 1.26%C 0.77% 0.76% 100% 1.20% 0.72% 0.73%D 2.69% 2.79% 0.42% 100% 0.33% 0.33%E 0.25% 0.36% 0.25% 0.24% 100% 30.3%F 0.16% 0.27% 0.16% 0.15% 28.7% 100%

Weighted Matching Between Full Designs

• 6 design testcases (from 3k to 118k cells)• Matching between full designs

• Possible copy has high percentage for matching

• Test cases E & F from the same company

Experiments for Gate-Level Netlists

• Matching of partial designs against full designs• A’ A, B’ B, C’ C, etc.

• CPU for 118k: 13 hours (setup) 0.21 sec (detect)

A B C D E FA' 32.6% 8.24% 6.41% 7.21% 6.28% 6.28%B' 5.95% 14.6% 4.80% 6.46% 4.59% 4.59%C' 4.03% 4.03% 19.3% 4.40% 3.98% 3.98%D' 11.2% 12.7% 10.8% 23.6% 10.6% 10.6%E' 6.46% 6.50% 6.43% 6.41% 13.6% 10.1%F' 5.49% 5.63% 5.45% 5.44% 7.13% 15.8%

Full Designs

Pa

rtia

l De

sig

ns

Outline




Conclusions

• Generic copy detection methodology for VLSI CAD• Specific copy detection techniques


• Sensitive detection for partial copy of IP• Current research:

– complementary interaction with watermarking– stronger techniques immune to topological change– automated techniques for tracing ancestors

• Thank You !



• Identify locations of all bj in B in all Pi P– use dynamic execution order

...mov AX, BXaddl AX, #BF04subl BX, ESjnz AXxor ES, ESaddl ES, BX...

203020342038203CC304C308

...mov AX, BXaddl AX, #BF04subl BX, ESjnz AXaddl BX, CX...xor ES, ESaddl ES, BX...

Actualorder

Dynamic execution order

Date post:	21-Dec-2015
Category:	Documents
View:	220 times
Download:	0 times

Copy Detection for Intellectual Property Protection of VLSI Design Andrew B. Kahng, Darko Kirovski,...

Documents