Open Source Hardware Design and Hardware Reverse Engineering: a Security Analysis

EasyChair Preprint 8604

Abstract

Major industry-led initiatives such as RISC-V and OpenTitan strive for verified, customizable and standardized products, based on a combination of Open Source Hardware (OSHW) and custom intellectual property (IP), to be used in safety and security-critical systems. The protection of these products against reverse-engineering-based threats such as IP Theft and IP Piracy, hardware Trojan (HT) insertion, and physical attacks is of equal importance as for closed source designs. OSHW generates novel threats to the security of a design and the protection of IP. This paper discusses to what extent OSHW reduces the difficulty of attacking a product. An analysis of the reverse engineering process shows that OSHW lowers the effort to retrieve broad knowledge about a product and decreases the success of related countermeasures. In a case study on a RISC-V core and an AES design, the red team uses knowledge about OSHW to circumvent logic locking protection and successfully identify the functionality and the used locking key. The paper concludes with an outlook on the secure protection of OSHW.

Keyphrases: Hardware Security, IC trust, IP obfuscation, IP protection, open source hardware, reverse engineering

@booklet{EasyChair:8604,
  author    = {Johanna Baehr and Alexander Hepp and Michaela Brunner and Maja Malenko and Georg Sigl},
  title     = {Open Source Hardware Design and Hardware Reverse Engineering: a Security Analysis},
  howpublished = {EasyChair Preprint 8604},
  year      = {EasyChair, 2022}}