Paper 2019/656

SeqL: Secure Scan-Locking for IP Protection

Seetal Potluri and Aydin Aysu and Akash Kumar

Abstract

Existing logic-locking attacks are known to successfully decrypt a functionally correct key of a locked combinational circuit. It is possible to extend these attacks to real-world Silicon-based Intellectual Properties (IPs, which are sequential circuits) through the scan-chain by selectively initializing the combinational logic and analyzing the responses. In this paper, we propose SeqL, which achieves functional isolation and locks selective functional-input/scan-output pairs, thus rendering the decrypted key functionally incorrect. We conduct a formal study of the scan locking problem and demonstrate automating our proposed defense on any given IP. We show that SeqL hides functionally correct keys from the attacker, thereby increasing the likelihood of the decrypted key being functionally incorrect. When tested on pipelined combinational benchmarks (ISCAS, MCNC), sequential benchmarks (ITC) and a fully-fledged RISC-V CPU, SeqL gave 100% resilience to a broad range of state-of-the-art attacks including SAT [1], [2], Double-DIP [3], HackTest [4], SMT [5], FALL [6], Removal [7], Shift-and-Leak [8] and Multi-cycle attacks [9].