Paper 2021/780

Netlist Decompilation Workflow for Recovered Design Verification, Validation, and Assurance

Katie Liszewski, Tim McDonley, Josh Delozier, Andrew Elliott, Dylan Jones, Matt Sutter, and Adam Kimura


Over the last few decades, the cost and difficulty of producing integrated circuits at ever shrinking node sizes has vastly increased, resulting in the manufacturing sector moving overseas. Using offshore foundries for chip fabrication, however, introduces new vulnerabilities into the design flow since there is little to no observability into the manufacturing process. At the same time, both design and optimization are becoming increasingly complex, particularly as SoC designs gain popularity. Common practices such as porting a design across node sizes and reusing cores at multiple area/performance tradeoffs further complicate assurance as layout specific features impede comparison. Methods have been developed for conducting integrated circuit decomposition on fabricated chips [1][2][16] to extract the as-fabricated design files such as the GDSII layout or gate-level netlist. While mature netlist equivalency checking tools are included with any design flow, there is a lack of tools for performing deeper analyses on the extracted designs for the purposes of hardware assurance or design recovery from obsolete parts. To this end, there is a need for a tool to extract functionality from netlists at a higher abstraction level to reconstruct behavioral Register Transfer Level (RTL) code.

Available format(s)
Publication info
Preprint. MINOR revision.
Contact author(s)
liszewski @ battelle org
2021-06-10: received
Short URL
Creative Commons Attribution


      author = {Katie Liszewski and Tim McDonley and Josh Delozier and Andrew Elliott and Dylan Jones and Matt Sutter and Adam Kimura},
      title = {Netlist Decompilation Workflow for Recovered Design Verification, Validation, and Assurance},
      howpublished = {Cryptology ePrint Archive, Paper 2021/780},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.