Semiconductor supply chain is increasingly getting exposed to Reverse Engineering (RE) of Intellectual Property (IP). Camouflaging of gates are typically employed to hide the gate functionality to prevent RE. Adversaries perform RE by developing custom software to determine test patterns and analyze the outputs. In this paper, we show that RE of camouflaged design can be performed by exploiting the test features of commercial/publicly available Automatic Test Pattern Generation (ATPG) tools. We also propose a controllability/observability and Hamming Distance sensitivity based metric to select target gates for camouflaging. Our simulation shows that the proposed techniques can increase the RE effort significantly by camouflaging small fraction of gates.
Introduction
Semiconductor supply chain is increasingly getting exposed to Reverse Engineering (RE) of Intellectual Property (IP). In the existing RE method the adversary delayers the IC, determines the gate functionalities and their connectivity information, and, reconstructs the netlist. Split manufacturing [1] has been proposed to hide the interconnection between gates to discourage meaningful Trojan insertion. Camouflaging of gates have been proposed to hide the logic functionality and make the RE impossible or extremely hard or economically unviable. It has been shown that careful camouflaging with ~10-40% overhead can increase the RE effort significantly [8] . A camouflaged gate that can exhibit multiple functionalities increase the RE effort. A camouflaged gate using dummy contacts [2] can realize 3 functions at the cost of ~5X area and power overhead. Programmable standard cells using control signals have also been proposed [3] . However it requires signal routing for each camouflaged gate. Techniques to deceive the attacker using filler cells [4] and dummy transistors [5] are also proposed. The RE effort can also be increased by selecting appropriate gates in the netlist for camouflaging. It has been demonstrated that hard-to-control and hard-toobserve gates are typically good choices for camouflaging. Another metric is Hamming Distance (HD) sensitivity of the gate which determines the number of primary outputs (POs) that it can corrupt. More HD sensitivity infers higher RE effort since it increases the number of POs the adversary has to validate after each test-pattern application. Although these basic concepts have been presented in [2, 8] an aggregate metric to select gates for camouflaging and its impact on RE effort has not been described.
The conventional RE methodologies [9] rely on developing tools to read the partial netlist, generate/apply carefully derived test patterns (for a target camouflaged gate) on a fresh chip, observe the outputs and match with netlists' response to de-camouflage the target gate. This methodology is expensive and could be used only by adversaries with expertise in test pattern generation algorithms and programming. We show that a lessexpensive RE methodology can be used by non-experts who have access to commercial or publicly available Automatic Test Pattern Generation (ATPG) tools to RE the camouflaged gates. However, exploiting ATPG tools and fault models to generate desired test patterns targeted to RE a gate is non-trivial process. This is true because the functionality of camouflaged gate is unknown which makes reading of the netlist by the tool impossible. Furthermore the netlist-level pattern that is generated to apply a gate-level pattern to a target gate may not propagate the gate output to the PO. To the best of our knowledge this is the first effort on exploiting ATPG tools (Tetramax [10] ) for RE.
In this paper we propose metrics to select gates for camouflaging and compare their impact on RE effort. We also propose an ATPG-aided comprehensive methodology to RE a netlist. For camouflaging we consider the gate proposed in [11] that can exhibit 6 functionalities. However the proposed metrics and RE effort analysis is generic and can be extended to other flavors of camouflaged gates as well. There are two main aspects in the proposed RE process: (a) gate-level test pattern identification; and, (b) netlist-level test pattern generation. In the first part we find the minimum number of gate-level patterns from which the functionality of the camouflaged gate can be identified. This step is largely independent of the netlist and depends on the camouflaged gate or camouflaged function. In the netlistlevel test generation we use Tetramax to generate patterns to ensure that the desired pattern is applied on the camouflaged gate and the effect could be observed at the PO. Test pattern generation is done by exploiting stuck-at fault models at the target camouflaged gate. The camouflaged gate is replaced with a pre-determined known gate to enable compilation of netlist by ATPG tool. The proposed methodology is applicable to single as well as multiple camouflaged gates.
The proposed RE technique is employed in conjunction with the proposed camouflaging technique to assess the resistance towards the attacks. In particular, we make the following contributions in this paper:
• We propose a RE technique using stuck-at fault model of Tetramax commercial ATPG tool.
• We determine the RE effort of the above technique through detailed analysis. 978-1-5090-5404-6/17/$31.00 ©2017 IEEE 250 18th Int'l Symposium on Quality Electronic Design
• We provide treatment of both isolated as well as dependent set of camouflaged gates in the netlist.
• We propose controllability, observability and HD sensitivity based metrics of the gates to select the target gates for camouflaging.
• We evaluate the strength of proposed camouflaging metrics using RE effort of the proposed RE methodology.
The rest of the paper is organized as follows. In Section II, we provide a detailed analysis of the proposed RE methodology for single gate. Consideration for multiple camouflaged gates is presented in Section III. The metrics for camouflaging is described in Section IV. Section V provides simulation results and conclusions are drawn in Section VI.
Re methodlogy using atpg tools
In this section we describe the methodologies to decamouflage the netlist. It involves gate-level and netlistlevel test pattern generation, and, RE effort analysis.
Gate-level input pattern identification
This step generates the desired patterns to determine the logic implemented by the camouflaged gate. This is achieved by applying well-defined input test vectors and analyzing the output response. The challenges associated with this step include: (i) minimizing the number of gatelevel input patterns required to identify the camouflaged logic; and, (ii) determining a methodology to exploit 'stuckat' fault model of ATPG to apply the desired pattern at a target gate. These challenges are addressed below:
Minimizing the number of gate-level input patterns
To understand this challenge let us take the example of a 2 input gate with 4 input combinations. By analyzing the output generated for all these input combinations, the functionality of the gate can be determined. The challenge however is to determine the logic implemented with minimum number of test patterns. To analyze this, we first populate a truth table with the 6 logic gates and their corresponding outputs for all the input combinations ( Table-IA) . For example, in order to decipher a 'NAND' gate we first apply 00 pattern; a high output generated can correspond to either NAND, NOR and XNOR logic gates. The next input combination chosen will be unique to that of the NAND gate ( Table-IB) . By applying either a 01 or 10 pattern, only the NAND gate will output a logic 1, while the other two gates will output a logic 0. Therefore, by applying patterns that generate a unique output signature for a particular gate, we can eliminate the need to extensively test the rest of the combinations. This in turn will reduce the time and number of patterns used to find the functionality of the camouflaged gate. Similarly, this process can be adopted to decipher the functionality of other camouflaged gates.
Gate-level test pattern identification involves exhaustive search. To generalize this we consider m-input gate that has N (=2 m ) possible patterns. Assuming the gate in isolation with n possible functionalities (e.g., NAND, NOR, AND, OR etc.) the table size will be nxN. In the worst case the optimal choice of k input pattern to RE each gate functionality will require searching through N patterns. The corresponding complexity will be ∑ which is ~ O(2 N ). For n functionalities the complexity is O(nx2 N ).
2.1.2.Methodologies to exploit stuck-at fault model
Stuck-at fault as the name suggests is the event where an input of the gate is "stuck-at" a certain value (either 1 or 0). This is a well-established fault model for VLSI test [12] . This model can be exploited to apply the desired input pattern at the target gate. For example if a '00' pattern is required at the inputs of camouflaged gate then the adversary can apply stuck-at 1 fault at both inputs. 
NAND,AND,XOR,XNOR (sa0,sa0)
Netlist-level test pattern generation using atpg
Generation of netlist-level test pattern requires following steps: (i) dummy gate insertion in place of camouflaged gate; (ii) generation of test pattern for fault sensitization and propagation; and, (iii) stitching of test patterns. These are described below:
Dummy gate insertion
In order to generate the netlist-level test patterns, we first replace the target camouflaged gate with an appropriate dummy gate. The choice of dummy gate depends on the gate-level pattern that needs to be applied at the inputs of camouflaged gate as well as the output. The unique feature of ATPG tools such as Tetramax is that when a stuck-at fault is placed at one of the input, the other input is automatically set to non-controlling value (depending on the gate type) for fault sensitization. For example, when a stuckat 0 fault is placed at one input of NAND gate then the one input receives a logic '1' whereas other input is automatically set to logic '1'. Therefore, by choosing to replace the camouflaged gate with NAND gate '11' pattern could be applied. We exploit this feature to apply two inputs at a gate with the stuck-at fault model of ATPG tools which allow insertion of single fault at a time. Similarly, a dummy AND or XNOR gate can enable fault sensitization and propagation if pattern '11' needs to be applied at the inputs. Therefore the camouflaged gate should be replaced with XNOR/AND for test pattern generation. XOR dummy gate can enable generation of 10/01 pattern. TABLE-II shows the desired gate-level patterns and corresponding dummy gate types that can be used to generate patterns using ATPG. Note that multiple choices of a dummy gate are possible for a desired gate-level test pattern.
Fault sensitization and propagation
Stuck-at fault and dummy gate are introduced in the netlist at the camouflaged gate to obtain netlist-level test pattern. For example, stuck-at 1 and dummy AND gate in the netlist is employed to ensure pattern '01' is applied in Fig.1 . The patterns generated in such manner will ensure that the desired gate-level pattern is applied to the camouflaged gate. The next objective is to propagate the output of camouflaged gate to a PO. Note that the pattern needed to propagate the fault could be orthogonal to the pattern needed to sensitize the faults. Therefore the two patterns could be stitched together to generate a pattern that can apply the desired input at the camouflaged gate and propagate the output to PO. In example shown in Fig. 1 the inputs required for the fault sensitization and propagation are {N3, N6, N7} and {N2, N6, N7} respectively.
Split-and-stitch methodology
In order to prepare the netlist for test generation we first split the output of the camouflaged gate (node A) and make it a PO. The fan-out of camouflaged gate (node B) is grounded for the purpose of test generation (Fig. 1) . Next stuck-at faults are introduced at the inputs of camouflaged gate (which is replaced with appropriate dummy gate) and test pattern is generated. After storing the resulting pattern (P1) we connect nodes A&B back and introduce a stuck-at 1 and stuck-at 0 fault respectively at that node, and, store the generated patterns P2 and P3. Note that P1 applies the desired pattern on camouflaged gate and P2/P3 propagates the output (0 or 1) to PO. Furthermore the PIs used to sensitize and propagate are orthogonal. Therefore stitching (P1, P2) and (P1, P3) will provide two new patterns that can attain the desired objective. Similar step can be followed to obtain the test patterns to apply all desired inputs on the camouflaged gate and observe its response.
.Reverse engineering effort
The RE effort is a function of time required to, (i) identify gate-level test pattern (T gate_level ); (ii) determine and insert dummy gates (T dummy ); (iii) inject stuck-at fault at gate input (T fault_injection ); (iv) find the pattern by the ATPG tool (T ATPG ); (v) propagate the fault effect to the PO (T propagation ); and, (vi) find the common pattern to sensitize and propagate the fault (T intersection ). It must be noted that the RE effort will depend on the number of camouflaged gates in the circuit, number of possible functionalities exhibited by the camouflaged gate, number of inputs to the dummy gate and time taken by the ATPG tool.
RE effort = T gate_level + T dummy + [(T fault injection + T ATPG ) + (T fault injection + T ATPG )]+{2*[T propagation + T ATPG ]+2*T intersection } (1)
Note that in the above equation a factor of 2 is included to account for 0 and 1 propagation from gate output. T ATPG depends on the complexity of algorithm used in ATPG tool and the machine specification. 
Considerations for multiple camouflaged gates
It is not sufficient to only camouflage one gate in the entire circuitry from RE effort standpoint. It is therefore imperative to camouflage multiple gates. Multiple camouflaged gates can be realized under one of the following circumstances: (i) the gates are completely isolated from one another, meaning they don't have any common inputs and the fault of one gate doesn't affect the other gates (i.e., no edge between the two gates) and, (ii) the gates are dependent on each other (i.e. a common edge is present between the two gates). In this section we address both these circumstances.
RE of two isolated camouflaged gates
This is the easiest case as shown in Fig. 2 where the same de-camouflaging approach can be followed as single camouflaged gate. First a gate is picked and the test patterns are found. By employing the patterns on the chip the gate could be de-camouflaged. The netlist is updated and the same process is repeated till all gates are de-camouflaged.
RE of two series connected camouflaged gates
In this case we combine both camouflaged gates and introduce a three input gate (with one or multiple outputs depending on fanouts of both gates) in place of two gates as shown in Fig.3 . Next we can introduce the faults and generate the patterns similar to the single camouflaged gate. However, this case will have 36 possible combinations of possible logic (assuming each gate exhibits 6 functionalities) and 8 possible input patterns. Similar to discussion in Section II, unique gate-level patterns need to be identified to de-camouflage all possible 36 cases using less than 8 patterns. Once the patterns are identified the choice of dummy gates are made for netlistlevel test pattern generation. Note that the RE effort will increase due to increased complexity of test pattern generation.
RE of two camouflaged gates with a known gate in between
In this scenario a known gate is sandwiched between two camouflaged gates. We have two possibilities in this case: (i) a gate (Fig. 4(a) ) with more than one fanout; and, (ii) a gate with only one fanout (Fig. 4(b) ). When the known gate has more than one fanout, the fault effect could be propagated to a PO through alternative paths. Therefore this situation is same as two independent gates and the split-andstitch method can be directly applied on each individual camouflaged gate. With a single fanout (Fig. 4(b) ) however, we need to combine the three gates and replace them with a four input gate. In this example, we get a possible 36 logical combinations, with a total of 16 possible input combinations.
3.4.Three series-connected camouflaged gates
In this case as we replace the three camouflaged gates with a four input gate (similar to Section III.B) as shown in Fig. 5 . The RE complexity proportionally increases as each gate now has 6 possible combinations giving rise to 216 different possible logical combinations with 16 possible input patterns. It is observed that a minimum of 6 patterns are required to de-camouflage a single 3-gate combination design. It must also be noted that some of the possible gate combinations are functionally equivalent (i.e. XOR-XOR-XOR gate is functionally equivalent to XNOR-XNOR-XNOR gate). Therefore once the RE boils down to functionally equivalent logic, the gates are assumed to be successfully de-camouflaged. Fig. 6 shows the number of gate-level patterns required to identify the functionalities of single, two series-connected and three series-connected camouflaged gates. It is observed that the RE effort grows rapidly as more camouflaged gates are daisy chained.
Camouflaging Techniques
In this section we present techniques to increase the RE effort using metrics such as controllability, observability and HD sensitivity. 
Controllability and observability-based technique
We calculate the controllability and observability [12] of each gate in the netlist. The gates connected to the Primary Input (PIs) are hard to observe but easy to control. However the gates deeper in the logic becomes difficult to observe but hard to control. The gates that are both hard-to-control (HTC) and hard-to-observe (HTO) are ideal choices for camouflaging. However, finding such gates in the design is nearly impossible. Therefore, we add controllability (CC0 and CC1) and observability (O) values of the gate to determine an aggregate metric (HTCO) that is representative of its overall hardness for RE and is given by, HTCO= CC0+CC1+O.
A graph is created after reading the netlist where each node corresponds to a gate and the edge corresponds to their connectivity. The graph is traversed from PI to PO (PO to PI) and the controllability (observability) values of each node is computed. A list of gates is created in descending order of HTCO values and top gates are selected for camouflaging. As noted before the selected gates could either be independent of each other or could be a mixture of indepndent and dependent (series connected) gates. We evaluate the RE effort for both these conditions.
Hamming distance sensitivity-based technique
The Hamming Distance Sensitivity (HDS) is analytically computed by adding the differential change in POs by changing the response of a gate for a exhaustive set of test vectors. Theoretically it determines the ability of a gate to maximize the change in POs for a given test vector. It is notable that a gate which can be reached from maximum number of POs will have higher potential to affect the POs. Therefore such gates will have higher HDS. In this paper we use the reachability of the gate from POs as representative of HDS. This is achieved by traversing the graph (corresponding to a netlist) in depth-first manner and computing the number of POs reached from each gate. A list of gates is created in descending order of HDS values and top gates are selected for camouflaging. In addition to HTCO and HDS, we also evaluate the efficacy of an aggregate metric called hard-to-RE (HTRE) that constitutes controllability, observability and HDS, and, is given by HTRE=HTCO +HDS.
Results and analysis
We evaluate proposed camouflaging and RE technique using ISCAS85 benchmarks [14] . We implement the gate selection algorithm in C to calculate the HTCO [13] , HDS and HTRE of each gate. Next, we select 5%, 10% and 15% of total number of gates for camouflaging. A random selection is also implemented for comparison. We evaluate the RE effort (using (1)) of independent, dependent (2-series connected) as well as mixture of independent and dependent gates. In RE effort estimation a clock frequency of 1GHz (1ns cycle time) is assumed for each combination of gatelevel test pattern generation/application. The ATPG time is determined by executing it on linux 6.5 carbon with AMD operton processor (2GHz clock and 32GB RAM). Since camouflaging is associated with area, delay and power overhead, the objective is to maximize the RE effort with less percentage of camouflaging. Fig. 7(a) shows an example of RE effort breakdown for HTRE metric with 5% camouflaging. It can be observed that majority of RE effort is spent in finding the intersection of netlist-level test patterns and to find test pattern for propagation of gate output. The RE effort for random gate selection, HTCO with independent gates (HTCO(indep)), HTCO with 2-series dependent gates (HTCO(2-series)) and HTCO with pure gate selection respectively are shown in Fig. 7(b) -(e). HTCO(indep) is obtained by eliminating the dependent gates and picking the independent gates from list of gates that are sorted in decremental order of HTCO metric. Similarly, HTCO (2-series) is obtained by eliminating the independent gates and more than 2-series connected gates.
It can be noted that the RE effort increases significantly with when only series connected gates are picked for camouflaging instead of independent gates that are hard-tocontrol and hard-to-observe. This conclusion is more evident in Fig. 7 (f) that compares random, HTCO (indep), HTCO (2-series) and HTCO for 5% camouflaging. The RE effort with HTCO(2-series) is better than other metrics. The same exercise is repeated for three flavors of HDS namely, HDS (2-series), HDS (indep) and HDS, and, two flavors of HTRE namely HTRE (2-series) and HTRE (indep). The results (Fig. 8(a)-(c) and Fig. 9(a)-(b) ) indicate that seriesconnected gates perform better in maximizing the RE effort. Fig. 9(c) compares the RE effort for the proposed flavors of HTCO, HDS and HTRE metrics for benchmark C888. HTRE(2-series) performs best in maximizing the RE effort. It is interesting to observe that even with small percentage of camouflaging the same level of RE effort can be achieved through careful gate selection metric. This is evident in Fig.  9 (c) that shows same RE effort for 5% camouflaging using HTRE(2-series) and 10% camouflaging using HDS and 15% camouflaging using random selection.
From the above results we conclude that the stregnth of camouflaging can be improved by focusing on following approach during gate selection: (i) choose as many dependent gates as possible with given camouflaging budget; (ii) use HTCO, HDS and HTRE metric as guiding tool to identify the set of potential gates for camouflaging; (iii) instead of picking independent gates with high metric values, it may be effective to pick dependent gates with low metric values. Future work will involve more detailed analysis of the above factors for gate selection and exploiting test features of ATPG tools to lower RE effort.
Conclusions
We propose a method of de-camouflaging the netlist using a commercial ATPG tool. The proposed method is generic and could be employed for single as well as multiple camouflaged gates. We also propose a controllability, observability and HD sensitivity based metrics to select gates for camouflaging. An aggregate RE effort metric is also developed. The effectiveness of the proposed camouflaging methodology is evaulated by comparing the RE efforts. Choice of dependent gates that are selected based on a combination of controllability, observability and HD sensitivity based metric shows best performance for maximizing RE effort.
