3.2 Major Design Challenges and the Proposed Solutions
Design goal: Use only input ports and internal nets/wires for logic function programming and configuration without using additional key ports.
Challenge 1: Keyless camouflaged element implement. Without key control, the camouflaged logic should be redesigned to implement successful programming and configuration. For prior volatile logic locking techniques, the elimination of keys is almost impossible because the circuit locking behavior is completely reliant on keys. However, for nonvolatile FeFETs, the circuit can be programmed first and then execute the logic with the functions stored in FeFETs.
Challenge 2: Keyless configuration. Since the unlock process determines the module function, the programming and configuration process must ensure that the camouflaged logic can be configured correctly. However, as shown in Figure
1(c), a logic module contains both CMOS logic gates and rGates, and the input ports belong to the whole logic module. Therefore, compared with Figure
1(b), there are no separate gates that can be controlled directly through input ports. Thus, the function of rGates depends on the interconnection state within the circuit module.
In summary, the design of the keyless camouflaged cells and the keyless configuration are two critical issues. In Sections
3.3 to
3.5, we present techniques for solving these essential problems, with theoretical analysis and appropriate examples.
3.3 Keyless Camouflage Logic Design: FeFET-Based rGates
Design goal: rGates can execute the original (correct) function and at least one obfuscation (false) function. rGates can be reconfigured to different functions under certain programming settings.
This work proposes a family of FeFET-based rGates at the gate level. This work proposes two types of rGate and corresponding design methods. As shown in Figure
4(a), the original CMOS logic gate function is
\(F^{\prime }\) , and
\(F_n\) and
\(F_p\) represent the NMOS and PMOS circuit structure of function
F, respectively. The type-1 rGate and type-2 rGate utilize an additional logic
G to obfuscate the original logic. As shown in Figures
4(b) and
4(c), type-1 and type-2 rGates function as
\({F^{\prime }/(FG)^{\prime }}\) and
\({F^{\prime }/(F+G)^{\prime }}\) , respectively, and the reverse engineering cannot reveal the correct logic due to the uncertainty of the FeFET on/off states. The
Ctr signal connected to the FeFETs will be discussed in Sections
3.4 and
3.5. We need to emphasize that the
Ctr signal is different from the traditional key because there are no explicit key ports that connect to
Ctr. Since type-2 is essentially a dual structure of type-1, the configuration principle and process are similar. Next, we take type-1 as an example to introduce the computing mode and the configuration mode of the circuit behavior.
Computing mode: The working scenario of this mode is that when the end-users have obtained the authorization and completed the chip activation, the circuit logic function has been configured correctly. In this mode, \(V_{dd}\) is kept stable at \(V_{WORK}\) , which is lower than the FeFET coercive voltage such that the polarization states of FeFETs will not change and remain consistent. Therefore, every rGate is performing a correct and stable function.
Configuration mode: This mode configures the rGate function. In this mode,
\(V_{dd}\) is set to
\(V_R\) , a voltage higher than the coercive voltage, to provide sufficient
\(V_{GS}\) for switching the FeFET on/off states (i.e., the ferroelectric polarization state, or the FeFET positive/negative
\(V_T\) state). It should be emphasized that the
\(V_{dd}\) is global to all gates, containing CMOS gates and rGates. Figure
5(a) explains the configuration process. In Figure
5(b), if the
\(F_n\) and
\(G_n\) are both on and the
\(F_p\) and
\(G_p\) are both off, for the n-type FeFET, the source and drain are grounded; for the p-type FeFET, the source is floating and the drain is grounded. If the voltage at node
Ctr is
\(V_{R}\) , according to Figure
2, the n-type and p-type FeFETs are reconfigured to the
low- \(V_T\) (LVT) state, which represents the “always on” and “always off” behavior, respectively. Thus, the rGate functions as
\(F^{\prime }\) , because
\(G_n\) is shorted by an “always on” n-type FeFET and the
\(G_p\) branch is open by an “always off” p-type FeFET.
In Figure
5(c), if both
\(F_n\) and
\(G_n\) are off and both
\(F_p\) and
\(G_p\) are on, for the n-type FeFET, its source is floating and the drain voltage is
\(V_R\) ; for the p-type FeFET, its source and drain voltage are both
\(V_R\) . If the voltage at node
Ctr is 0, according to Figure
2, the n-type and p-type FeFETs are reconfigured to the
high- \(V_T\) (HVT) state, which represents “always off” and “always on” behavior, respectively. Thus, the rGate functions as
\((FG)^{\prime }\) , because
\(G_n\) is not shorted (n-type FeFET is off) and the
\(G_p\) branch is not open (p-type FeFET is on).
An example of a type-1 rGate
\({B^{\prime }/(AB)^{\prime }}\) is simulated and the transient waveform is shown in Figure
6. In this example,
Ctr is equal to
B. From 0 to
\(0.4 \mu s\) , since the global
\(V_{dd}\) is
\(V_R\) and the input
A and
B are both 1, the rGate is reconfigured to
\(B^{\prime }\) . From
\(0.4 \mu s\) to
\(0.8 \mu s\) , since the global
\(V_{dd}\) value is
\(V_{WORK}\) , the polarization state of the ferroelectric transistor remains stable and the function of the rGate remains
\(B^{\prime }\) . From
\(0.8 \mu s\) to
\(1.2 \mu s\) , the rGate is reconfigured to
\((AB)^{\prime }\) since the global
\(V_{dd}\) is
\(V_R\) and the input
A and
B are both 0. From
\(1.2 \mu s\) to
\(1.6\mu s\) , since the global
\(V_{dd}\) value is
\(V_{WORK}\) , the polarization state of the ferroelectric transistor remains unchanged and the function of the logic gate remains
\((AB)^{\prime }\) . From
\(1.6 \mu s\) to
\(2.4 \mu s\) , the process is the same as the 0 to
\(0.8 \mu s\) process.
It should be emphasized that although each rGate has two functions, there is no restriction on which one is the correct function and which one is the obfuscation function. Because of the arbitrariness of F and G, we can easily modify any CMOS logic gate flexibly to enable different logic obfuscation. In the next section, we will introduce the proposed replacement strategy in detail.
3.4 Proposed Flexible Gate Replacement Strategy
Design goal: For a circuit that is not protected by logic locking/camouflage, i.e., the original circuit, a methodology is required to replace the CMOS gates with rGates at selected positions in the circuit so that the attacker cannot know the logic function of the original CMOS gate from the netlist structure.
We provide four types of gate-level camouflage to flexibly replace the original logic gates into rGates. Figure
7 depicts the replacement methodology. Figure
7(a) shows an original CMOS logic module; Figures
7(b) and
7(c) explain the corresponding replacement strategy. For each rGate, as illustrated, there are two functions depending on the polarization state of FeFETs. The design goal is to add an obfuscation logic and keep the other logic as the original logic. For writing clarity, the reverse symbol (’) is ignored in the latter text.
Type-A: Type-A applies to “AND-like gate” and the obfuscation logic is “cut” down from the original logic. As shown in gate A, the original logic is I1 \(\cdot\) I2, equivalent to the logic function “FG” of the type-1 rGate, and the obfuscation logic can be seen as “F”, which is I1 in this case (I2 is cut down).
Type-B: Type-B applies to “OR-like gate” and the obfuscation logic is “expanded” from the original logic. As shown in gate B, the original logic is I1 \(\cdot\) I2+I3 \(\cdot\) I4 \(\cdot\) I5, equivalent to the logic function “F” of the type-2 rGate, and the obfuscation logic can be seen as “ \(F+G\) ”, which is I1 \(\cdot\) I2+I3 \(\cdot\) I4 \(\cdot\) I5+I6 in this case (I6 is expanded).
Type-C: Type-C applies to “AND-like gate” and the obfuscation logic is “expanded” from the original logic. As shown in gate C, the original logic is I6 \(\cdot\) I7 \(\cdot\) I8, equivalent to the logic function “F” of the type-1 rGate, and the obfuscation logic can be seen as “FG”, which is I6I7I8I9 in this case (I9 is expanded).
Type-D: Type-D applies to “OR-like gate” and the obfuscation logic is “cut” from the original logic. As shown in gate D, the original logic is I1 \(\cdot\) I2+I3 \(\cdot\) I4 \(\cdot\) I5+I6 \(\cdot\) I7 \(\cdot\) I8+I9, equivalent to the logic function “ \(F+G\) ” of the type-2 rGate, and the obfuscation logic can be seen as “F”, which is I1 \(\cdot\) I2+I3 \(\cdot\) I4 \(\cdot\) I5+I6 \(\cdot\) I7 \(\cdot\) I8 in this case (I9 is cut down).
Figure
8 provides a concrete example of the proposed replacement strategy. Assuming that the designer intends to obfuscate the CMOS logic gate (A+B)
\(\cdot\) C, the designer can choose any of the following three replacement types.
Type-A with (A+B) cutting down: Since (A+B)
\(\cdot\) C can be seen as (A+B) ‘AND’ C, C can be considered as obfuscation logic. FeFETs can control whether (A+B) participates in circuit operations or not. As shown in Figure
8, when key = 0, (A+B) participates in the circuit operation; when key = 1, (A+B) does not participate in the circuit operation. Therefore, when the FeFETs are correctly configured, the rGate function is (A+B)
\(\cdot\) C. Otherwise, the rGate function is C, which is wrong, leading to function obfuscation.
Type-B with expanded D: With an additional logic D, (A+B)
\(\cdot\) C can be obfuscated with (A+B)
\(\cdot\) C+D. FeFETs can control whether D participates in circuit operations or not. As shown in Figure
8, when key = 1, D participates in the circuit operation; when key = 0, D does not participate in the circuit operation. Therefore, when the FeFETs are correctly configured, the rGate function is (A+B)
\(\cdot\) C. Otherwise, the rGate function is (A+B)
\(\cdot\) C+D, which is wrong, leading to function obfuscation.
Type-C with expanded D: With an additional logic D, (A+B)
\(\cdot\) C can be obfuscated with (A+B)
\(\cdot\) C
\(\cdot\) D. FeFETs can control whether D participates in circuit operations or not. As shown in Figure
8, when key = 0, D participates in the circuit operation; when key = 1, D does not participate in the circuit operation. Therefore, when the FeFETs are correctly configured, the rGate function is (A+B)
\(\cdot\) C. Otherwise, the rGate function is (A+B)
\(\cdot\) C
\(\cdot\) D, which is wrong, leading to function obfuscation.
The reason this example does not use type-D is that this logical expression (A+B) \(\cdot\) C cannot be written as \(F+G\) . Therefore, an obfuscation logic F cannot be found here. It is also possible to change the logical expression to the form AB+AC so that AB or AC can be regarded as obfuscation logic, but the additional hardware cost is increased. In addition, the logic D here is not necessarily a single variable, but rather a combination of multiple variables.
The proposed novel rGate structure shows significant advantages in improving obfuscation flexibility and reducing design complexity. Unlike other FeFET-based reconfigurable gates that focus on polymorphic functionality [
10], this design can easily modify the original CMOS logic gate into a new rGate because
F and
G can be any combination of logic. Thanks to the compatibility of ferroelectric and CMOS processes, the modification and integration are not subject to process constraints. As the structures of the rGate family are not fixed and are similar to the CMOS logic gate, they also achieve a good layout obfuscation effect, which makes the attacker need to spend more time searching for the rGates.
After replacing the logic gate, in the next section, we will present how to configure the module function using the input ports and how to define the Ctr signal of each rGate.