Soft IP Protection: Watermarking HDL Codes.
ABSTRACT Intellectual property (IP) reuse based design is one of the most promising techniques to close the so-called design productivity gap. To facilitate better IP reuse, it is desirable to have IPs exchanged in the soft form such as hardware description language (HDL) source codes. However, soft IPs have higher protection requirements than hard IPs and most existing IP protection techniques are not applicable to soft IPs. In this paper, we describe the basic requirements, make the neces- sary assumptions, and propose several practical schemes for HDL code protection. We protect the HDL codes by hiding author's signature also called as watermarking, similar to the idea for hard IP and multimedia data pro- tection. But the new challenge is how to embed watermark into HDL source codes, which must be properly documented and synthesizable for reuse. We leverage the unique feature of Verilog HDL design to develop several watermarking techniques. These techniques can protect both new and existing Verilog designs. We watermark SCU-RTL & ISCAS bench- mark Verilog circuits, as well as a MP3 decoder. Both original and water- marked designs are implemented on ASICs & FPGAs. The results show that the proposed techniques survive the commercial synthesis tools and cause little design overhead in terms of area/resources, delay and power.
- SourceAvailable from: Parthasarathi Dasgupta[Show abstract] [Hide abstract]
ABSTRACT: IP reuse is rapidly proliferating recent automated circuit design. It is facing serious challenges like forgery, theft and misappropriation of intellectual property (IP) of the design. Thus, protection of design IP is a matter of prime concern. In this paper, we propose a novel Internet-based scheme to tackle this problem. Input to the proposed scheme is a graph corresponding to a digital system design. Watermarking of the graph and its encryption are achieved using a new linear feedback shift register(LFSR)-based locking scheme. The proposed scheme makes unauthorized disclosure of valuable design almost infeasible, and can easily detect any alteration of the design file during transmission. It ensures authentication of the original designer as well as non-repudiation between the seller and the buyer. Empirical evidences on several benchmark problem sets are encouraging.Proceedings of the 22st Annual Symposium on Integrated Circuits and Systems Design: Chip on the Dunes, SBCCI 2009, Natal, Brazil, August 31 - September 03, 2009; 01/2009
Conference Paper: Fab forensics: Increasing trust in IC fabrication[Show abstract] [Hide abstract]
ABSTRACT: Fabrication and design are now performed by different companies as semiconductor fabrication facilities (fabs or foundries) seek to reduce costs by serving multiple clients and consolidating resources. However, lack of immediate control and observation reduces the trust which IC designers have in some fabs. To help fabs increase trust in their processes, we propose an approach for logging forensic information of the fab process and printing the information on chips so that examination of the chip reveals provable deviations from the design. Fab owners can benefit by catching rogue employees and by demonstrating high security standards to their customers. Our proposed solution uses a light runtime system that interacts with a trusted platform module (TPM).Technologies for Homeland Security (HST), 2010 IEEE International Conference on; 12/2010
- [Show abstract] [Hide abstract]
ABSTRACT: In this paper, a simple and efficient watermarking method for soft IP protection is proposed, in which a special watermark module for copyright detection is added to the original hardware description language (HDL) codes to replace a set of selected stable register data. The watermark can survive after synthesis, placement and routing to protect the soft IP core at various design levels. The reliability and robustness analysis indicate the proposed method can resist both the removal attacks and forging attacks. Also the experiment results demonstrate that our method is easier to implement at a low hardware overhead compared with the other methods, and the embedded watermark can be detected easily for copyright authentication. Moreover, it could be conveniently integrated in real soft IP cores. test circuit is an independent module that can be removed easily. In this paper, a new watermarking method of additional- circuit-based is proposed for soft IP cores protection, in which a watermarking module is added in the original circuit to prove the ownership rights of the IP provider. The additional module can switch between two working modes: normal operating mode and watermark generating mode. In normal operating mode, the output information is the selected register data which involve in the arithmetic of the primary circuit. It makes the watermark module can't be removed directly. The ownership rights can be checked according to the output sequence of the additional module working in the watermark generating mode. Experiments are performed to verify the feasibility of the proposed method. The results demonstrate that this method has low hardware overhead and good detectability. The rest of the paper is organized as follows. In Section II, the proposed watermarking method is described in details and the implementation procedure of the scheme are given. the experiment results are shown in Section III. Section IV analysis of the typical attacks and evaluation of the reliability and robustness of the watermark is also described. In the last section, the conclusions of this paper are stated.01/2011;
Soft IP Protection: Watermarking HDL Codes
Lin Yuan, Pushkin R. Pari, and Gang Qu
Department of Electrical and Computer Engineering
and Institute for Advanced Computer Studies
University of Maryland, College Park, MD 20742
Abstract. Intellectual property (IP) reuse based design is one of the
most promising techniques to close the so-called design productivity gap.
To facilitate better IP reuse, it is desirable to have IPs exchanged in the
soft form such as hardware description language (HDL) source codes.
However, soft IPs have higher protection requirements than hard IPs
and most existing IP protection techniques are not applicable to soft
IPs. In this paper, we describe the basic requirements, make the neces-
sary assumptions, and propose several practical schemes for HDL code
We protect the HDL codes by hiding author’s signature also called as
watermarking, similar to the idea for hard IP and multimedia data pro-
tection. But the new challenge is how to embed watermark into HDL
source codes, which must be properly documented and synthesizable for
reuse. We leverage the unique feature of Verilog HDL design to develop
several watermarking techniques. These techniques can protect both new
and existing Verilog designs. We watermark SCU-RTL & ISCAS bench-
mark Verilog circuits, as well as a MP3 decoder. Both original and water-
marked designs are implemented on ASICs & FPGAs. The results show
that the proposed techniques survive the commercial synthesis tools and
cause little design overhead in terms of area/resources, delay and power.
Design reuse and reuse-based design have become increasingly important and
are widely considered as the most efficient way to close the design productivity
gap between silicon capacity and designer’s ability to integrate circuits onto
silicon . For reuse to be successful, the reusable building blocks, also known
as macros, cores, intellectual properties (IPs), or virtual components, must be
easily accessible and integrable. Several industry organizations such as the San
Jose-based ”Virtual Socket Interface Alliance”, the ”design and reuse” in Europe,
and ”IP highway” in Japan have already started building libraries and tools
that can be shared by designers all over the world. More importantly, they are
working on the specification of various IP design standards for IP integration.
But how to guarantee IP provider’s IP rights and royalties remains one of the
major obstacles for design reuse.
J. Fridrich (Ed.): IH 2004, LNCS 3200, pp. 224–238, 2004.
c ? Springer-Verlag Berlin Heidelberg 2004
Soft IP Protection: Watermarking HDL Codes 225
IP exchange and reuse normally takes the forms of hard, firm, or soft. Hard
IPs, delivered as GDSII files, are optimized for power, size, or performance. Soft
IPs are delivered in the form of synthesizable HDL codes. Firm IPs, such as place-
ment of RTL blocks or fully placed netlist, are a compromise between hard and
soft IPs . From security point of view, hard IPs are the safest because they are
hard to be reverse engineered or modified. But this one-fits-all solution does not
give IP users any flexibility other than the built-in configuration options. Soft
IPs, on the other hand, are preferred by IP users due to their flexibility of being
integrated with other IPs without much physical constraints. On some occasions,
IP provider may also prefer releasing soft IPs to leave customer-dependent opti-
mization process to the users. Not surprisingly, it has been recognized that the
IP market will be dominated by soft IPs . However, the flexibility makes soft
IPs hard to trace and therefore difficult to prevent IP infringements from hap-
pening. IP providers are taking a high risk in releasing their IPs in the soft form
without protecting their HDL codes with techniques that are effective, robust,
low-complexity, and low-cost. Unfortunately, such techniques or tools are not
available and their development is challenging.
Most existing VLSI design IP protection mechanisms, such as physical tag-
ging, digital watermarking and fingerprinting, target the protection of hard/firm
IPs. Traditional software obfuscating and watermarking methods are not appli-
cable to HDL code either. In this paper, we 1) analyze the challenges in HDL code
protection; 2) describe the basic requirements and necessary assumptions; 3) de-
velop the first set of Verilog source code protection methods. Our approaches can
be easily integrated with the design process to protect a new design. They can
also be applied to protect existing designs, which give IP providers the option
of releasing the (protected) source code for their hard/firm IPs that are already
in the IP market to make them more competitive.
We propose three watermarking techniques to protect Verilog source code.
The first method takes advantage of the don’t-care conditions inherently exist-
ing in the modules by enforcing them to have specific values corresponding to
designer’s signature. A separate test module can be easily constructed to re-
trieve such information. The second one utilizes the fact that many logic units
can be implemented in different ways. Instead of using one fixed structure, we
build multiple functionally identical modules with different implementations in
the same Verilog code. We then selectively instantiate these duplicated modules
for information hiding. The third technique splits the implementation of one
module into two phases in such a way that designer’s signature will be mixed
with the module’s input and output information. We implement and test the
proposed protection schemes on SCU-RTL and ISCAS benchmark circuits using
Synopsys’ design analyzer and Xilinx FPGA CAD tool. The results show that
our watermark survives the synthesis and optimization tools. We measure the
area/resources, delay, and power of the designs before and after watermarking,
and find that our methods introduce little overhead in these three key aspects.
226Lin Yuan, Pushkin R. Pari, and Gang Qu
HDL codes describe VLSI design IPs in the style and structure similar to general
C/C++ programs. Hence, it is natural to investigate whether the existing design
IP protection techniques and software watermarking and obfuscating methods
can be extended for HDL code protection.
2.1VLSI Design IP Protections
According to the IP protection white paper released by VSIA, there are three
approaches to secure an IP: deterrent approach like patents, copyrights, and
trade secrets; protection via licensing agreements or encryption; detection
mechanism such as physical tagging, digital watermarking and fingerprinting
. Legal enforcement (copyright, licensing agreement, etc.) can be used to pro-
tect HDL codes. But it is always hard to enforce such protection, particularly
for the flexible soft IPs. Encryption can be used for soft IP protection [21,22].
But it makes IP reuse inconvenient and there are security holes from which
the un-encrypted IP information may leak. Recently, Kahng et al.  estab-
lished principles for constraint-based watermarking techniques in the protection
of VLSI design IPs [16,17].
The protection is achieved by tracing unauthorized reuse and making un-
traceable unauthorized reuse as difficult as re-designing the IP from scratch.
The essence of their approach is to introduce watermark-related additional con-
straints into the input of a black-box design tool such that the design will be
rather unique and the embedded watermark can be revealed as proof of author-
ship. This approach is generic and has been applied to various stages of the VLSI
design process, from behavioral and logic synthesis to standard cell place and
route algorithms, to FPGA designs [7,8,9,10,11,14].
It is possible, but never easy, to extend the idea of constraint-based water-
marking directly into the context of HDL code protection. RT-level HDL source
codes normally describe a design in a program-like manner. The constraints
are the abstract description of the system’s functionality. One can introduce
new constraints as watermark. However, any additional constraint at the top
abstract level description usually can be easily identified and thus removed or
modified. Another concern is the design overhead incurred by adding constraints
at this level. If we add constraints at such early stage, it may have large impact
to the design quality.
2.2Software Watermarking and Obfuscating
Watermarking, tamper proofing, and obfuscating are the typical source code
protection methods to prevent software piracy [3,2,6,15,19,20]. Watermarking
is a technique that embeds a secret message into the program to discourage
IP theft by enabling the establishment of IP ownership [5,12]. Tamper-proofing
technique protects software from being tampered by making the software with
Soft IP Protection: Watermarking HDL Codes227
any unauthorized modification into a nonfunctional code. Obfuscating method
makes the program ”unintelligible” while preserving its correct functionality.
Obfuscating and tamper-proofing techniques are not suitable for HDL code
protection. First, they make programs less readable and harder (if not impossi-
ble) to modify, which are all against the incentive to release soft IPs for better
design reuse. Secondly, the continuous push for HDL design standards reduces
the power of such protections.
Software watermarking methods embed a structure or a function into the
program such that it can be reliably located and extracted even after the program
has been translated, optimized, and obfuscated. Existing software watermarking
schemes are either static or dynamic . Static schemes embed watermark only
in the executable and are vulnerable to many attacks. HDL program does not
have any executables, so this approach cannot be applied. Dynamic watermark
is constructed at run time and stored in dynamic state of the program. The
quality of a watermarking scheme depends on how well it stands up to different
types of attacks and how successfully the watermark can be retrieved.
To sum up, HDL source codes are soft IPs in the form of program. They have
more reuse value than hard/firm IPs because of their flexibility and easy acces-
sibility. However, existing hard/firm IP protection techniques cannot be directly
used to prevent designers from losing control of their IPs once HDL source codes
are released. On the other hand, HDL code is different from other program-
ming languages like C/C++ and Java [1,13,18]. Current software protection is
not applicable for HDL code protection due to the following two reasons: 1)
design reuse methodology requires HDL code to be developed and documented
following industrial standards; 2) there are no executables associated with HDL
3HDL Code Watermarking Techniques
3.1Goals and Assumptions
The sole objective of HDL code watermarking is to hide designer’s digital in-
formation into the HDL source code for ownership protection. However, a good
HDL watermarking technique (at RT-level) must also meet the following goals:
(1) Strong proof of authorship. (2) Low design overhead. (3) Survivability from
re-synthesis. (4) Resilience. (5) Preserve IP’s I/O interface.
To achieve the above goals, we make two necessary assumptions:
Documentation Assumption: designer must document the HDL modules
properly and give sufficiently detailed information on each reusable module’s
input, output, and functionality. However, other details on how each module is
implemented are not required.
This assumption has been widely accepted in the HDL design community. It is
critical for HDL code watermarking. Without this assumption, designers will be
forced to document everything including their watermark implementation. This
makes watermark visible and further increases the difficulty of watermarking.
228Lin Yuan, Pushkin R. Pari, and Gang Qu
Verification Assumption: all HDL design should follow the hierarchical
modular fashion and complicated gate-level HDL code should not be mixed with
We focus on the protection of soft IP at HDL source code level and conse-
quently we restrict the watermark verification problem to be within the context
of HDL code as well. The verification assumption prohibits the following attack:
obtain the gate-level HDL codes for certain modules from the netlist and use
them to replace their equivalent modules. We mention that our proposed tech-
niques are robust against the attack of replacing a single RT-level module by
its equivalent gate-level code. However, if the attacker constructs a new module
by flattening and combining several modules in gate-level code, then the prob-
lem of identifying a watermark is equivalent to sub-circuit isomorphism which is
NP-hard. The verification assumption requires hierarchical modular design and
discourages designs with only a single module. This is not vital to our approach,
but rather a common practice in large real life designs. Attackers can verify the
functionality of each module, but they cannot afford to extract all the modules
from the HDL source code and re-synthesize them and their combinations. In
fact, such attempt is more expensive than redesign from the top-level description
given in the documentation.
Next, we will use Verilog as the framework to illustrate three HDL code
watermarking approaches. We mention that since Verilog share many common
features as hierarchical modular design fashion, code documentation and reused-
based design with other HDL languages, VHDL for example, we can easily extend
the proposed watermarking techniques for the protection of general HDL code.
3.2Verilog Watermarking Approaches
Module Watermarking: In this method, we extend the concept of constraint-
based watermarking to the Verilog design of a module. A module takes certain
input signals and produces output based on the logical functionality to be im-
plemented. The input-output relationship, known as truth table, constrains the
module’s implementation. To embed additional constraints, we take advantage
of the don’t care conditions inherently existing in the module. Consider the de-
sign of an encoder that converts radix-4 numbers into binary. The useful inputs
for this module are 0001, 0010, 0100 and 1000, which produce outputs 00, 01, 10
and 11 respectively. The other twelve combinations of the 4-bit input are don’t
care conditions as they will not occur in the circuit. Now we show how to embed
into the design of this encoder a 15-bit stream b14b13...b1b0=100010010000010
(’DA’ in binary with the last bit as the parity bit). First we order the 12 don’t
cares in ascending order and make a cyclic list: 0000,0011,0101,,1111. Then we
repetitively pick don’t cares one- by-one and assign them specific output values
to embed the above bit-stream following the algorithm in Figure 1.
More specifically, we take 3, the value of ?log212? , bits b2b1b0= 010 from
the given bit-stream (line 4 and 5). This gives us the binary 2 and we thus
select the third (0-offset) don’t care 0101 from the list of don’t cares. Next we
assign a specific value, 00=b4b3, to this input (line 7) and delete it from the list