Alexander Hepp scite author profile

Trust and security of microelectronic systems are a major driver for game-changing trends like autonomous driving or the internet of things. These trends are endangered by threats like soft-and hardware attacks or IP tampering -wherein often hardware reverse engineering (RE) is involved for efficient attack planning. The constant publication of new RE-related scenarios and countermeasures renders a profound rating of these extremely difficult. Researchers and practitioners have no tools or framework which aid a common, consistent classification of these scenarios. In this work, this rating framework is introduced: the common reverse engineering scoring system (CRESS). The framework allows a general classification of published settings and renders them comparable. We introduce three metrics: exploitability, impact, and a timestamp. For these metrics, attributes are defined which allow a granular assessment of RE on the one hand, and attack requirements, consequences, and potential remediation strategies on the other. The system is demonstrated in detail via five case studies and common implications are discussed. We anticipate CRESS to evaluate possible vulnerabilities and to safeguard targets more proactively.

show abstract

Toward a Human-Readable State Machine Extraction

Brunner

Hepp

Baehr

et al. 2022

ACM Trans. Des. Autom. Electron. Syst.

View full text Add to dashboard Cite

The target of sequential reverse engineering is to extract the state machine of a design. Sequential reverse engineering of a gate-level netlist consists of the identification of so-called state flip-flops, and the extraction of the state machine. The second step can be solved with an exact approach if the correct state flip-flops and the correct reset state are provided. For the first step, several more or less heuristic approaches exist. This work investigates sequential reverse engineering with the objective of a human-readable state machine extraction. A human-readable state machine reflects the original state machine and is not overloaded by additional design information. For this purpose, the work derives a systematic categorization of state flip-flop sets, based on properties of single state flip-flops and their sets. These properties are determined by analyzing the degrees of freedom in describing state machines as the well-known Moore and Mealy machines. Based on the systematic categorization, this work presents a state flip-flop set definition for a human-readable state machine, categorizes existing state flip-flop identification strategies, and develops four post-processing methods. The results show that post-processing predominantly improves the outcome of several existing state flip-flop identification algorithms.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Alexander Hepp

Hardware Obfuscation of Digital FIR Filters

Physical and Functional Reverse Engineering Challenges for Advanced Semiconductor Solutions

Tapeout of a RISC-V crypto chip with hardware trojans

CRESS: Framework for Vulnerability Assessment of Attack Scenarios in Hardware Reverse Engineering

Toward a Human-Readable State Machine Extraction

Contact Info

Product

Resources

About