Research On FPGA Reverse Engineering For Hardware Vulnerability Analysis

The globalization of the Field Programmable Gate Array(FPGA)supply chain and the widespread use of FPGAs have drawn attention to FPGA hardware security issues.Currently,there are some hardware vulnerability analysis methods that use netlist and RTL code as research objects,but for most researchers,they can only get the configuration file on the FPGA,and they cannot get the netlist file or RTL code equivalent to the configuration file.This article studies the Altera FPGA reverse engineering method that can be used for hardware vulnerability analysis,and builds configuration file reverse tool and netlist reverse tool.Using these two tools,you can get the equivalent netlist file and RTL code file directly from the configuration file,which can be used for hardware vulnerability analysis.The main research work of this paper is as follows:1)The relevant knowledge and development process of FPGA are introduced,the concept of reverse engineering is expounded,the existing technologies of reverse engineering are summarized,the definition of hardware vulnerability and related research techniques to analyze hardware vulnerability are introduced.2)Three cornerstones of Altera FPGA reverse engineering are constructed: configuration file,netlist file and mapping relation database.For the configuration file,we introduced the classification and format of the configuration file,and determined the type of the configuration file input into the reverse tool.For the netlist file,we analyzed the advantages and disadvantages of the two kinds of netlists of Altera FPGA,and customized the text netlist ADL(Altera Design Language)for Altera FPGA according to the underlying structure of Altera FPGA.For the mapping relational database,we use the minimal change method to determine the correspondence between each dominant position and the text netlist configuration information,and store it in the database to complete the construction of the Altera FPGA reverse engineering auxiliary database.3)Two tools that make up Altera FPGA reverse engineering are designed: configuration file reverse tool and netlist reverse tool.The configuration file reverse tool relies on the mapping relational database to convert the configuration file into an equivalent ADL netlist file.The netlist reverse tool recovers the data flow information step by step based on the ADL netlist file to obtain the equivalent RTL code file.We used ISCAS'85 benchmark combination circuit and ISCAS'89 benchmark sequential circuit to verify the reverse accuracy of the configuration file reverse tool and netlist reverse tool.4)The unused circuit identification(UCI)algorithm is used to verify that the ADL netlist file obtained from the reverse of the configuration file and the RTL code file obtained from the reverse of the netlist can be used for hardware vulnerability analysis.