Research On Techniques Of FPGA Parallel Reverse Engineering

In recent years,FPGA has been widely used in various fields,making its security issues become more and more important.Currently,hardware trojans are a kind of attack method that poses great threat to FPGA.They have the characteristics of high concealment and strong destructive power,and will not be activated when the hardware is working normally or the circuit is tested in the factory,but will only take effect under certain conditions.Once they take effect,they will destroy the user's circuit or steal the information in the circuit.At present,the most effective way to detect the hardware trojans is to analyze the netlist or RTL code,but for most users,only the bitstream file can be accessed.Users need the help of reverse engineering to detect whether there are security problems in the bitstream.The reverse engineering of FPGA is researched and the reverse engineering tool is realized,which can extract the netlist and RTL code from the bitstream.The main contributions of this thesis are as follows:1)In this thesis,the application fields of FPGA and the hidden security risks in it are researched,then the necessity of reverse engineering is analyzed,and the current research status of reverse engineering is summarized.Then,the hardware architecture and development process of FPGA are researched,and the FPGA netlist file and bitstream file are analyzed,and the method of collecting the mapping relationship between FPGA bitstream and netlist and the storage method of mapping relationship are elaborated.2)In order to achieve the goal of bitstream reverse engineering,an efficient and parallelizable FPGA bitstream reverse engineering algorithm is proposed and implemented.This algorithm can efficiently extract the information in the netlist from the bitstream,restore and rebuild the netlist,and finally get the XDL netlist corresponding to the bitstream,and solve the problem of incomplete Net information in the netlist.The time complexity of each stage of the algorithm is analyzed,and some of the stages are parallelized according to their feasibility and time overhead.ISCAS'85 benchmark combinational circuit set,ISCAS'89 benchmark sequential circuit set and other common circuit were used as test data,the accuracy of reverse engineering algorithm is verified,the time overhead is recorded and compared with existing tool.3)To optimize and expand the existing reverse engineering method,an extensible reverse engineering method of netlist is designed and implemented,which can convert the netlist into Verilog code.This method provides general functions in the whole process of reverse engineering of FPGA netlist,such as path search,code generation,node screening,etc.,and only needs to add the corresponding configuration information when expanding new devices.The devices in the netlist are classified,and the expansion mode of different types of devices are provided.Two output forms are designed for the results of reverse engineering.The first is a normal model,that is,all devices in the netlist are directly converted into Verilog code.The second is the driving equation mode,which extracts and compresses the input of sequential devices.For the reverse engineering of large hard core resources,three feasible methods are proposed,and the advantages and disadvantages of the three are analyzed.The benchmark circuit test sets of ISCAS'85 and ISCAS'89 are taken as data,the accuracy and scalability of the reverse engineering method are verified on different types of FPGA.