Session Chair: Kyle Juretus, Villanova University

Wednesday, June 29, 2022 | Time: 13:30 - 14:50

Location: Int'l Ballroom C

• 39. A Comparison of Neural Networks for PCB Component Segmentation
  Abinai Pasunuri, Nathan Jessurun, Olivia Paradis and Navid Asadizanjani
  Abstract: In recent years, printed circuit board (PCB) assurance has become increasingly important. One method of addressing this need is through extracting the bill of materials (BoM) from an optical image of the sample and comparing it to reference parts from the board’s design. This requires precise knowledge about mounted component shapes to properly account for various BoM properties. Semantic image segmentation, also known as pixel-level image labeling, is ideal for this task and already widely applied in a multitude of applications (e.g. medical, aerospace, geospatial, etc.). However, optical PCB images demonstrate characteristics which make it difficult to apply solutions from these alternative domains. This work describes the challenging nature of accurate PCB image segmentation and why existing solutions are not well-suited to meet these needs. Several recent techniques leveraging neural networks, namely UNet, DilatedNet, DeepLab, LinkNet, and ICNet are explored in their capabilities toward this purpose. Relevant impacts from a hardware assurance perspective are also analyzed.


• 6. HW2VEC: A Graph Learning Tool for Automating Hardware Security
  Shih-Yuan Yu, Rozhin Yasaei, Qingrong Zhou, Tommy Nguyen and Mohammad Abdullah Al Faruque
  Abstract: The time-to-market pressure and continuous growing complexity of hardware designs have promoted the globalization of the Integrated Circuit (IC) supply chain. However, such globalization also poses various security threats in each phase of the IC supply chain. Although the advancements of Machine Learning (ML) have pushed the frontier of hardware security, most conventional ML-based methods can only achieve the desired performance by manually finding a robust feature representation for circuits that are non-Euclidean data. As a result, modeling these circuits using graph learning to improve design flows has attracted research attention in the Electronic Design Automation (EDA) field. However, due to the lack of supporting tools, only a few existing works apply graph learning to resolve hardware security issues. To attract more attention, we propose HW2VEC, an open-source graph learning tool that lowers the threshold for newcomers to research hardware security applications with graphs. HW2VEC provides an automated pipeline for extracting a graph representation from a hardware design in various abstraction levels (register transfer level or gate-level netlist). Besides, HW2VEC users can automatically transform the non-Euclidean hardware designs into Euclidean graph embeddings for solving their problems. In this paper, we demonstrate that HW2VEC can achieve state-of-the-art performance on two hardware security-related tasks: Hardware Trojan Detection and Intellectual Property Piracy Detection. We provide the time profiling results for the graph extraction and the learning pipelines in HW2VEC.


• 78. Contrastive Graph Convolutional Networks for Hardware Trojan Detection in Third Party IP Cores*
  Nikhil Muralidhar, Abdullah Zubair, Nathanael Weidler, Ryan Gerdes and Naren Ramakrishnan
  Abstract: The availability of wide-ranging third-party intellectual property (3PIP) cores enables integrated circuit (IC) designers to focus on designing high-level features in ASICs/SoCs. The massive proliferation of ICs brings with it an increased number of bad actors seeking to exploit those circuits for various nefarious reasons. This is not surprising as integrated circuits affect every aspect of society. Thus, malicious logic (Hardware Trojans, HT) being surreptitiously injected by untrusted vendors into 3PIP cores used in IC design is an ever present threat. In this paper, we explore methods for identification of trigger-based HT in designs containing synthesizable IP cores without a golden model. Specifically, we develop methods to detect hardware trojans by detecting triggers embedded in ICs purely based on netlists acquired from the vendor. We propose GATE-Net , a deep learning model based on graph-convolutional networks (GCN) trained using supervised contrastive learning, for flagging designs containing randomly-inserted triggers using only the corresponding netlist. Our proposed architecture achieves significant improvements over state-of-the-art learning models yielding an average 46.99% improvement in detection performance for combinatorial triggers and 21.91% improvement for sequential triggers across a variety of circuit types. Through rigorous experimentation, qualitative and quantitative performance evaluations, we demonstrate effectiveness of GATE-Net and the supervised contrastive training of GATE-Net for HT detection. Code and data are publicly available.


• 3. Safeguarding the Intelligence of Neural Networks with Built-in Light-weight Integrity MArks (LIMA)
  Fateme S. Hosseini, Qi Liu, Fanruo Meng, Chengmo Yang and Wujie Wen
  Abstract: As Deep Neural Networks (DNNs) are widely adopted in many real-world applications, their integrity becomes critical. Unfortunately, DNN models are not resilient to fault injection attacks. In particular, recent work has shown that Bit-Flip Attack (BFA) can completely destroy the intelligence of DNNs with a few carefully injected bit-flips. To defend against this threat, we propose Light-weight Integrity MArks (LIMA) framework which protects the integrity of the most significant bits (MSBs) of DNN weights – the main target of BFA. Such protection is enabled by embedding specific property into a trained DNN model’s weights before deploying it in hardware. LIMA outperforms existing BFA countermeasures as it requires no retraining, imposes no storage overhead, offers full-coverage of all DNN layers, and can be easily verified with Multiply-Accumulate (MAC) operations to detect BFA. Our comprehensive study demonstrates 100% effectiveness in detecting chains of bit-flips and near-zero accuracy loss for embedding LIMA. The results also show that even when the attacker has complete knowledge of the proposed defense plan, attacking DNNs with built-in LIMA is extremely difficult, if not completely impossible.

^** HOST 2022 Best Paper Nominee