P3_20: Reverse Engineering Methodology for FPGA Bitstreams
Topic Areas: Reverse Engineering, FPGA Trojans
Principal investigator: Dr. J. M. Emmert, University of Cincinnati
Co-Principal investigator(s): Dr. Carla Purdy, University of Cincinnati
Co-Principal investigator(s): Dr. Ronald Williams, University of Virginia
Co-Principal investigator(s): Dr. Zachary Collier, University of Virginia
The primary objective of this proposal is to develop and investigate a generalizable, standardized framework and methodology to reverse engineer (RE) field programmable gate array (FPGA) bitstreams for the purpose of detecting Trojan circuits found in 3rd party intellectual property (IP). The approach will use the bitstream ‘down-load’ and ‘read-back’ capabilities available on FPGAs that are IEEE Joint Test Action Group (JTAG) 1149.x compliant to develop a technology-independent framework to load and extract programming data to and from FPGA bitstream files. Phase I of the project will focus on developing a logic-to-bitstream mapping flow. To map FPGA programmable logic to bitstreams, patterns like marching 1’s and 0’s will be developed to systematically map portions of the FPGA programmable logic fabric. The patterns will be developed with the goal of minimizing the number of bitstream downloads required to map some portion of the FPGA’s logic. Phase II of the project will focus on developing an interconnect-to-bitstream mapping flow. To map the FPGA programmable interconnect to bitstreams, looped wire patterns will be leveraged. Future Phases will focus on RE of 3rd party IP firmware and detection of irregularities in the ‘read-back’ bitstreams. For later phases, the firmware will be graphically mapped and analyzed for inconsistencies. This effort will further seek to quantify the confidence of the resulting reverse engineered mapping through uncertainty quantification techniques. The resulting methods will be suitable for further product development and educational materials to enhance student (both academic and industrial/DoD) knowledge and capabilities in the area of FPGA bitstream reverse engineering IP validation and verification.