In the traditional Application-Specific Integrated Circuit (ASIC) design flow, the concept of timing closure implies to reach convergence during physical synthesis such that, under a given area and power budget, the design works at the targeted frequency. However, security has been largely neglected when evaluating the Quality of Results (QoR) from physical synthesis. In general, commercial place & route tools do not understand security goals. In this work, we propose a modified ASIC design flow that is security-aware and, differently from prior research, does not degrade QoR for the sake of security improvement. Therefore, we propose a first-of-its-kind zero-overhead flow for security closure. Our flow is concerned with two distinct threat models: (i) insertion of Hardware Trojans (HTs) and (ii) physical probing/fault injection. Importantly, the flow is entirely executed within a commercial place & route engine and is scalable. In several metrics, our security-aware flow achieves the best-known results for the ISPD`22 set of benchmark circuits while incurring negligible design overheads due to security-related strategies. Finally, we open source the entire methodology (as a set of scripts) and also share the protected circuits (as design databases) for the benefit of the hardware security community.

翻译：在传统的专用集成电路（ASIC）设计流程中，时序收敛的概念意味着在物理综合阶段达成收敛，使得设计在给定的面积与功耗预算下能够工作于目标频率。然而，在评估物理综合的结果质量（QoR）时，安全性在很大程度上被忽视了。通常，商业布局布线工具并不理解安全目标。在本研究中，我们提出了一种改进的、具备安全意识的ASIC设计流程，与先前研究不同，该流程不会为提升安全性而降低QoR。因此，我们提出了一种首创的零开销安全收敛流程。我们的流程关注两种不同的威胁模型：（i）硬件木马（HTs）的植入，以及（ii）物理探测/故障注入。重要的是，该流程完全在商业布局布线引擎内执行，且具备可扩展性。在多项指标上，我们的安全意识流程在ISPD`22基准电路集上取得了目前已知的最佳结果，同时因安全相关策略产生的设计开销可忽略不计。最后，我们将整个方法论（作为一组脚本）开源，并共享受保护的电路（作为设计数据库），以惠及硬件安全社区。