The semiconductor industry's paradigm shift towards fabless integrated circuit (IC) manufacturing has introduced security threats, including piracy, counterfeiting, hardware Trojans, and overproduction. In response to these challenges, various countermeasures, including Logic locking (LL), have been proposed to protect designs and mitigate security risks. LL is likely the most researched form of intellectual property (IP) protection for ICs. A significant advance has been made with the introduction of compound logic locking (CLL), where two LL techniques are concurrently utilized for improved resiliency against attacks. However, the vulnerabilities of LL techniques, particularly CLL, need to be explored further. This paper presents a novel framework, RESAA, designed to classify CLL-locked designs, identify critical gates, and execute various attacks to uncover secret keys. RESAA is agnostic to specific LL techniques, offering comprehensive insights into CLL's security scenarios. Experimental results demonstrate RESAA's efficacy in identifying critical gates, distinguishing segments corresponding to different LL techniques, and determining associated keys based on different threat models. In particular, for the oracle-less threat model, RESAA can achieve up to 92.6% accuracy on a relatively complex ITC'99 benchmark circuit. The results reported in this paper emphasize the significance of evaluation and thoughtful selection of LL techniques, as all studied CLL variants demonstrated vulnerability to our framework. RESAA is also open-sourced for the community at large.

翻译：半导体产业向无晶圆厂集成电路制造的模式转变引入了安全威胁，包括盗版、伪造、硬件木马和过量生产。为应对这些挑战，业界提出了多种防护措施，其中逻辑锁定技术被用于保护设计并降低安全风险。逻辑锁定很可能已成为集成电路知识产权保护领域研究最广泛的形式。复合逻辑锁定的提出标志着重要进展，该技术通过同时运用两种逻辑锁定方法以增强对攻击的抵御能力。然而，逻辑锁定技术（尤其是复合逻辑锁定）的潜在漏洞仍需深入探究。本文提出一种新型框架RESAA，旨在对复合逻辑锁定设计进行分类、识别关键门电路，并执行多种攻击以破解密钥。RESAA不依赖于特定逻辑锁定技术，能为复合逻辑锁定的安全场景提供全面洞察。实验结果表明，RESAA能有效识别关键门电路、区分对应不同逻辑锁定技术的电路模块，并根据不同威胁模型确定关联密钥。特别是在无预言机威胁模型中，RESAA在相对复杂的ITC'99基准电路上可实现高达92.6%的准确率。本文报告的结果强调了评估与审慎选择逻辑锁定技术的重要性，因为所有被研究的复合逻辑锁定变体均表现出对本框架的脆弱性。RESAA已面向学术界开源发布。