Securing Fault-Detectable CNN Hardware Accelerator Against False Claim of IP Ownership Using Embedded Fingerprint as Countermeasure

Abstract

This paper presents a novel methodology to design the secure fault-detectable hardware accelerator for convolutional neural network (CNN) during high-level synthesis (HLS). The security of fault-detectable CNN hardware accelerator design has been ensured against false claim of intellectual property (IP) ownership using the embedded fingerprint of the original IP vendor as a countermeasure. The proposed approach first generates a fault-detectable schedule for CNN. Subsequently, the unique fingerprint of the original IP vendor in the form of encoded hardware security constraints is covertly embedded into the design during the register allocation module of HLS, which acts as digital evidence to nullify the false claim of IP ownership by an adversary that may be present in an untrustworthy design house (such as foundry) and/or in the system on chip (SoC) integration house. The proposed approach achieves the following: i) secure fault-detectable hardware accelerator for CNN with integrated unique fingerprint of original IP vendor at zero design cost overhead ii) more definitive proof of IP ownership for a genuine IP vendor (indicating lower value of false positive) using proposed fingerprint embedding and iii) stronger robustness against brute force attack (indicating extreme difficulty in removing/tampering) using proposed fingerprint embedding than the related approaches. © 2023 IEEE.