CAD for Assurance of Electronic Systems


By: Abdulrahman Alaql, Domenic Forte, and Swarup Bhunia

Stage: Security Analysis of Gate-Level Netlist Obfuscation

Process flow of the synthesis-based attack


  • SWEEP is a constant propagation attack that exploits the change in characteristics of the IP when a single key-bit value is hard-coded. 
  • The attack is scalable and does not require an unlocked circuit (oracle), but having an unlocked system is recommended to perform functional tests and to verify the correctness of the extracted key.
  • The attack process starts with analyzing design features that are generated from the synthesis tool and establishes a correlation between these features and the correct key values. 
  • The level of accuracy of the extracted key mainly depends on the type of logic locking approach used to obfuscate the IP.


Abdulrahman Alaql

Input/Output Interface

  • Input: Locked Circuit (bench format)
  • Output: Key Extraction Report.


ABC Compiler

Licensing Info

For educational use only.

The toolset can be found at


Alaql, Abdulrahman; Forte, Domenic; Bhunia, Swarup

Sweep to the Secret: A Constant Propagation Attack on Logic Locking Proceedings Article

In: 2019 Asian Hardware Oriented Security and Trust Symposium (AsianHOST), pp. 1-6, 2019.

Abstract | Links | BibTeX


  • This work is supported in part by the National Science Foundation grants: 1603483, and 1651701.