HAL – CAD for Assurance

By: Embedded Security Group, Max Planck Institute for Security and Privacy, Germany

Stage: Gate-Level

Summary

HAL [/hel/] is a comprehensive netlist reverse engineering and manipulation framework.

Virtually all available research on netlist analysis operates on a graph-based representation of the netlist under inspection. At its core, HAL provides exactly that: A framework to parse netlists of arbitrary sources, e.g., FPGAs or ASICs, into a graph-based netlist representation and to provide the necessary built-in tools for traversal and analysis of the included gates and nets.

Our vision is that HAL becomes the hardware-reverse-engineering-equivalent of tools like IDA or Ghidra. We want HAL to enable a common baseline for researchers and analysts to improve reproducibility of research results and abstract away recurring basic tasks such as netlist parsing etc.

Contact

HAL Team

Input/Output Interface

Input: A netlist to analyze
Output: Whatever your analysis plugins can provide

Dependencies

Since HAL is under active development dependencies can change over time.
Please check our git repo to find the most recent information.

Licensing Info

MIT License

Tool Link

References

Fyrbiak, Marc; Wallat, Sebastian; Swierczynski, Pawel; Hoffmann, Max; Hoppach, Sebastian; Wilhelm, Matthias; Weidlich, Tobias; Tessier, Russell; Paar, Christof

HAL—The Missing Piece of the Puzzle for Hardware Reverse Engineering, Trojan Detection and Insertion Journal Article

In: IEEE Transactions on Dependable and Secure Computing, vol. 16, no. 3, pp. 498-510, 2019, ISSN: 1941-0018.

Abstract | Links | BibTeX

@article{Fyrbiak2019HAL,

title = {HAL—The Missing Piece of the Puzzle for Hardware Reverse Engineering, Trojan Detection and Insertion},

author = {Marc Fyrbiak and Sebastian Wallat and Pawel Swierczynski and Max Hoffmann and Sebastian Hoppach and Matthias Wilhelm and Tobias Weidlich and Russell Tessier and Christof Paar},

doi = {10.1109/TDSC.2018.2812183},

issn = {1941-0018},

year  = {2019},

date = {2019-05-01},

journal = {IEEE Transactions on Dependable and Secure Computing},

volume = {16},

number = {3},

pages = {498-510},

abstract = {Hardware manipulations pose a serious threat to numerous systems, ranging from a myriad of smart-X devices to military systems. In many attack scenarios an adversary merely has access to the low-level, potentially obfuscated gate-level netlist. In general, the attacker possesses minimal information and faces the costly and time-consuming task of reverse engineering the design to identify security-critical circuitry, followed by the insertion of a meaningful hardware Trojan. These challenges have been considered only in passing by the research community. The contribution of this work is threefold: First, we present HAL, a comprehensive reverse engineering and manipulation framework for gate-level netlists. HAL allows automating defensive design analysis (e.g., including arbitrary Trojan detection algorithms with minimal effort) as well as offensive reverse engineering and targeted logic insertion. Second, we present a novel static analysis Trojan detection technique ANGEL which considerably reduces the false-positive detection rate of the detection technique FANCI. Furthermore, we demonstrate that ANGEL is capable of automatically detecting Trojans obfuscated with DeTrust. Third, we demonstrate how a malicious party can semi-automatically inject hardware Trojans into third-party designs. We present reverse engineering algorithms to disarm and trick cryptographic self-tests, and subtly leak cryptographic keys without any a priori knowledge of the design's internal workings.},

keywords = {},

pubstate = {published},

tppubtype = {article}

}

Wallat, Sebastian; Albartus, Nils; Becker, Steffen; Hoffmann, Max; Ender, Maik; Fyrbiak, Marc; Drees, Adrian; Maaßen, Sebastian; Paar, Christof

Highway to HAL: Open-Sourcing the First Extendable Gate-Level Netlist Reverse Engineering Framework Proceedings Article

In: Proceedings of the 16th ACM International Conference on Computing Frontiers, pp. 392–397, Association for Computing Machinery, Alghero, Italy, 2019, ISBN: 9781450366854.