# Non-Invasive Reverse Engineering of Finite State Machines Using Power   Analysis and Boolean Satisfiability

**Authors:** Harsh Vamja, Richa Agrawal, Ranga Vemuri

arXiv: 1908.01979 · 2019-08-07

## TL;DR

This paper introduces a non-invasive method combining power analysis and Boolean satisfiability to efficiently reverse engineer finite state machines from their circuit implementations, achieving high accuracy and speed.

## Contribution

It presents a novel approach that formulates FSM reverse engineering as a Boolean constraint satisfaction problem solved by an SMT solver, integrating power analysis for improved efficiency.

## Key findings

- Achieves 90-100% transition recovery accuracy.
- Runs several times faster than existing methods.
- Successfully applies to benchmark circuits.

## Abstract

In this paper, we present a non-invasive reverse engineering attack based on a novel approach that combines functional and power analysis to recover finite state machines from their synchronous sequential circuit implementations. The proposed technique formulates the machine exploration and state identification problem as a Boolean constraint satisfaction problem and solves it using a SMT (Satisfiability Modulo Theories) solver. It uses power measurements to achieve fast convergence. Experimental results using the LGSynth'91 benchmark suite show that the satisfiability-based approach is several times faster compared to existing techniques and can successfully recover 90%-100% of the transitions of a target machine.

## Full text

_Full body text omitted from this summary view._ Fetch the complete paper as Markdown: https://tomesphere.com/paper/1908.01979/full.md

## Figures

6 figures with captions in the complete paper: https://tomesphere.com/paper/1908.01979/full.md

## References

13 references — full list in the complete paper: https://tomesphere.com/paper/1908.01979/full.md

---
Source: https://tomesphere.com/paper/1908.01979