Confidentiality Preserving Integer Programming for Global Routing
description
Transcript of Confidentiality Preserving Integer Programming for Global Routing
Confidentiality Preserving Integer Programming for Global Routing
Hamid Shojaei, Azadeh Davoodi, Parmesh Ramanathan
Department of Electrical and Computer Engineering
University of Wisconsin-Madison
WISCAD Electronic Design Automation Lab http://wiscad.ece.wisc.edu
2
Generate an optimization instance for
an EDA problem
(OP)
Client Cloud
CAD tool finds a Good Solution to OP (GSOP)
Attacks
GSOP
OP
Cloud-Based EDA
3
Mask the OP (MOP) MOP
Transform back for a Good Solution to OP
(GSOP)
Generate an optimization
instance (OP) GSMOP
Client Cloud
Find a Good Solution to
MOP (GSMOP)
Attacks
GSOP
OP
Proposed Framework: Overview
• The above framework allows masking an EDA problem instance before it is transferred to the cloud and thus provides immunity to attacks at the cloud side !
• Challenge: The masking process should ensure a good solution is still attainable using the same solver at the cloud side
4
Summary of Contributions• A framework to mask an ILP model,
corresponding to an instance of the global routing problem – masking preserves the solution quality
• Several attacks which can decipher layout and connectivity information from the unmasked problem
• Ability to explore the tradeoff between the increase in immunity and the corresponding increase in runtime to solve the masked problem instance
5
Global Routing - Problem Definition• A design is modeled by a
grid-graph– terminals of the nets are mapped to
vertices– route of a net corresponds to a tree
connecting its corresponding vertices and its wirelength is the number of edges of the tree
– each edge has an associated capacity
• The goal is to route all the nets with smallest total wirelength while ensuring minimal over-usage of routing resources
n1
n1
n1
n2
n4n2
n3
n3n4
n4
6
• For each net n, one route should be selected– from a set of its promising
candidate routes Tn• Objective:
– minimize a linear combination of the total wirelength and the total over-usage of routing resources (higher priority for large M)
S1
T111x
12x
S2
T2
21x
22x
o10
){𝑥11+𝑥12=1𝑥21+𝑥22=1
𝑏𝑒=2
An Integer Programming Model*
*[GRIP, TCAD’11]http://wiscad.ece.wisc.edu/gr/
7
Masking An Optimization Instance: Example
8
Simple Attacks: Examples• Number of nets
– count the #1s in the equalities in the right-hand-side (RHS) vector of (OP)
• Edge capacities– RHS value in the inequality
corresponding to the edge capacity constraints in (OP)
• Wirelength of a route– count the number of
positive entries in the corresponding column in the left-hand-side (LHS) constraint matrix minus one
A basic masking strategy to randomly shuffle the rows and
columns in the LHS and RHS does not make the (OP) immune even to
these simple attacks!
9
A Challenging Attack1. Compute the weight wij
– indicates if edges ei and ej are both included in one or more routing trees
– higher wij means higher likelihood that ei and ej are close or even physically adjacent
2. Solve an optimization problem to retrieve the routing topology using the computed weights– binary variable yij=1 if edges ei and ej
are estimated to share a vertex– solution is mapping of each routing
tree (through its edge indexes) to the location on the grid
10
Masking Steps• OP: optimization instance (after randomly shuffling the
rows and columns)• MOP1: further translates all equalities to inequalities by
adding surplus variables• MOP2: further hides 20% of the randomly-selected route
selection variables by replacing xit with 1-xit• MOP3-K%: further applies a masking heuristic to hide K%
of the columns in the LHS matrix by replacing a rows with a linear combination of the other rows– K is the hiding factor – results for K=10% and 20% in our experiments
We formally prove that the solution to each of these problem instances has the same quality as the original problem (OP) !
11
Simulation Setup
• (OP) created using the global routing tool CGRIP*– Ran CGRIP with a small time budget of only a few
minutes to create candidate routes for the ISPD 2007 benchmark instances
– Ran (OP) on multi-core machines (by running CPLEX in the multi-threaded mode)
* [CGRIP—ICCAD’11] http://wiscad.ece.wisc.edu/gr/cgrip.htm
12
Comparison: Simple Attacks
• Shown for one benchmark (a1)– similar for other benchmarks
• Simple attacks– Nets: number of nets– E-Cap: edge capacities– WL: wirelength of a candidate tree– Trees: number of trees per net by counting the non-
zero entries in a route selection constraint
13
Comparison: Vulnerability Metric
• Challenging attack– V: vulnerability measured as the number of correctly
restored grid edges in a routing topology attack – calculated by solving a (IP-VUL) formulation which
aims to extract the routing grid especially at the highly-utilized routing regions
14
• Increase in the hiding factor results in decrease in the vulnerability metric but increase in the CAD tool runtime
• No compromise in the global routing solution quality in all cases
Tradeoff Analysis for a1
15
Conclusions• Problem transformation provides designers to hide
confidential design information as a way to provide trust to a third-party cloud provides– complementary to and compatible with other security-based
techniques at the cloud’s side• Used masking techniques to transform an ILP formulation
describing a global routing instance such that– the transformed formulation is immune to a larger number of
confidentiality attacks– there is no loss of quality of the routing solution
• Tradeoff exists between decrease in vulnerability to attacks and increase in runtime