JP3892004B2 - LSI design method - Google Patents

Description

  The present invention relates to LSI design and, in particular, belongs to a technique for keeping confidential design data.

  In LSI design, there is a case where it is desired to keep confidential circuit contents. For example, in an LSI related to data encryption, if the contents of the circuit are known, the encryption logic may be decrypted.

  Conventionally, LSI design that requires such confidentiality is limited to the people engaged in the design, or the location of the design is specified so that other people cannot know the contents of the circuit. It was like that.

  With the increasing complexity and scale of LSI in recent years, many designers are involved in designing one LSI. Therefore, the limitation of the designer and design location alone is not necessarily sufficient to keep the circuit secret.

  In view of the above problems, an object of the present invention is to adopt an encryption process in designing an LSI and to increase the confidentiality of circuit design data as compared with the conventional art.

  The solution provided by the invention of claim 1 is that, as an LSI design method in an LSI design apparatus having an encryption processing unit for performing encryption processing on given circuit design data, the encryption processing unit includes the circuit The circuit conversion step is performed by converting all or part of the circuit represented by the design data as the original circuit to generate an encryption circuit, and the circuit conversion step has the same number of inputs and outputs as the original circuit. At least one dummy circuit is arranged in parallel with the original circuit, a rearrangement circuit for rearranging the outputs of the original circuit and the dummy circuit is arranged, and the original circuit according to a selection signal from the output of the rearrangement circuit A selector for selecting a number of signals corresponding to the number of outputs is arranged to generate the encryption circuit, and the selection signal is used as a key signal to output the original circuit. The value of the key signal as the output of the selector matches is to the key of the encryption circuit.

  According to a second aspect of the present invention, in the LSI design method of the first aspect, the encryption processing unit includes a step of generating a dummy circuit used in the circuit conversion step, and the dummy circuit generation step includes the original circuit On the other hand, a dummy logic database composed of dummy circuit candidates is generated according to the conversion rule, and the dummy circuit is selected from the dummy logic database according to the output rule.

  In the invention of claim 3, the conversion rule in the LSI design method of claim 2 includes at least one of logical value inversion, logical operator conversion, and logical operator order change.

  In the invention of claim 4, the output rule in the LSI design method of claim 2 is random selection.

  According to a fifth aspect of the present invention, in the LSI design method according to the first aspect, a design / verification processing unit included in the LSI design apparatus includes a step of laying out the encryption circuit, and the layout step includes the key signal. The input signal line is laid out so that it can be connected to either the power supply or the ground.

  According to a sixth aspect of the present invention, in the LSI design method of the fifth aspect, the design / verification processing unit connects the key signal to one of a power supply and a ground according to the key in the layout, and The step of generating the layout of the circuit is provided.

  According to a seventh aspect of the present invention, there is provided a solution provided by an LSI design method in an LSI design apparatus having an encryption processing unit and a dummy logic database for performing encryption processing on given circuit design data. The conversion processing unit outputs at least one dummy circuit subjected to circuit conversion to the dummy logic database using all or part of the circuit represented by the circuit design data as the original circuit, and outputs the dummy logic database from the dummy logic database. And a step of generating an encryption circuit by at least one dummy circuit, wherein the circuit conversion includes paralleling the original circuit with at least one dummy circuit having the same number of inputs and outputs as the original circuit. And arranging a rearrangement circuit for rearranging the outputs of the original circuit and the dummy circuit, and selecting from the outputs of the rearrangement circuit. A selector that selects a number of signals corresponding to the number of outputs of the original circuit according to the signal is arranged to generate the encryption circuit, and the selection signal is used as a key signal, The value of the key signal such that the output matches the output of the selector is used as the key of the encryption circuit.

  Further, the solution provided by the invention of claim 8 is an LSI design method in an LSI design apparatus having an encryption processing unit and a dummy logic database, based on all or part of a circuit represented by given circuit design data. The circuit conversion step, and generating an encryption circuit. In the circuit conversion step, the encryption processing unit inputs the original circuit and a predetermined conversion rule, and the conversion rule The original circuit is converted based on the information, and at least one dummy circuit is output to the dummy logic database, the dummy logic database inputs an output rule, outputs at least one dummy circuit, and the encryption The processing unit arranges the dummy circuit output from the dummy logic database in parallel with the original circuit, and the encryption processing unit A rearrangement circuit for rearranging the outputs of the circuit and the dummy circuit, and the encryption processing unit outputs a number of signals corresponding to the number of outputs of the original circuit according to a selection signal from the output of the rearrangement circuit. A selector to be selected is arranged to generate the encryption circuit, and the encryption processing unit uses the selection signal as a key signal, and the output of the original circuit matches the output of the selector Such a key signal value is used as a key of the encryption circuit.

  According to a ninth aspect of the present invention, there is provided a solution provided by an LSI design method in an LSI design apparatus having an encryption processing unit including a dummy logic database generation unit, a dummy logic database, and a dummy logic database output unit. The processing unit includes a step of performing circuit conversion using the whole or part of the circuit represented by the given circuit design data as an original circuit and generating an encryption circuit, and the circuit conversion step includes the dummy logic A database generation unit inputs the original circuit and a predetermined conversion rule, converts the original circuit based on the conversion rule, outputs at least one dummy circuit to the dummy logic database, and outputs the dummy circuit The logical database output unit inputs an output rule and outputs at least one dummy time from the dummy logical database. The encryption processing unit arranges the dummy circuit output from the dummy logic database in parallel with the original circuit, and the encryption processing unit arranges the outputs of the original circuit and the dummy circuit. A rearrangement circuit to be replaced, and the encryption processing unit includes a selector that selects a number of signals corresponding to the number of outputs of the original circuit from the output of the rearrangement circuit according to a selection signal. And the encryption processing unit uses the selection signal as a key signal, and sets the value of the key signal such that the output of the original circuit and the output of the selector coincide with each other. This is the key to the circuit.

  As described above, according to the present invention, the confidentiality of the circuit design data can be improved by encryption, as compared with the prior art.

  FIG. 1 is a diagram showing a circuit design style proposed by the present inventor. In the design style shown in FIG. 1, the design data encryption processing SA and decryption processing SC are executed so that the design / verification processing SB can be executed even if the contents of the confidential design data are not visible.

  In the encryption process SA, the circuit design data 11 requiring confidentiality is encrypted, and the encrypted design data 12 and the key 13 for releasing the encryption are generated. The encrypted design data 12 is provided to a user who executes the design / verification process SB. Further, a key 13 is also provided as necessary for the design / verification process SB.

  In the design / verification process SB, various processes are performed on the encrypted design data 12 without disclosing the contents of the original circuit. In the decryption process SC, the encrypted design data 14 after the design / verification process SB is performed is decrypted by using the key 15 to generate the original circuit design data 16.

  FIG. 2 is a diagram showing basic process patterns in the circuit design style of FIG. In the figure, (a) shows encryption A, (b) shows processing B1 with the encrypted data, (c) shows data conversion B2 with encryption, and (d) shows decryption C. Process B1 and process B2 differ in that decryption and encryption are not performed in process B1 and a new key is not generated, but new encrypted data is generated together with a new key in process B2.

  FIG. 3 is a diagram showing the flow of processing according to the present invention, which is a combination of the basic process patterns shown in FIG. In the figure, the process shown in (a) is a combination of encryption A, process B1 with encrypted data as it is, and decryption C. For example, RTL level or behavior level design data is encrypted, logical synthesis is performed on the encrypted data, encrypted gate level design data is output, and then decrypted into gate level design data. Corresponds to this. Thereby, the confidentiality of the design data during logic synthesis can be maintained. It is also conceivable that logic synthesis and layout are performed on the encrypted data, and then the mask data is decrypted. The process shown in (b) is a combination of encryption A, data conversion B2 with encryption, and decryption C.

  Hereinafter, specific examples of each process will be described in order.

<Encryption processing>
(Circuit conversion)
FIG. 4 is a diagram showing circuit conversion as an example of the encryption processing according to the present invention. In FIG. 4, f0 is the original unencrypted circuit. Assume that the number of inputs of the circuit f0 is n and the number of outputs is m. The circuit f0 may represent the entire original circuit or may be a partial circuit of the original circuit.

  As shown in FIG. 4, (p−1) dummy circuits f1 to fp−1 having the same number of inputs and outputs as the circuit f0 are arranged in parallel with the circuit f0. A rearrangement circuit 21 and a selector 22 are provided at the subsequent stage. The rearrangement circuit 21 receives the output of the circuit f0 and the outputs of the dummy circuits f1 to fp-1, and rearranges and outputs these outputs. For example, the first bits of the outputs of the circuits f0 to fp-1 are collected and rearranged from the output O1, and the second bits of the outputs of the circuits f0 to fp-1 are collected and rearranged from the output O2. Output. As a result, the rearrangement circuit 21 outputs a number corresponding to the number of outputs of the original circuit f0, that is, m, p-bit signals.

  The selector 22 selects and outputs one bit at a time from each output of the rearrangement circuit 21 in accordance with the selection signal KEY. As a result, the same m signals as the circuit f0 are output from the selector 22. As a result of such circuit conversion, an encryption circuit as shown in FIG. 4 is generated.

  Here, the selection signal KEY is used as a key signal of the encryption circuit. The value of the key signal KEY that matches the output of the circuit f0 and the output of the selector 22 is used as the key of the encryption circuit.

  Such encryption by circuit conversion has a simple conversion procedure, and automatic conversion is easy. The increase in delay due to encryption is only the delay in the selector 22 and is extremely small.

  FIG. 5 is a diagram showing a specific example of the circuit conversion shown in FIG. Assume that a 2-input 2-output circuit as shown in FIG. 5A is given as the original circuit f0. A dummy circuit f1 as shown in FIG. 5B is arranged for this circuit f0. FIG. 5C is a diagram showing a result of encrypting the circuit f0 using the dummy circuit f1. Furthermore, the circuit of FIG. 5C is synthesized to obtain an encryption circuit as shown in FIG. The key of this circuit is (0, 1).

  FIG. 6 is a diagram showing a method of generating a dummy circuit used for the circuit conversion shown in FIG. As shown in FIG. 6, a dummy logic database (DB) 26 including dummy circuit candidates is generated for the original circuit f0 according to a predetermined conversion rule 25. Then, arbitrary dummy circuits f1 to fp-1 are output from the generated dummy logic DB 26 according to a predetermined output rule 27. In such a generation method, the dummy circuits f1 to fp-1 can be flexibly generated by setting the conversion rule 25 and the output rule 27, which is suitable for automation processing.

  Examples of the conversion rule 25 include inversion of logical values, conversion of logical operators, change of the order of logical operators, and the like. In the logic value inversion, in addition to the inversion of the input value and the inversion of the output value, a method of inverting some bits of the multi-bit signal can be considered. In the conversion of logical operators, conversion between AND and OR can be considered. As an example of the output rule 27, a method of selecting at random, a method of eliminating duplicate dummy circuits, and the like can be considered.

<Decryption process>
When the encryption circuit obtained by the circuit conversion as shown in FIG. 4 is laid out, the layout is performed so that the input signal line for the key signal can be connected to either the power supply or the ground. As a result, the contents of the original circuit can be kept confidential until the layout process, and the original circuit can be decrypted very easily using the key.

  FIG. 7 is a diagram for explaining the decryption process, where (a) shows an example of the layout of the encryption circuit, and (b) shows the result of decrypting the circuit of (a) according to the key. FIG. As shown in FIG. 7A, the layout is performed so that the input signal line 31 of the key signal KEY input to the encryption circuit 30 can be connected to either the power supply VDD or the ground VSS. Then, as shown in FIG. 7B, the input signal line 31 for the key signal KEY is connected to either the power supply or the ground (ECO ( Engineering Change Order)). Thereby, the layout of the original circuit is decoded.

<Design and verification processing>
(Judgment)
When the encrypted design data is decrypted and verified by simulation, an expected value for determining whether or not the simulation result is normal is required. However, if the expected value is visible from the outside, the contents of the circuit can be estimated from the expected value, and the confidentiality of the design data cannot be maintained.

  Therefore, here, when the circuit design data is encrypted, the encryption is performed including the data that is the expected value of the simulation result or the data from which the expected value is obtained. In the verification process, it is determined whether the circuit operation is normal based on the comparison result between the simulation result and the expected value.

  FIG. 8 is a diagram showing a first determination method as a verification method according to the present invention. In this determination method, a reference operation model is used as data from which the expected value of the simulation result is obtained. That is, as shown in FIG. 8, first, the circuit design data 41 encrypted together with the operation model is decrypted by using the key 42 (S21), and the actual lower-level design data 43 (RTL or gate level netlist). ) And operation model design data 44. Then, a simulation is performed on the lower level design data 43 (S22), and an actual output value 45 is obtained. Further, a simulation is executed on the design data 44 of the behavior model (S23), and an expected output value 46 is obtained. Then, the obtained actual output value 45 and the expected output value 46 are compared, and it is determined whether or not the actual output value 45 and the expected output value 46 match each simulation time (S24). In the example of FIG. 8, since the values match, the result notification 47 outputs that the simulation result is normal.

  FIG. 9 is a diagram showing a second determination method as a verification method according to the present invention. In this determination method, a protocol definition is used as data that is an expected value of a simulation result. That is, as shown in FIG. 9, first, the circuit design data 51 encrypted together with the protocol definition is decrypted using the key 52 (S31), and the design data 53 and the protocol definition 54 are obtained. In the protocol definition 54, the operation state is defined for the input / output of the circuit indicated by the design data 53 and the value of the intermediate node. Then, a simulation is executed on the design data 53 (S32), and the obtained actual output value 55 is compared with the protocol definition 54 (S33).

  In the first and second determination methods, when the result that the simulation result is abnormal is obtained, the actual output values 45 and 55 that are the simulation execution result may be encrypted and output.

(Simulation limit)
When the simulation is executed for the encrypted design data and verified, information on all signal lines in the design data is stored in the verification result output. If the simulation is executed with many inputs, and the verification result output obtained from the simulation is analyzed, the contents of the encrypted circuit can be obtained.

  Therefore, here, a method of limiting the simulation is shown so that the contents of the circuit cannot be obtained from the verification result output, in other words, in order to monitor and prevent unauthorized access.

  FIG. 10 is a diagram showing a simulation limiting method as a verification method according to the present invention. As shown in FIG. 10, in the check S43 of the simulation S42, the following predetermined limit information 64 is counted during the simulation. Then, when the count value exceeds a predetermined upper limit value, a limiting measure is applied to the simulation S42.

-Simulation execution step, execution time-Number of toggles of specific signals in the circuit-Combination of inputs to the circuit These restriction information may be selected at random. In addition, the following measures can be considered as limiting measures for simulation.

・ Simulation stop, execution speed drop, abnormal execution ・ Simulation result non-output ・ Dump information of each signal line, output stop of data such as judgment result ・ Non-generation of data or key to be passed to the next step A protocol constraint condition may be provided to determine whether or not the protocol constraint condition is violated in the simulation. Protocol restrictions include the following.

・ Protocol that is acceptable for input to the circuit (input protocol)
・ Protocol that is acceptable for operation in the circuit (Protocol during operation)
These protocol constraint conditions may be selected at random.

  The restriction information 64 may be encrypted and decrypted together with the circuit design data encryption, or may be provided separately from the encrypted design data 61.

  Further, a circuit for checking unauthorized access in the simulation may be included in the circuit design data in advance and encrypted. This check circuit needs to be configured so that it operates only during simulation and the operation is disabled after circuit design.

  FIG. 11 is a diagram illustrating an example of a circuit for checking unauthorized access in a simulation. The check circuit shown in FIG. 11A fixes the output value to “0” regardless of the value of the signal B when the number of changes of the signal A exceeds a predetermined value (here, “8”). is there. At the time of simulation, “1” → “0” is applied to the signal X, and an external reset is applied. Thereafter, as shown in FIG. 11B, the output value matches the value of the signal B until the number of changes of the signal A as the predetermined limit information exceeds 8, but the number of changes of the signal A exceeds 8. The output value is fixed to “0”. As a result, a correct simulation result cannot be obtained. At the time of circuit manufacture, the signal X is fixed to “1” so that this check circuit does not operate.

  FIG. 12 is a diagram illustrating another example of the check circuit. The check circuit shown in FIG. 12A has a protocol constraint condition that both the signals A and B are “0” when the signal Y changes, and one of the signals A and B is “0” when the signal Y changes. When it is not "", it is recognized as a protocol violation, and the output value is fixed to "0" regardless of the value of the signal C. At the time of simulation, “1” → “0” is applied to the signal X, and an external reset is applied. Thereafter, as shown in FIG. 12B, when the signal Y changes, when both the signal A and the signal B are not “0”, the output value is fixed to “0”. As a result, a correct simulation result cannot be obtained. At the time of circuit manufacture, the signal X is fixed to “1” and the signal Y is fixed to “0” so that this check circuit does not operate.

(Timing adjustment)
13 and 14 are diagrams showing a timing adjustment method as an LSI design method according to the present invention. This timing adjustment method includes the flow shown in FIG. 3A, that is, the flow of encryption A → processing B1 → decryption C.

  As shown in FIG. 13, first, timing information 72 is extracted from the original circuit design data 71 (S51). The timing information here refers to a delay from each logic gate to the load at the connection destination. Then, according to a predetermined conversion rule 73, encryption is performed so that the content of the original circuit is not known and only the timing information 72 is matched, that is, without changing the delay from each logic gate to the connection destination load. Processing is performed (S52), and encrypted design data 74 is generated. The content of the conversion rule 73 becomes the key 75 as it is. At this time, as shown in FIGS. 14A and 14B, a buffer 79 for timing adjustment is added to at least one of the converted logic gates 78.

  Then, for the encryption design data 74, as shown in FIG. 14C, the size of the added buffer 79 is adjusted so as to satisfy the target timing (S53). Here, it is not necessary to use the key 75 generated in the encryption process S52. After adjusting the buffer size, the original circuit 77 is decrypted using the key 75, that is, a predetermined conversion rule (S54). At this time, as shown in FIG. 14D, the original logic gate is converted based on the adjusted buffer size. As a result, the target timing is achieved.

  According to such a timing adjustment method, the timing adjustment can be performed while keeping the circuit contents secret from the designer.

(Unique ID generation)
FIG. 15 is a diagram illustrating an example of a circuit configuration represented by the encrypted design data. As shown in FIG. 15, the encrypted design data has a circuit unique ID register as a unique ID determination circuit for determining the type of product. The value of the unique ID input to this circuit unique ID register is defined by a variable. In addition, a unique parameter that gives the value of this unique ID variable is defined. The unique parameters are defined in an order different from the actual unique ID.

  Even when the input unique ID value is “110” when performing the simulation, the arrangement is different from the value of the circuit unique ID register, and the newly defined unique ID value is “101”. It is generated for the circuit that operates normally only when it matches. In the next design process, even if the input unique ID value is “011”, it is newly redefined as “101”.

  In the description here, the number of bits of the unique ID and the value of the unique ID to be input is 3, but this value is arbitrary. Furthermore, the input unique ID and circuit unique ID register may be not only arranged but also inverted in logic.

  In the circuit shown in FIG. 16, not only the unique ID but also all nodes fixed to the power supply or ground in the logic circuit are defined by variables.

  As the variable value, the input unique ID value and other values fixed so as to operate normally are input. On the circuit, the circuit unique ID register (A, B, C in the figure) and It becomes impossible to distinguish from other registers (D and E in the figure), and the value of the unique ID cannot be easily known.

  In addition, each method mentioned above is realizable with the apparatus provided with the computer which performs the program for implement | achieving the said method. Further, it can be realized by recording a program for realizing the method on a computer-readable recording medium and causing the computer to execute the program recorded on the recording medium.

It is a figure which shows the circuit design style which this inventor proposes. It is a figure which shows the pattern of the basic process in the circuit design style of FIG. (A), (b) is a figure which shows the flow of the process based on this invention. It is a figure which shows the circuit conversion as an example of an encryption process. (A)-(d) is a figure which shows the specific example of the circuit conversion shown in FIG. It is a figure which shows the production | generation method of the dummy circuit used for the circuit conversion shown in FIG. (A), (b) is a figure for demonstrating a decoding process. It is a figure which shows the 1st determination method as a verification process. It is a figure which shows the 2nd determination method as a verification process. It is a figure which shows the simulation restriction | limiting method as a verification process. (A), (b) is a figure which shows an example of a check circuit. (A), (b) is a figure which shows an example of a check circuit. It is a figure which shows a timing adjustment method. It is a figure which shows a timing adjustment method. It is a figure which shows an example of the circuit structure which encryption design data represents. It is a figure which shows an example of the circuit structure which encryption design data represents.

Explanation of symbols

SA encryption processing f0 original circuit f1-fp-1 dummy circuit KEY key signal 11 circuit design data 21 rearrangement circuit 22 selector 25 conversion rule 26 dummy logic database 27 output rule 30 encryption circuit 31 key signal input signal line 41 Encrypted design data 43 Lower level design data (actual design data)
44 Reference IP design data (operation model)
45 Actual output value 46 Expected output value 51 Encrypted circuit design data 53 Actual design data 54 Protocol definition 55 Actual output value 61 Encrypted circuit design data 63 Actual design data 64 Restriction information 72 Timing information 73 Conversion rules 78 logic gate 79 buffer

Claims (9)

An LSI design method in an LSI design apparatus having an encryption processing unit for performing encryption processing on given circuit design data,
The encryption processing unit includes a step of generating an encryption circuit by performing circuit conversion using the whole or a part of the circuit represented by the circuit design data as an original circuit,
The circuit conversion step includes
Placing at least one dummy circuit having the same number of inputs and outputs as the original circuit in parallel with the original circuit;
Arranging a rearrangement circuit for rearranging the outputs of the original circuit and the dummy circuit;
A selector for selecting a number of signals corresponding to the number of outputs of the original circuit according to a selection signal from the output of the rearrangement circuit, and generating the encryption circuit; and
An LSI design method characterized in that the selection signal is used as a key signal, and the key signal value such that the output of the original circuit and the output of the selector match is used as the key of the encryption circuit. . The LSI design method according to claim 1,
The encryption processing unit includes a step of generating a dummy circuit used in the circuit conversion step,
The dummy circuit generation step includes
For the original circuit, in accordance with the conversion rules, generate a dummy logic database consisting of dummy circuit candidates,
An LSI design method, wherein a dummy circuit is selected from the dummy logic database according to an output rule. The LSI design method according to claim 2, wherein
The LSI design method, wherein the conversion rule includes at least one of logical value inversion, logical operator conversion, and logical operator order change. The LSI design method according to claim 2, wherein
The LSI design method, wherein the output rule is random selection. The LSI design method according to claim 1,
A design / verification processing unit included in the LSI design apparatus includes a step of laying out the encryption circuit;
The layout step includes
An LSI design method, wherein layout is performed so that an input signal line for the key signal can be connected to either a power supply or a ground. The LSI design method according to claim 5, wherein
The LSI comprising: a step of generating a layout of the original circuit by connecting the key signal to one of a power supply and a ground according to the key in the layout in the design / verification processing unit Design method. An LSI design method in an LSI design apparatus having an encryption processing unit and a dummy logic database for performing encryption processing on given circuit design data,
The encryption processing unit outputs at least one dummy circuit subjected to circuit conversion to the dummy logic database by using all or a part of the circuit represented by the circuit design data as an original circuit, and outputs from the dummy logic database Generating an encryption circuit by means of at least one dummy circuit,
The circuit conversion is
Placing at least one dummy circuit having the same number of inputs and outputs as the original circuit in parallel with the original circuit;
Arranging a rearrangement circuit for rearranging the outputs of the original circuit and the dummy circuit;
A selector for selecting a number of signals corresponding to the number of outputs of the original circuit according to a selection signal from the output of the rearrangement circuit, and generating the encryption circuit; and
An LSI design method characterized in that the selection signal is used as a key signal, and the key signal value such that the output of the original circuit and the output of the selector match is used as the key of the encryption circuit. . An LSI design method in an LSI design apparatus having an encryption processing unit and a dummy logic database,
A circuit conversion is performed using the whole or a part of a circuit represented by given circuit design data as an original circuit, and an encryption circuit is generated;
The circuit conversion step includes
The encryption processing unit inputs the original circuit and a predetermined conversion rule, converts the original circuit based on the conversion rule, and outputs at least one dummy circuit to the dummy logic database;
The dummy logic database inputs an output rule, outputs at least one dummy circuit,
The encryption processing unit arranges the dummy circuit output from the dummy logic database in parallel with the original circuit,
The encryption processing unit arranges a rearrangement circuit for rearranging the outputs of the original circuit and the dummy circuit,
The encryption processing unit arranges a selector for selecting a number of signals corresponding to the number of outputs of the original circuit according to a selection signal from the output of the rearrangement circuit, and generates the encryption circuit. ,And,
The encryption processing unit uses the selection signal as a key signal, and uses the value of the key signal such that the output of the original circuit matches the output of the selector as a key of the encryption circuit. LSI design method characterized by the above. An LSI design method in an LSI design apparatus having an encryption processing unit including a dummy logic database generation unit, a dummy logic database, and a dummy logic database output unit,
The encryption processing unit includes a step of generating an encryption circuit by performing circuit conversion using the whole or a part of a circuit represented by given circuit design data as an original circuit,
The circuit conversion step includes
The dummy logic database generation unit inputs the original circuit and a predetermined conversion rule, converts the original circuit based on the conversion rule, and outputs at least one dummy circuit to the dummy logic database And
The dummy logic database output unit inputs an output rule, and outputs at least one dummy circuit from the dummy logic database;
The encryption processing unit arranges the dummy circuit output from the dummy logic database in parallel with the original circuit,
The encryption processing unit arranges a rearrangement circuit for rearranging the outputs of the original circuit and the dummy circuit,
The encryption processing unit arranges a selector for selecting a number of signals corresponding to the number of outputs of the original circuit according to a selection signal from the output of the rearrangement circuit, and generates the encryption circuit. ,And,
The encryption processing unit uses the selection signal as a key signal, and uses the value of the key signal such that the output of the original circuit matches the output of the selector as a key of the encryption circuit. LSI design method characterized by the above.

Images