Martin Schobert has designed an open source software, called Degate, to help reverse-engineering hardware components. The process is the following:
- You must first take pictures of the layout of the depassivated hip
- Degate will attempt to recognize standard cells image pattern matching.
- Degate attempts also to reconstruct the netlist of wires and vias (vias are electronic connection between different layers).
- Then, it can build the full or partial logical layout.
Of course, the better the quality of the initial pictures (for instance using a Focussed Ion Bean (FIB)), the easier (and better) the automated result.
Degate will not do all the job. It is a software aid to reverse engineer. In any case, at the end, you will have to understand what the logic layout does. Degate is not a tool for script kiddies. It requires a good knowledge of micro electronics. You’re working at the transistor/cell level.
The site provides also an interesting repository of documentation related to IC reverse-engineering.
Lesson: As for software obfuscation, the less reused patterns in the design of the chip, the more robust to reverse-engineering.