This work addresses the privacy risks in federated learning for hardware verification, where adversaries with domain knowledge can exploit standard cell library layouts to infer sensitive integrated circuit training data. The paper proposes DECIFR, a two-stage membership inference attack that operates without any auxiliary dataset. First, it employs a guided inversion attack (GIA) to reconstruct client training images from intercepted model updates; then, it determines membership based on the fidelity of these reconstructions. By uniquely incorporating prior knowledge of standard cell library layouts, DECIFR overcomes the conventional reliance on auxiliary data and achieves high-accuracy membership identification in hardware-related scenarios. This approach exposes critical privacy vulnerabilities in standard federated learning protocols when applied to integrated circuit design.

Federated Learning (FL) is a promising approach for multiparty collaboration as a privacy-preserving technique in hardware assurance, but its security against adversaries with domain-specific knowledge is underexplored. This paper demonstrates a critical vulnerability where available standard cell library layouts (SCLL) can be exploited to compromise the privacy of sensitive integrated circuit (IC) training data. We introduce DECIFR, a novel two-stage Membership Inference Attack (MIA) that requires no auxiliary dataset. The attack employs a guided Gradient Inversion Attack (GIA) to reconstruct a client's training images from intercepted model updates. Our findings reveal that the fidelity of these reconstructions directly correlates with membership status, allowing an adversary to reliably distinguish members from non-members based on image quality. This work exposes a practical threat that overcomes the limitations of conventional attacks and underscores that standard FL protocols are insufficient for securing domains with extensive knowledge. We conclude that robust defenses are essential for the secure application of FL in hardware assurance.