Introduction to Hardware Security and Trust.pdf - www.allitebooks.com Introduction to Hardware Security and Trust www.allitebooks.com

Introduction to Hardware Security and Trust.pdf -...

This preview shows page 1 out of 436 pages.

You've reached the end of your free preview.

Want to read all 436 pages?

Unformatted text preview: Introduction to Hardware Security and Trust Mohammad Tehranipoor • Cliff Wang Editors Introduction to Hardware Security and Trust 123 Editors Mohammad Tehranipoor ECE Department University of Connecticut 371 Fairfield Way, Unit 2157 Storrs, CT 06269 USA [email protected] Cliff Wang Computing and Information Science Division US Army Research Office PO Box 12211 Research Triangle Park NC 27709-2211 USA [email protected] ISBN 978-1-4419-8079-3 e-ISBN 978-1-4419-8080-9 DOI 10.1007/978-1-4419-8080-9 Springer New York Dordrecht Heidelberg London Library of Congress Control Number: 2011935539 © Springer Science+Business Media, LLC 2012 All rights reserved. This work may not be translated or copied in whole or in part without the written permission of the publisher (Springer Science+Business Media, LLC, 233 Spring Street, New York, NY 10013, USA), except for brief excerpts in connection with reviews or scholarly analysis. Use in connection with any form of information storage and retrieval, electronic adaptation, computer software, or by similar or dissimilar methodology now known or hereafter developed is forbidden. The use in this publication of trade names, trademarks, service marks, and similar terms, even if they are not identified as such, is not to be taken as an expression of opinion as to whether or not they are subject to proprietary rights. Printed on acid-free paper Springer is part of Springer Science+Business Media ( ) Contents 1 Background on VLSI Testing . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . Junxia Ma and Mohammad Tehranipoor 1 2 Hardware Implementation of Hash Functions . . . . . .. . . . . . . . . . . . . . . . . . . . Zhijie Shi, Chujiao Ma, Jordan Cote, and Bing Wang 27 3 RSA: Implementation and Security . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . Nicholas Tuzzio and Mohammad Tehranipoor 51 4 Security Based on Physical Unclonability and Disorder . . . . . . . . . . . . . . . Ulrich R¨uhrmair, Srinivas Devadas, and Farinaz Koushanfar 65 5 Hardware Metering: A Survey .. . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 103 Farinaz Koushanfar 6 Secure Hardware IPs by Digital Watermark .. . . . . . .. . . . . . . . . . . . . . . . . . . . 123 Gang Qu and Lin Yuan 7 Physical Attacks and Tamper Resistance . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 143 Sergei Skorobogatov 8 Side Channel Attacks and Countermeasures .. . . . . . .. . . . . . . . . . . . . . . . . . . . 175 Ken Mai 9 Trusted Design in FPGAs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 195 Mehrdad Majzoobi, Farinaz Koushanfar, and Miodrag Potkonjak 10 Security in Embedded Systems . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 231 Yunsi Fei and Juan Carlos Martinez Santos 11 Side-Channel Attacks and Countermeasures for Embedded Microcontrollers . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 263 Patrick Schaumont and Zhimin Chen v vi Contents 12 Security for RFID Tags . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 283 Jia Di and Dale R. Thompson 13 Memory Integrity Protection .. . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 305 Yin Hu and Berk Sunar 14 Trojan Taxonomy .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 325 Ramesh Karri, Jeyavijayan Rajendran, and Kurt Rosenfeld 15 Hardware Trojan Detection . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 339 Seetharam Narasimhan and Swarup Bhunia 16 Design for Hardware Trust . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 365 Yier Jin, Eric Love, and Yiorgos Makris 17 Security and Testing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . 385 Kurt Rosenfeld and Ramesh Karri 18 Protecting IPs Against Scan-Based Side-Channel Attacks.. . . . . . . . . . . . 411 Mohammad Tehranipoor and Jeremy Lee Contributors Swarup Bhunia Case Western Reserve University, Cleveland, Ohio, USA Zhimin Chen ECE Department, Virginia Tech, Blacksburg, VA 24061, USA Jordan Cote Computer Science and Engineering Department, University of Connecticut, Storrs, CT, USA Srinivas Devadas Electrical Engineering and Computer Science, Massachusetts Institute of Technology, Cambridge, USA Jia Di Computer Science and Computer Engineering Department, University of Arkansas, Fayetteville, Arkansas, USA Yunsi Fei Department of Electrical and Computer Engineering, University of Connecticut, Storrs, CT, USA Yin Hu Worcester Polytechnic Institute, Worcester, MA, USA Yier Jin Department of Electrical Engineering, Yale University, New Haven, CT 06520, USA Ramesh Karri Polytechnic Institute of New York University, Brooklyn, NY, USA Farinaz Koushanfar Electrical and Computer Engineering Department, Rice University, Houston, Texas 77215-1892, USA Jeremy Lee DFT Engineer, Texas Instruments, Dallas, TX, USA Eric Love Department of Electrical Engineering, Yale University, New Haven, CT 06520, USA Chujiao Ma Computer Science and Engineering Department, University of Connecticut, Storrs, CT, USA Junxia Ma University of Connecticut, Storrs, CT, USA Ken Mai Carnegie Mellon University, 5000 Forbes Avenue, Pittsburgh, PA 15213, USA vii viii Contributors Mehrdad Majzoobi Electrical and Computer Engineering Department, Rice University, 6100 Main, MS380, Houston, TX 77005, USA Yiorgos Makris Department of Electrical Engineering, Yale University, New Haven, CT 06520, USA Juan Carlos Martinez Santos Department of Electrical and Computer Engineering, University of Connecticut, Storrs, CT, USA Currently on leave from Universidad Tecnologica de Bolivar, Cartagena, Colombia Seetharam Narasimhan Case Western Reserve University, Cleveland, Ohio, USA Miodrag Potkonjak Computer Science Department, University of California Los Angeles, Los Angeles, CA 90095-1596, USA Gang Qu Electrical and Computer Engineering Department, Institution for Systems Research, University of Maryland, College Park, MD 20742, USA Jeyavijayan Rajendran Polytechnic Institute of New York University, Brooklyn, NY, USA Kurt Rosenfeld Google Inc., New York, USA Ulrich Ruhrmair ¨ Computer Science, Technische Universitat Munchen, Munich, Germany Patrick Schaumont ECE Department, Virginia Tech, Blacksburg, VA 24061, USA Zhijie Shi Computer Science and Engineering Department, University of Connecticut, Storrs, CT, USA Sergei Skorobogatov University of Cambridge, Computer Laboratory, JJ Thomson Avenue, Cambridge CB3 0FD, UK Berk Sunar Worcester Polytechnic Institute, Worcester, MA, USA Mohammad Tehranipoor UCONN Electrical and Computer Engineering, University of Connecticut, 371 Fairfield Way, Unit 2157 Storrs, CT 06269-2157, USA Dale R. Thompson Computer Science and Computer Engineering Department, University of Arkansas, Fayetteville, Arkansas, USA Nicholas Tuzzio UCONN Electrical and Computer Engineering, University of Connecticut, 371 Fairfield Way, Unit 2157, Storrs, CT 06269-2157, USA Bing Wang Computer Science and Engineering Department, University of Connecticut, Storrs, CT, USA Lin Yuan Synopsys Inc., Mountain View, CA 94043, USA Chapter 1 Background on VLSI Testing Junxia Ma and Mohammad Tehranipoor 1.1 Introduction As technology feature size of devices and interconnects shrink at the rate predicted by Moore’s law, gate density and design complexity on single integrated chip (IC) keep increasing in recent decades. The close to nanoscale fabrication process introduces more manufacturing errors. New failure mechanisms that are not covered by current fault models are observed in designs fabricated in new technologies and new materials. At the same time, the power and signal integrity issues that come with scaled supply voltages and higher operating frequencies increase the number of faults that violate the predefined timing margin. VLSI testing has become more and more important and challenging to verify the correctness of design and manufacturing processes. The diagram shown in Fig. 1.1 illustrates the simplified IC production flow. In the design phase, the test modules are inserted in the netlist and synthesized in the layout. Designers set timing margin carefully to account for the difference between simulation and actual operation mode, such as uncertainties introduced by process variation, temperature variation, clock jitter, etc. However, due to imperfect design and fabrication process, there are variations and defects that make the chip violate this timing margin and cause functional failure in field. Logic bugs, manufacturing error, and defective packaging process could be the source of errors. It is thus mandatory to screen out the defective parts and prevent shipping them to customers to reduce custom returns. Nowadays, the information collected from testing is used not only to screen defective products from reaching the customers but also to provide feedback to improve the design and manufacturing process (see Fig. 1.1). In this way, VLSI testing also improves manufacturing yield level and profitability. J. Ma ()  M. Tehranipoor UCONN Electrical and Computer Engineering, University of Connecticut, Storrs, CT, USA e-mail: [email protected]; [email protected] M. Tehranipoor and C. Wang (eds.), Introduction to Hardware Security and Trust, DOI 10.1007/978-1-4419-8080-9 1, © Springer Science+Business Media, LLC 2012 1 2 Fig. 1.1 Simplified IC design, fabrication, and test flow J. Ma and M. Tehranipoor IC Design Phase Test Module Insertion Timing Margin Setting Test Generation Phase Simulation Test Quality Check IC Fabrication Phase Manufacturing Errors Process Variation Test Application Phase Defective Parts Screening Failure Analysis Feedback Ship to Customer 1.2 Test Costs and Product Quality Although high test quality is preferred, it always comes at the price of high test cost. Trade-offs are necessary to reach the required test quality with minimum cost [1]. In this Section, concepts of test costs, VLSI yield, and product quality are introduced. These concepts, when applied in electronic test, lead to economic arguments that justify design-for-testability (DFT) [2]. 1.2.1 Test Costs Test cost includes the cost of automatic test equipment (ATE) (initial and running cost), the cost of test development (CAD tools, test vector generation, test programming) [3], and the cost of DFT [4]. The scan design techniques can significantly reduce the cost of test generation and the Built-in self-test (BIST) method can lower the complexity and cost of ATE [5]. As shown in Fig. 1.2, the electronic industry tests chips in different levels. Wafer testing is performed during semiconductor device fabrication using automated test equipment (ATE). During this step, each device that is present on the wafer is tested for functional defects by applying special test patterns to it. The wafer is then cut into rectangular blocks, each of which is called a die. Each good die is then packaged, and all packaged devices are tested through final testing again 1 Background on VLSI Testing 3 Fig. 1.2 Test levels: wafer, packaged chip, PCB, system in field on the same or similar ATE used during wafer probing. After the chips are shipped to the customers, they will perform PCB testing and system testing again because the rule of ten holds according to experience [6]. It usually requires ten times more expensive cost than chip level to repair or replace defective ASIC at PCB level. After chips are assembled into systems, if a board fault is not caught in PCB testing, it needs ten times as much at the system level as at the board level to find the fault. Nowadays, as the systems are much more complex than year 1982 when the empirical rule was first stated in [6], the times of cost increase are much more than 10X. For airplanes, a chip fault uncaught in testing can cause thousands or millions times loss. For the same reason, VLSI testing is essential to reach “zero-defect” goal for mission critical applications. 4 J. Ma and M. Tehranipoor 1.2.2 Defect, Yield, and Defect Level A manufacturing defect is a finite chip area with electrically malfunctioning circuitry caused by errors in the fabrication process. Defect on wafers could be caused by process variation, such as impurities in wafer material and chemicals, dust particles on masks or in the projection system, mask misalignment, incorrect temperature control, etc. Typical defects are broken (open) metal wires, missing contracts, bridging among metal lines, missing transistors, incorrect doping levels, void vias, resistive open vias, and many other phenomena that can cause the circuit to fail. A chip with no manufacturing defect is called a good chip. Fraction (or percentage) of good chips produced in a manufacturing process is called the yield. Yield is denoted by symbol Y. For chip area A, with fault density f , where f is the average number of faults per unit area, fault clustering parameter ˇ, and fault coverage T , the yield equation [5] is expressed as later.   TAf ˇ Y .T / D 1 C : ˇ (1.1) Assuming that tests with 100% fault coverage (T D 1:0) remove all faulty chips, the yield Y (1) is:   Af ˇ : (1.2) Y D Y .1/ D 1 C ˇ Good test process can reject most of the defective parts. However, even it can reject all the faulty chips, it cannot improve the process yield by itself unless the diagnostic information collected during test is feedback to the design and fabrication process. There are two ways of improving the process yield [5]: 1. Diagnosis and repair. Defective parts are diagnosed and then repaired. Although in this way the yield is improved, it increases the cost of manufacturing. 2. Process diagnosis and correction. By identifying systematic defects and their root cause, the yield can be improved once the cause is eliminated during manufacturing process. Process diagnosis is preferred method of yield improvement. A metric used to measure the effectiveness of tests and the manufactured product quality is defect level (DL), which is defined as the ratio of faulty chips among the chips that pass tests. It is measured as parts per million (ppm). For commercial VLSI chips a DL greater than 500 ppm is considered unacceptable. There are two methods for the determination of defect level. One is from the field return data. Chips failing in the field are returned to the manufacturer. The number of returned chips normalized to one million chips shipped is the defect level. The other way is using test data. Fault coverage of tests and chip fallout rate are analyzed. A modified yield model is fitted to the fallout data to estimate the defect level, where chip fallout is the fraction of chips failing up to a vector in the test set, which is 1  Y (T ). 1 Background on VLSI Testing 5 When chip tests have a fault coverage T , the defect level is given by the following equation [5]: Y .T /  Y .1/ Y .1/ DL.T / D D1 D1 Y .T / Y .T /  ˇ C TAf ˇ C Af ˇ ; (1.3) where Af is the average number of faults on the chip of area A and ˇ is the fault clustering parameter. Af and ˇ are determined by test data analysis. This equation gives DL as a fraction that should be multiplied by 106 to obtain ppm. For zero fault coverage, DL(0) D 1  Y (1), where Y (1) is the process yield. For a 100% fault coverage, DL(1) D 0. An alternative equation relating detects level, Yield, and fault-coverage, in case of unclustered random defects is [22]: DL.T / D 1  Y 1T ; (1.4) where T is the fault coverage of tests and Y is the ratio of the “devices tested good” to the “total number of devices tested or fabricated/manufactured.” 1.3 Test Generation 1.3.1 Structural Test vs. Functional Test In the past, functional patterns were used to verify if there are any errors at the output. A complete functional test will check each entry of the truth table. It is possible with small input numbers. However, as the exhaustive testing of all possible input combinations grows exponentially as the number of inputs increases, such a test will be too long and impossible for real circuits with several hundred inputs. Eldred derived tests that would observe the state of internal signals at primary outputs of a large digital system in 1959 [7]. Such tests are called structural tests because they depend on the specific structural (gate type, interconnect, netlist) of the circuits [5]. Structural test has become more attractive over the last decade because of the controllable testing time. Structural testing is considered as white-box testing because the knowledge of the internal logic of a system is used for test generation. It makes no direct attempt to determine if the overall functionality of the circuit is correct. Instead, it checks whether the circuit has been assembled correctly from low-level circuit elements as specified in the netlist. The stipulation is that if the circuit elements are confirmed to be assembled correctly then the circuit should be functioning correctly. Functional test attempts to validate that the circuit under test functions according to its functional specification. It can be viewed as black-box test. Functional automatic test-pattern generation (ATPG), (refer to 1.3.4) programs generates complete set 6 J. Ma and M. Tehranipoor b A[i] a B[i] A[0:63] B[0:63] S[0:63] 64-bit Full Adder Cin0 Cin[i] sa0,1 sa0,1 sa0,1 XOR sa0,1 S[i] sa0,1 sa0,1 sa0,1 sa1 Cout sa0,1 XOR AND sa1 sa1 sa0 sa0 AND Cin[i+1] sa1 sa1 AND sa1 sa0,1 OR sa0 27 stuck-at faults Fig. 1.3 A 64-bit ripple-carry adder: (a) functional test; (b) structural stuck-at fault test of tests for circuit input-output combinations to completely exercise the circuit function. Figure 1.3 shows a 64-bit ripple-carry adder and the logic circuit design for one bit slice of the adder. As can be seen from Fig. 1.3a, the adder has 129 inputs and 65 outputs. Therefore, to completely test it using functional patterns, we need 2129 D 6:80  1038 input patterns, and to verify 265 D 3:69  1019 output response. Using ATE whose operating frequency is 1 GHz, it would take 2:15  1022 years to apply all of these patterns to this adder circuit assuming that the circuit can operate at 1 GHz too. Today considering most of the circuit size much larger than this simple adder, exhaustive functional test is impractical to test them in most of the case. Nowadays small numbers of functional test patterns are found to be useful to screen sever defects. For some applications, such as microprocessors, functional testing is still a very important part. It is quite fast to apply structure test to this 64-bit adder circuit. There are totally 27 stuck-at faults for one bit adder after we discard the equivalent faults in Fig. 1.3b. For a 64-bit adder, there are 27  64 D 1;728 faults. It needs at most 1,728 test patterns. Using 1 GHz ATE it needs only 0.000001728 s to apply these patterns. Since this pattern set covers all possible stuck-at faults in this adder, it achieves same fault coverage as the huge functional test pattern set. Thus we can see the advantage and importance of structural testing. 1.3.2 Fault Models There are three terms that are usually used to describe the incorrectness of an electronic system. • Defect: A defect in an electronic system is the unintended difference between the implemented hardware and its intended design. Typical defects in VLSI chips are: process defects, material defects, aging defects, and package defects. 1 Background on VLSI Testing Side-to-Side 7 Corner-to-Corner Side-to-Side-OverWide-Metal Via-to-Via Via Corner-to-Via Corner End-of-Line Side-to-Side with minimum width Fig. 1.4 Five Type of bridging faults [26] • Error: ...
View Full Document

  • Fall '19
  • Electronic design automation, Automatic test pattern generation, VLSI Testing, Mohammad Tehranipoor

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern

Stuck? We have tutors online 24/7 who can help you get unstuck.
A+ icon
Ask Expert Tutors You can ask You can ask You can ask (will expire )
Answers in as fast as 15 minutes