Microcontrollers and various other embedded circuit devices are used in, or used as, secure electronic devices that perform various types of secure transactions, and to store various types of secure data. For example, secure electronic devices are more and more being used to conduct secure currency transfers, secure information transfers, and secure data storage operations. As a result of the increased usage of microcontrollers, and similar circuit devices, for storing and transferring secure information and data, there has also been an increase in the number of people dedicated to, and the number of techniques developed for, reverse engineering secure electronic devices.
Various non-destructive reverse engineering techniques have been developed for attacking secure electronic devices. Many of these non-destructive techniques utilize variations in system voltages (e.g., over/under voltage), temperature variations, and/or clock frequency. As is generally known, varying one or more of these parameters can cause the device to transfer into an unanticipated operational mode or state, which may compromise the security of the device. Thus, many secure electronic devices may include a tamper monitor circuit that causes the device to reset if the supply voltage, clock frequency, or circuit temperature reaches a particular threshold.
Although present monitor circuits do provide a level of tamper monitoring and protection, these circuits also suffer certain drawbacks. For example, some monitor circuits rely, at least in part, on various device level characteristics, such as transistor switching speed, which can be sensitive to variations in the device manufacturing process. Moreover, some monitor circuits undesirably issue false tamper alarms as a result of fluctuations in clock frequency that frequently occur when a device is powered up and stabilizing. In addition, some monitor circuits either overreact or under-react to various under-voltage and over-voltage transients, which can result in the issuance of false tamper alarms or failure to detect legitimate tampering operations.
Hence, there is a need for a circuit that is capable of detecting voltage, temperature, and/or clock variations that may be associated with a circuit tampering technique, and to trigger an appropriate tamper response, and to do so without issuing an inordinate number of false tamper responses and/or failing to detect an inordinate number of actual tampering attempts and/or is not sensitive to process variations. The present invention addresses one or more of these needs.