The invention relates generally to physically unclonable functions (PUF). More specifically, the invention relates to a system and method that utilizes a subset of the scan chain power-up states of an integrated circuit (IC) as a type of PUF to authenticate the IC, among other uses.
PUFs are structures with many applications, including device authentication, identification, and cryptographic key generation. In the context of a silicon-based circuit, a PUF is a die-specific random function that is based on an underlying manufacturing variability, such as random dopant fluctuations or line edge roughness. Because the variability is beyond the resolution of modern manufacturing techniques, creating an exact physical copy of a PUF is practically infeasible.
Generally, device authentication involves using the unique properties that every IC exhibits as a result of the imperfections in the fabrication process. Specifically, although every chip is designed to be exactly the same, the inability to fabricate identical chips is exploited to create a unique key for each chip. This key is typically referred to as a physically uncloneable function, or PUF, since it is based on physical properties that are unique to each IC and it cannot be predicted since it depends on the variations of the manufacturing process.
To use this manufacturing variability as part of a PUF, the variability is translated into a random bit. In turn, a string of these random bits is typically combined with a challenge (input) in the PUF to create a returned response (output). Because the string of random bits will be unique to each IC, the response will be unique as well and can be used to identify the IC. In other words, when a stimulus is applied to an individual circuit, it responds in an unpredictable, but unique and repeatable way.
With many ICs being fabricated overseas, it is imperative that techniques be developed to ensure the authenticity of each IC. Not only is it possible to receive an inferior, counterfeit product, it is also possible that malicious circuits have been added to the IC for various nefarious purposes that range from IC destruction to communication eavesdropping. This concern is especially critical for applications involving the nation's security.
There are many types of PUFs used to authenticate ICs. For example, various types of PUFs include ring oscillators, arbiters, SRAM, sense amplifiers, and D-type flip flops. Of the various types of PUFs, some require specialized circuits while others can leverage existing circuitry within the design. The latter approach is typically referred to as an intrinsic PUF. An example of an intrinsic PUF is one that uses the power-on state of an existing SRAM circuit.
Another example of an intrinsic PUF is one that uses an arbiter to exploit the race condition created by two symmetrical circuit paths. Under ideal circumstances, the circuit paths will produce identical delays. However, due to manufacturing imperfections, the delays will be slightly different. The arbiter determines which path is faster and uses the result to create a binary result (logic 0 or 1), which of course will randomly vary from chip to chip. Having multiple copies of the same circuitry setup within the IC allows the creation of a string of binary bits that, due to the randomness, is unique for each chip.
Intrinsic PUFs are obviously more desirable since the cost of implementing the PUF is mitigated by the use of existing circuitry. But all the approaches developed thus far incur some overhead in that they require (i) additional circuitry for accessing the PUF and/or (ii) modifications to the existing circuitry which undoubtedly has performance and power penalties. Therefore a need exists for an approach that does not exhibit any of these shortcomings.