1. Field of the Invention
This invention relates in general to non-destructive reverse engineering of integrated circuits, and more particularly to a method and apparatus for non-destructive reverse engineering of integrated circuits by analyzing their optical emissions.
2. Description of the Prior Art
The term xe2x80x9creverse engineeringxe2x80x9d has the general meaning of understanding how any item operates or was constructed, based mainly on knowing the general function of the item and any information that can be learned by direct examination of the item itself. Reverse engineering is considered xe2x80x9cnon-destructivexe2x80x9d if the item is still functional at the end of the reverse engineering process.
Conventional methods of reverse engineering are usually physical methods that are often destructive of an integrated circuit (IC) chip. Often these methods require unpackaging, and sometimes at least partially dissecting, the IC chip, making it very difficult to use the IC chip afterwards. Further, these prior art methods typically involve significant manual intervention by technical personnel. In the case of static memory circuits such as Flash ROM, these prior art methods are incapable of detecting the contents of the memory. In addition, the methods can be tedious and inefficient.
The least destructive, or non-destructive, methods for reverse engineering, such as looking at power consumption or looking at RF emissions from an IC chip, normally have no spatial resolution. Therefore, they usually cannot provide information about either the physical location of subcircuits of the chip or the device-level schematic of the transistors comprising each subcircuit. Such methods are normally successful only when used to reverse engineer relatively simple chips, or a subcircuit of a more is complex chip which is known to be operable in isolation from the rest of the subcircuits of the chip. Consequently, reverse engineering a complex IC chip without spatial information about specific devices that are in close proximity to each other on the IC chip can be very difficult with these methods. The addition of such spatial information will improve both the speed and the accuracy of the reverse engineering process. Additionally, conventional techniques are readily defeated by a number of simple countermeasures that are well known.
Other potential methods of reverse engineering, such as single point probing with an electron beam (with for example an electron beam circuit tester like the Schlumberger ATE model IDS10000) can provide information about the functioning of individual transistors. However, the inability to probe more than a single device simultaneously can make reverse engineering by any single point probe method extremely time consuming, and hence, impractical. In addition, with modern xe2x80x9cflip-chipxe2x80x9d ICs, preparing the chip for probing may require depackaging and removal of passivation or wiring layers, and is essentially destructive of the chip.
Accordingly, there is a need for a method and apparatus to eliminate those specific disadvantages of the prior art reverse engineering systems as discussed above, and particularly to significantly enhance the ability of a reverse engineering system to non-destructively create a model of a circuit, active devices, and static states internal to an IC chip.