Robust hardware-based security solutions have become increasingly important for a vast array of computing devices and applications. Security modules may limit access to information to prevent IP piracy, identity theft, theft of service and cloning of devices. Many common security protocols use keys, which can be stored in hardware as a set of charges in non-volatile memory (NVM) cells. More recently, circuits that implement physically unclonable functions (PUFs) have been employed to generate unique signatures that can be used for authentication. Conventional hardware-embedded security modules rely on components such as switches and/or gates for protection. Security is maintained by keeping these components hidden, either by dispersing them to various locations in the die or by hiding them among dummy gates. Consequently, some measure of resistance to discovery may be provided.
Although hardware-embedded security is functional, it has become less secure due to advances in techniques used to reverse engineer devices. Reverse engineering utilizes the same process tools that are used in the state-of-the-art semiconductor fabrication. For example, chemical mechanical planarization (CMP) steps, wet etches, dry etches, optical imaging, and electron imaging such as cross-sectional scanning electron microscopy (SEM) and transmission electron microscopy (TEM) may be used to reverse engineer a device. As a result, these process tools can be used to uncover the structure and function of components of conventional hardware embedded security modules. For example, interconnect wiring (which includes trenches and vias) can often be imaged layer by layer, after polish/CMP steps, to extract the interconnection between the relevant gates responsible for setting the key. Thus, dummy gates used for camouflage may be differentiated from active gates used for the key. The knowledge of the interconnections can expose the key directly or provide a manageable set of targets to further focus the imaging or electrical probing to discover the key. The local interconnects can also provide a unique identifying mark for the locations of relevant gates for the security key. A search can then be done by data-mining the structures seen by the images taken layer by layer. Each interconnect “pattern” can be thought of representing a unique logic combination involving the gates underneath because each wire or via represents a good, active electrical connection.
Thus, current hardware-based security technologies may take the form of hardware keys programmed or stored as charges in one of the various forms of nonvolatile memory, and circuits with hidden or camouflaged gates that implement a PUF. These technologies are susceptible to various tampering attacks, for example, passive side channel attacks such as differential power analysis and electromagnetic analysis. Despite some countermeasures, these technologies may also be defeated by dedicated reverse engineering efforts if the attackers gain physical access to the device, since the gates comprising the hardware keys can be identified and probed. Accordingly, what is desired is an improved mechanism for implementing hardware-based security.