Evaluation of the Analyzability of Complex Secure Intellectual Property using Fault Isolation Techniques versus the Hardware Security Threat They Pose

Wednesday, October 30, 2024: 2:00 PM
The Pointe (Hilton San Diego Bayfront)
Ms. Amrutha Sampath , NXP Semiconductors, Austin, TX
Mr. Kristofor Dickson , NXP Semiconductors, Austin, TX
Mr. George Lange , NXP Semiconductors, Austin, TX
Mr. Carey Wu , NXP Semiconductors, Austin, TX
Dr. Keith Serrels , NXP Semiconductors, Austin, TX

Summary:

Secure edge devices and the need for hardware security are of paramount importance due to the growing demand for cybersecurity. Hardware security has been strengthened using complex architecture to provide uncompromisable security and prevent malicious cybersecurity attacks. To prevent unauthorized access to the Hardware Security Module (HSM) using even the most advanced failure analysis (FA) techniques, physically unclonable functions are implemented using many raw combinational logic and obfuscated state machines. When a newly taped-out device fails to operate or fails to come out of its secure boot-up sequence, how can we know whether a defect is present or if the security block reacted to a design error? This paper discusses various real-world examples of FA challenges related to first silicon debug, including secure IP. We explore the unique approaches required to make sense of collected Laser Voltage Probe (LVP), Photon Emission Microscopy (PEM), and Laser Logic State Mapping (LLSM) data. We discuss some of the most advanced FA techniques' strengths and weaknesses and illustrate how system architecture related to securing data can be modified to alter the effectiveness of each. We explain in detail why specific FA techniques can be defeated by built-in security and where FA techniques can be enabled by clever triggering schemes or looping on areas of code while looking for specific behaviors. This paper also talks about the limitations of analyzing complex architecture being good from a security point of view. We conclude by summarizing the threat FA tools present to secure IP and comment on steps that could be taken to further protect internal state machines and sensitive logic areas from even the most well-equipped FA labs. Thus, this work gives an introspective thought as to how Optical Fault Isolation (OFI) techniques could be perceived as a threat to various security applications and points to trade-offs between the ability to analyze versus hardware security.