Hardware Security of CMOS Technology

Abstract

As with electronic systems and integrated circuits, traditional hardware security has developed around the dominant CMOS technology. With the rise of various emerging technologies, the primary goal is to overcome the limitations of CMOS technology in scalability and power consumption, thus creating unique opportunities for improving hardware. This article will provide a comprehensive introduction to hardware security.

Keywords: hardware security, spintronics, memristors, carbon nanotubes, nanowire transistors, 3D integration, 2.5D integration, reverse engineering, tampering

Introduction

In today’s era of ubiquitous information technology and high connectivity, cybersecurity faces unprecedented challenges. Many serious cybersecurity incidents have occurred. For example, in April 2019, real estate and title insurance giant First American exposed 885 million sensitive customer financial records on its website, dating back to 2003, and accessible to anyone. Within the general field of cybersecurity, hardware security particularly focuses on the security and trust implemented directly in the underlying electronic devices. Therefore, hardware security requires establishing certain schemes. For instance, the root of trust scheme, used for isolating and verifying computations, or other hardware primitives and protection schemes. The use of memory technology is a forward-looking secret key security management technology, while also being quite challenging for CMOS storage technology.

These technologies reveal the prospects of emerging technologies and their characteristics matching the demands for hardware security. Selected research and demonstrations based on security schemes of emerging technologies are also discussed later. The challenges of future developments and the accompanying opportunities are also discussed.

Hardware Security and Existing CMOS Technology

2.1 Data Security at Runtime

The confidentiality, integrity, and availability of data processing in electronic products are affected by various threat scenarios, such as unauthorized data access or modification, side-channel and fault injection attacks, and physical reading and probing attacks.

2.1.1 Unauthorized Access or Modification of Data

This attack primarily occurs at the software level. Cryptography is the most commonly used protection scheme, and many hardware security features have also been proposed and implemented, such as RoT architecture or hardware encryption modules and true random number generators. However, if not carefully designed and implemented, such security features can be easily compromised by hardware-centric attacks, as seen in references [2-4].

2.1.2 Side-Channel Attacks and Fault Injection Attacks

Side-channel attacks infer information from physical channels, which leak due to the sensitivity of electronics. For example, when hardware implementations are unprotected, the Advanced Encryption Standard (AES) is vulnerable to power side-channel attacks. Another example is that modern processors leak information through caches and other buffers, related to timing behavior, speculative execution, etc. Most countermeasures apply some form of “hiding” or masking, which spreads side-channel leakage information through various methods from system level to gate level.

Fault injection attacks help to infer sensitive information by inducing faults. Therefore, fault injection can also support or advance side-channel attacks. Fault injection attacks include direct intrusive fault injection, such as through lasers or electromagnetic waves, as well as indirect fault injection, such as repeatedly writing to specific memory locations [5] or deliberately “misusing” dynamic voltage and frequency scaling (DVFS) features.

Countermeasures include runtime fault detection, as seen in [6], and fortification against fault injection during design and manufacturing, as seen in [7,8]. It is important to note that distinguishing between natural errors and malicious errors presents a practical challenge for runtime recovery.

2.1.3 Physical Reading and Probing Attacks

If an adversary can access devices traditionally used for fault analysis or inspection, such as optical probing or focused ion beam milling tools, powerful readout attacks can be launched. These attacks include: probing transistors and wires through metal layers or the substrate back; monitoring photon emissions induced by CMOS transistors switching; or monitoring charge in memory. If used carefully, these attacks can expose all internal signals.

Countermeasures aim to prevent or detect physical access. Solutions include shielding structures in BEOL, deflection or scrambling structures in the substrate, and detector circuits. Early research also considered formal security techniques. However, these schemes are constrained by the assumptions made about the attackers, which may become outdated and invalidate formal guarantees.

2.2 Confidentiality and Integrity of Hardware

In addition to the serious threats to runtime data security mentioned above, other threats such as reverse engineering (RE), theft of chip design intellectual property (IP), illegal overproduction, counterfeiting, or insertion of hardware trojans are further challenges to hardware security. The emergence of these threats is primarily due to the globalization and distributed nature of modern electronic product supply chains, which span many entities and countries.

Various protection schemes have been proposed, broadly categorized into IP protection, trojan defense, and physically unclonable functions (PUF). All these schemes aim to protect hardware from different attackers, including untrusted manufacturers, untrusted testing facilities, untrusted users, or combinations thereof. For example, see [9,10].

2.2.1 Intellectual Property Protection

This topic can be further categorized into logic locking, obfuscation, and split manufacturing. Obfuscation and split manufacturing alter the manufacturing process to protect against malicious users and untrusted manufacturers, while logic locking operates at the design level, seeking to protect manufacturers and users.

Logic locking protects IP by inserting dedicated locks operated by keys. Without the key, logic locking ensures that the details of the design IP cannot be fully recovered, and the IC remains invalid. The locks are typically implemented through additional logic, such as XOR/XNOR gates. The IC can only be activated after manufacturing (preferably after testing) by loading the key into dedicated, tamper-resistant on-chip memory.

Early research on logic locks considered various heuristic methods for inserting locks. However, with the spread of Boolean satisfiability (SAT) attacks, advanced schemes had to be developed. In turn, these schemes stimulated further development of both attacks and defenses, some of which further considered oracle-less models, as in [11,12].

Obfuscation can mitigate reverse engineering attacks from malicious end users. Thus, obfuscation refers to altering the layout-level appearance of ICs to protect design IP. This can be achieved through specialized front-end (FEOL) processing steps, such as doping regions, contact with AND/OR gate structures, or through obscured back-end (BEOL) interconnections. Obfuscation has already been commercially applied. Note that obfuscation during design is also known, for example, through obfuscating finite state machines, a technique orthogonal to obfuscation.

Like logic locking, obfuscation is vulnerable to analysis attacks. Additionally, obfuscation may be compromised by the aforementioned physical reading and probing attacks.

Split manufacturing aims to protect design intellectual property from untrusted foundries. As the term suggests, the idea is to separate the manufacturing flow, most commonly decomposing it into an untrusted FEOL process and a subsequent trusted BEOL process. This separation for FEOL and BEOL practices is feasible for various reasons: FEOL needs to be outsourced due to requiring high-end and expensive facilities; BEOL manufacturing on top of FEOL is much simpler than FEOL manufacturing itself; some internal or trusted third-party facilities can be hired for BEOL manufacturing; the only distinction in the supply chain is the preparation of FEOL wafers and their transport to the facility for BEOL manufacturing. Note that split manufacturing has been successfully demonstrated; [14] describes good results from the 130nm split process between IBM and GlobalFoundries, and [13] reports on the 28nm split process run by Samsung in Austin and Korea.

For FEOL facilities, the split layout resembles a “sea of gates,” making it difficult for relevant adversaries to infer the entire netlist and its design IP. Nevertheless, given that conventional, security-agnostic design tools can operate on both FEOL and BEOL as a whole, hints regarding omitted wiring can be well preserved in FEOL [59-61].

2.2.2 Trojan Defense

The concept of trojans encompasses a wide range and needs to be categorized from multiple dimensions; it involves malicious hardware modifications that operate at the system level, register-transfer level (RTL), gate/transistor level, or physical level; attempting to leak information from integrated circuits, degrade performance, or disrupt the entire operation of the integrated circuit; always on, triggered by internal or external means; etc. Trojans may be introduced by untrusted third-party IP, adversarial designers, or through “hacked” design tools [63], and are even more likely introduced during the distribution and deployment of ICs. Defense schemes can be categorized into trojan detection during design and manufacturing, and trojan mitigation at runtime. The former relies on testing, verification, etc., while the latter relies on dedicated security features for testability and self-certification, monitoring, and detecting malicious activities, etc. Additionally, logic locking and split manufacturing can hinder trojan insertion during manufacturing to some extent. This is because adversaries who do not fully understand the layout and its IP cannot easily insert specific, targeted trojans [15].

2.2.3 Physically Unclonable Functions

When some input stimuli are applied, PUF should provide completely unrelated output responses. For the same PUF, the response should be repeatable even under different environmental conditions, but for different PUF instances, it must differ even for the same PUF design. PUFs are used for hardware “fingerprinting” or authentication, utilizing so-called “weak PUFs,” which only provide the capability to process one/few fixed inputs; or challenge-response security schemes using so-called “strong PUFs,” which provide the capability to process a large number of inputs. The ideal attributes of PUFs are uniqueness, unclonability, unpredictability, reproducibility, and tamper resilience.

Electronic PUFs represent the main category of PUFs, with prominent types of electronic PUFs utilizing ring oscillators, arbiters, bistable rings, and memory. Even for advanced processing nodes, the implementation and integration of such PUFs are relatively straightforward. The core principle of these PUFs is to exploit inherent process variations of (CMOS) manufacturing through various dedicated circuits. However, the randomness generated by most PUF implementations is limited; it may be machine-learned and thus can be cloned.

Optical PUFs represent another interesting category. The idea here is to manufacture an “optical mark” that, in addition to inherent structural variations in selected optical media, can also contain randomly included materials, such as nanoparticles. Depending on the materials and inclusions of the mark and the design of the mark itself, these phenomena are essentially highly chaotic and nonlinear [16]. Therefore, optical PUFs are considered stronger than electronic PUFs.

Fundamentals of Selected Emerging Technologies

More advanced technologies such as negative capacitance field-effect transistors or photonics. Besides 3D and 2.5D integration, all selected technologies are implemented at the device level; hence, these technologies can also be termed emerging devices.

The selected technologies are at least somewhat compatible with CMOS manufacturing. Therefore, the practicality of these technologies gives them good prospects, as they can also realize some hybrid CMOS emerging electronics. Overall, emerging technologies seek to overcome the fundamental limitations of CMOS in scalability and power consumption. In practice, various technologies are also combined, for example, researchers from Stanford University and others utilized carbon nanotubes and spintronics in 3D ICs with the N3XT approach [17], and researchers investigated spintronic memristor devices [18].

3.1 Emerging Devices

3.1.1 Spintronics

It differs from CMOS technology in many ways. First, in addition to electronic charge, the spin of electrons is also used for computation and storage. Second, the switching process is non-volatile, magnetoelectric, and influenced by other related phenomena such as spin-transfer torque (STT). Third, spintronic devices are typically realized in stacked structures of heavy metals, ferromagnets, and/or oxides, but other materials such as graphene, superconductors, or even organic materials have also been proposed. Nevertheless, the manufacturing of spintronics can be compatible with CMOS processing. Fourth, compared to CMOS, spintronic devices can offer lower power consumption, built-in memory functionality, built-in reconfigurability, and better scalability.

Spintronics has been extensively studied for memory or logic applications, and even for interconnects. For example, efforts led by Intel, UC Berkeley, and Berkeley Lab promote a magnetoelectric spin-orbit logic that has superior switching energy (10 to 30 times), lower switching voltage (5 times), and stronger logic density (5 times) compared to CMOS. Such magnetoelectric devices are also compatible with CMOS manufacturing as they can be realized in the interconnect layers. In other applications, reconfigurable logic, probabilistic computing, and memory computing match well with spintronics [19].

3.1.2 Memristors

A memristor, short for memory resistor, is another fundamental circuit element besides the well-known resistors, capacitors, and inductors; its theory has been studied since 1971. Memristors maintain their internal resistance state based on the history of applied voltage or current. One interesting property of some, but not all, memristors is the nonlinear response, leading to a “hysteresis loop.” That is, such memristors exhibit a current/voltage threshold, only switching their internal state when this threshold is exceeded.

The implementation of memristor devices is still under research and development, considering various materials and arrangements, such as titanium dioxide, spintronics, or carbon nanotubes; most methods remain compatible with CMOS manufacturing. Broader memory systems, such as resistive random-access memory (ReRAMs) and even phase-change memory (PCMs), are progressing towards commercial applications. Besides memory, memristors are also interesting in memory computing, neuromorphic computing, and reconfigurable logic.

3.1.3 Carbon Nanotubes and Transistors

Carbon nanotubes (CNTs) consist of one or more folded graphene layers, where graphene is a planar arrangement of single-layer carbon atoms in a two-dimensional honeycomb structure. In other words, carbon nanotubes form cylindrical structures with single or multiple carbon sheet “walls.” The diameter of carbon nanotubes is typically a few nanometers, and the length is a few micrometers. Carbon nanotubes can be metallic conductors or semiconductors, depending on their structure. Carbon nanotubes have excellent electrical, physical, and thermal properties, primarily due to the strong bonds between their carbon atoms. For example, theoretically, a single metallic carbon nanotube can sustain over 1000 times the current density of copper, which is also expected to alleviate electromigration. However, in practical applications, carbon nanotubes must form interfaces with each other and with other materials, making this gain somewhat challenging to realize. Nevertheless, composite structures can be constructed as needed to adjust the performance of carbon nanotubes, for instance, using copper to adapt the thermal expansion coefficient of carbon nanotubes to that of silicon [20].

Carbon nanotubes have been widely studied for interconnects and transistors. Essentially, carbon nanotube field-effect transistors (CNTFETs or CNFETs) utilize multiple carbon nanotubes as the transistor channel, which can be realized in various arrangements, such as gate-all-around structures; however, the imperfections and variability of the carbon nanotube manufacturing process affect the preparation of carbon nanotubes. Nevertheless, these limitations can be addressed through device and chip design methods, and the chip-level applications of CNTFETs have been successfully demonstrated.

3.1.4 Nanowire Transistors

Nanowire FETs (NWFETs) utilize nanoscale and semiconductor wires as the transistor channel. Various types of NWFETs have been studied, such as using silicon, indium arsenide, germanium, or even polymers as materials; homogeneous or heterogeneous wire structures; gate-all-around or vertical gate structures, etc., can also be found in the literature. Conceptually, NWFETs are somewhat similar to CNTFETs, but NWFETs allow for finer control of the desired performance during manufacturing (although chip-scale manufacturing also presents challenges), while CNTFETs provide better performance. Additionally, NWFETs are somewhat analogous to nanosheet transistors, which have been progressing towards commercial applications.

Nanowire transistors have been proposed for applications such as sensing, flexible electronics, and reconfigurable logic. For instance, by selectively suppressing the injection of one type of carrier (such as electrons) while modulating another type of carrier (such as holes) through controlling the gate, additional program gates can switch between n-channel and p-channel behaviors of the transistors.

3.2 3D and 2.5D Integration

In addition to the emerging devices outlined above, 3D and 2.5D integration targets system-level implementations. That is, these technologies encompass the concept of “building skyscrapers” or electronic “city clusters.” Two factors drive these technologies: one is the scalability bottleneck of CMOS, which has become more severe in advanced nodes due to issues like routability, spacing scaling, and process variations; the other is the need to advance heterogeneous and system-level integration.

Three-dimensional integration refers to the vertical stacking and connecting of multiple chips or active layers. This approach can be classified based on the underlying technology, primarily focusing on through-silicon vias (TSVs) in 3D ICs, where multiple chips are fabricated separately and then stacked and bonded; face-to-face 3D ICs, where two chips are fabricated separately and then directly bonded on their BEOL metal “surfaces”; and monolithic 3D ICs, where multiple active layers are fabricated sequentially. Various studies, prototypes, and commercial products demonstrate that this 3D integrated circuit offers significant advantages over 2D integrated circuits, as seen in [21-24].

2.5D integration promotes parallel integration of 2D/3D IC systems at the system level. That is, intermediates serve as integration carriers, accommodating some system-level interconnection structures and potentially including active components. Building advanced electronic systems in the form of 2.5D ICs is considered simpler than 3D integration. This is also because the intermediate insertion bodies are typically realized using mature technology nodes to save costs and manage yields. Finally, 2.5D integrated circuits are already well established in the market, as seen in [24,25].

References

[1] H. Jiang et al., “A provable key destruction scheme based on memristive crossbar arrays,” Nature Electronics, vol. 1, no. 10, pp. 548–554, 2018. https://doi.org/10. 1038/s41928-018-0146-5

[2] E. Brier, C. Clavier, and F. Olivier, “Correlation power analysis with a leakage model,” in Proc. Cryptogr. Hardw. Embed. Sys., 2004. https://doi.org/10.1007/978- 3-540-28632-5_2

[3] P. Bayon et al., “Fault model of electromagnetic attacks targeting ring oscillatorbased true random number generators,” J. Cryptogr. Eng., vol. 6, no. 1, pp. 61–74, 2016. https://doi.org/10.1007/s13389-015-0113-2

[4] P. Qiu, D. Wang, Y. Lyu, and G. Qu, “VoltJockey: Breaching TrustZone by software-controlled voltage manipulation over multi-core frequencies,” in Proc. Comp. Comm. Sec., 2019, pp. 195–209. https://doi.org/10.1145/3319535.3354201

[5] V. van der Veen et al., “Drammer: Deterministic rowhammer attacks on mobile platforms,” in Proc. Comp. Comm. Sec., 2016, pp. 1675–1689. https://doi.org/10. 1145/2976749.2978406

[6] G. D. Natale, E. I. Vatajelu, K. S. Kannan, and L. Anghel, “Hidden-delay-fault sensor for test, reliability and security,” in Proc. Des. Autom. Test Europe, 2019, pp. 316–319. https://doi.org/10.23919/DATE.2019.8714891

[7] B. Karp, M. Gay, O. Keren, and I. Polian, “Security-oriented code-based architectures for mitigating fault attacks,”inProc. DCIS, 2018, pp. 1–6.https:// doi.org/10.1109/DCIS.2018.8681476

[8] J. Dutertre et al., “Laser fault injection at the CMOS 28 nm technology node: an analysis of the fault model,” in Proc. Worksh. Fault Diag. Tol. Cryptogr., 2018. https://doi.org/10.1109/FDTC.2018.00009

[9] M. Rostami, F. Koushanfar, and R. Karri, “A primer on hardware security: Models, methods, and metrics,” Proc. IEEE, vol. 102, no. 8, pp. 1283–1295, 2014. https: //doi.org/10.1109/JPROC.2014.2335155

[10] J. Knechtel, S. Patnaik, and O. Sinanoglu, “Protect your chip design intellectual property: An overview,” in Proc. Conf. Omni-Layer Intell. Sys., 2019, pp. 211–216. https://doi.org/10.1145/3312614.3312657

[11] L. Alrahis et al., “UNSAIL: Thwarting oracle-less machine learning attacks on logic

locking,” Trans. Inf. Forens. Sec., vol. 16, pp. 2508–2523, 2021. https: // doi.org/10.1109/TIFS.2021.3057576

[12] L. Li and A. Orailoglu, “Piercing logic locking keys through redundancy identification,” in Proc. Des. Autom. Test Europe, 2019. https://doi.org/10.23919/DATE. 2019.8714955

[13] C. McCants. (2016) Trusted integrated chips (TIC) program. https: //www.ndia.org/-/media/sites/ndia/meetings-and-events/divisions/systemsengineering/past-events/trusted-micro/2016-august/mccants-carl.ashx

[14] K. Vaidyanathan et al., “Building trusted ICs using split fabrication,” in Proc. Int. Symp. Hardw.-Orient. Sec. Trust, 2014, pp. 1–6. https://doi.org/10.1109/HST.2014. 6855559

[15] F. Imeson, A. Emtenan, S. Garg, and M. V. Tripunitara, “Securing computer hardware using 3D integrated circuit (IC) technology and split manufacturing for obfuscation,” in Proc. USENIX Sec. Symp., 2013, pp. 495–510. https://www.usenix.org/conference/usenixsecurity13/technicalsessions/presentation/imeson

[16] J. Knechtel et al., “Toward physically unclonable functions from plasmonicsenhanced silicon disc resonators,” J. Lightwave Tech., vol. 37, pp. 3805–3814, 2019. https://doi.org/10.1109/JLT.2019.2920949

[17] M. M. Sabry Aly et al., “The N3XT approach to energy-efficient abundant-data computing,” Proc. IEEE, vol. 107, no. 1, pp. 19–48, 2019. https://doi.org/10.1109/ JPROC.2018.2882603

[18] X. Wang and Y. Chen, “Spintronic memristor devices and application,” in Proc. Des. Autom. Test Europe, 2010, pp. 667–672. https://doi.org/10.1109/DATE.2010. 5457118

[19] S. Matsunaga et al., “Fabrication of a nonvolatile full adder based on logic-inmemory architecture using magnetic tunnel junctions,” Applied Physics Express, vol. 1, no. 9, p. 091301, 2008. https://doi.org/10.1143/APEX.1.091301

[20] C. Subramaniam et al., “Carbon nanotube-copper exhibiting metal-like thermal conductivity and silicon-like thermal expansion for efficient cooling of electronics,” Nanoscale, vol. 6, pp. 2669–2674, 2014. https://doi.org/10.1039/C3NR05290G

[21] S. S. Iyer, “Three-dimensional integration: An industry perspective,” MRS Bulletin, vol. 40, no. 3, pp. 225–232, 2015. https://doi.org/10.1557/mrs.2015.32

[22] D. Fick et al., “Centip3De: A cluster-based NTC architecture with 64 ARM Cortex-M3 cores in 3D stacked 130 nm CMOS,” J. Sol.-St. Circ., vol. 48, no. 1, pp. 104–117, 2013. https://doi.org/10.1109/JSSC.2012.2222814

[23] D. H. Kim et al., “3D-MAPS: 3D massively parallel processor with stacked memory,” in Proc. Int. Sol.-St. Circ. Conf., 2012, pp. 188–190. https://doi.org/10. 1109/ISSCC.2012.6176969

[24] A. Shilov. (2018) AMD previews EPYC rome processor: Up to 64 Zen 2 cores. https://www.anandtech.com/show/13561/amd-previews-epyc-romeprocessor-up-to-64-zen-2-cores

[25] C. C. Lee et al., “An overview of the development of a GPU with integrated HBM on silicon interposer,” in Proc. Elec. Compon. Tech. Conf., 2016, pp. 1439–1444. https://doi.org/10.1109/ECTC.2016.348

China Confidentiality Association

Science and Technology Subcommittee

Long press the QR code to follow us

Author: Liu Siyuan, Institute of Information Engineering, Chinese Academy of Sciences

Editor: Xia Tiantian

Top 5 Exciting Articles of 2022

Cross-Network Attacks: An Introduction to Physical Isolation Network Attack Techniques

Thoughts on the Top-Level Design of Smart City Security

Revisiting Some New Issues Faced by the Development of Digital Forensics Technology

The Development and Challenges of Low Earth Orbit Satellite Interconnected Networks

Introduction to LaserShark Non-Contact Attack Implantation Technology

Recent Exciting Article Review

Based on Acoustic Out-of-Band Signal Injection Attacks

Application of Artificial Intelligence in Cybersecurity

How Browser Fingerprinting Identifies Traffic from Web Crawlers

Overview of Key Technologies in Physical Layer Security

Edge Computing in 5G

Related posts

Leave a Comment Cancel reply