Development Of A Layout-based Tool For The Evaluation Of An Rtl Laser Fault Model

Abstract

Nowadays, digital integrated circuits (ICs) are found in all electronic devices and computer systems. Security and resilience of ICs is a modern subject that concerns scientists and hardware engineers. IC designers have recognized the importance of incorporating fault tolerance into microelectronic devices. In order to develop proper countermeasures for the security and the normal functionality of ICs, it is imperative to study the impact of attacks against circuits. Even further, study at the early stages of IC manufacture is mainly taken into consideration. There are different kinds of malicious attacks against ICs, cryptographic or not, such as hardware or physical attacks, as well as cryptanalytic attacks against the cryptographic algorithms. IC piracy using laser beam is the latest and most commonly applied by hardware hackers, who aim to extract information from secure ICs. Most of the times the aim of the hackers is to turn against chips that contain cryptographic algorithms, because those are the ones that hold the valuable data in encrypted form. The object of the internship is divided in two parts. The first part includes the development of a layout extraction platform in order to model localized attacks on the layout of integrated circuits. Using OpenAccess, an EDA tool provided by Si2 (Silicon Integration Initiative) that allows the interface with IC designs, we were able to design the extraction tool, study the logic components that lie underneath specific areas of the layouts (potential laser spots) and check their significance on the functionality of the ICs. Next and principal task of the internship is the validation of an RTL laser fault methodology, already proposed in the article [1]. In this thesis, this methodology is explained in details. During the internship, long time and effort was dedicated for the validation of this methodology, not only on layouts of AES designs, but also on some benchmark designs with technology node of 45nm. Several localized attacks on the layout were studied thoroughly in order to examine if such kind of attacks could be predicted from the RTL, the early and abstract stage of IC manufacture which models digital systems. In this way, we get a concept of the most critical logic components to be hit during a realistic laser attack. The internship took place in the Laboratory of Design and System Integration, LCIS (Laboratoire de Conception et d'IntEgration des Systmes), which is located in the city Valence of France. LCIS is one of the 21 research labs of the Grenoble Institute of Technology and its research activities are oriented towards the specification, modeling, design, communication, validation, diagnosis and security of integrated circuits, embedded and communication systems. This work is considered a part of the global project LIESSE (Laser-Induced fault Effects in Security-dedicated circuitS). Among others, the goal of this project is to study and model the effects of laser shots onto submicronic circuits and provide efficient tools to prevent such laser attacks.