EP3353704A1 - Vorrichtung zum schutz einer elektronischen schaltung mit erkennung einer änderung der elektrischen reaktanz - Google Patents

Vorrichtung zum schutz einer elektronischen schaltung mit erkennung einer änderung der elektrischen reaktanz

Info

Publication number
EP3353704A1
EP3353704A1 EP16775586.7A EP16775586A EP3353704A1 EP 3353704 A1 EP3353704 A1 EP 3353704A1 EP 16775586 A EP16775586 A EP 16775586A EP 3353704 A1 EP3353704 A1 EP 3353704A1
Authority
EP
European Patent Office
Prior art keywords
electrical
cells
circuit
protection device
electrical circuit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP16775586.7A
Other languages
English (en)
French (fr)
Inventor
Adrien Duprez
Eric Saliba
Christophe THIZON
Olivier Grisal
Stéphane MIQUEL
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Thales SA
Original Assignee
Thales SA
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Thales SA filed Critical Thales SA
Publication of EP3353704A1 publication Critical patent/EP3353704A1/de
Withdrawn legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G09EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
    • G09CCIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
    • G09C1/00Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/86Secure or tamper-resistant housings
    • G06F21/87Secure or tamper-resistant housings by means of encapsulation, e.g. for integrated circuits
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L23/00Details of semiconductor or other solid state devices
    • H01L23/57Protection from inspection, reverse engineering or tampering
    • H01L23/576Protection from inspection, reverse engineering or tampering using active circuits
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/10Details of semiconductor or other solid state devices to be connected
    • H01L2924/102Material of the semiconductor or solid state bodies
    • H01L2924/1025Semiconducting materials
    • H01L2924/10251Elemental semiconductors, i.e. Group IV
    • H01L2924/10253Silicon [Si]
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/10Details of semiconductor or other solid state devices to be connected
    • H01L2924/11Device type
    • H01L2924/14Integrated circuits
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/30Technical effects
    • H01L2924/301Electrical effects
    • H01L2924/30105Capacitance
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/30Technical effects
    • H01L2924/301Electrical effects
    • H01L2924/30107Inductance
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/30Technical effects
    • H01L2924/301Electrical effects
    • H01L2924/3011Impedance

Definitions

  • the present invention relates, in a first aspect, to a device for protecting an electronic circuit, the device comprising:
  • the or each mesh surface comprising at least one cell constituted by a continuous portion of electrical circuit, the cell or cells being distributed over the mesh surface, and
  • At least one electrical circuit comprising:
  • the present invention also relates, again according to this first aspect, to an electronic system comprising such a protection device.
  • the present invention relates, according to a second independent aspect of the first aspect, to an intrusion detection system, the system comprising:
  • each mesh surface comprising at least two cells, each cell comprising a pattern, a pattern being a continuous electric circuit portion,
  • interconnection surface comprising a plurality of connectors, the connectors being capable of connecting together cells of the one or more mesh surfaces in a first configuration of the interconnection surface to form groups of electrically connected cells, the patterns of the cells of each group forming a continuous electrical circuit of patterns,
  • a detection module able to detect a modification of a characteristic impedance of each group of electrically connected cells.
  • the present invention also relates, again according to this second aspect, to an associated method of protecting an electronic circuit.
  • Such equipment includes electronic circuits, that is to say printed circuits or integrated circuits.
  • a printed circuit also called electronic card, is a support for maintaining and electrically connecting together a set of electronic components.
  • An integrated circuit, also called electronic chip, is a set of electronic components reproducing one or more electronic functions and generally incorporating several types of basic electronic components in a reduced volume.
  • the tracks of a printed circuit and the connections of the electronic components connected to such a printed circuit are likely to be the subject of physical attacks.
  • Such physical attacks consist, in particular, in approaching probes or in connecting electrodes to the printed circuit tracks or to the connections of components connected to the printed circuit so as to capture the signals transiting on the tracks or the connections or to inject signals. Captured signals are then used by attackers to collect sensitive data. The injected signals are used to disrupt the signals exchanged or cause a malfunction of the equipment.
  • Protective devices include, for example, protective meshes in two or three dimensions.
  • the meshes are formed in particular of separate electrical circuits forming patterns and whose continuity is verified by circulating a control current and detecting the current losses due to a break in the circuit.
  • the meshes are, for example, arranged above and / or below the components of the equipment to be protected, such as the tracks and the connections of a printed circuit or the silicon layers of an integrated circuit.
  • the meshes include a structure and patterns chosen to allow the detection of attempted intrusions. When an intrusion attempt is detected, reaction actions are initiated by the protection device, such actions consisting for example in erasing the sensitive data of the equipment.
  • the object of the invention is, according to the first aspect, a protection device of the aforementioned type comprising a detection module capable of detecting a change in said electrical reactance.
  • the protection device comprises one or more of the following characteristics, taken separately or in any technically possible combination:
  • the detection module is able to detect a change in an inductive component of the electrical reactance.
  • the detection module is able to detect a change in a capacitive component of the electrical reactance.
  • the detection module is able to periodically control the production of at least one electrical excitation signal to excite the electric circuit, to measure a characteristic value of the response of the electrical circuit to said excitation signal, to calculate a difference between the or each measured value and a reference value, and detecting a change in the electric reactance in the case where the calculated difference or an average of the calculated differences exceeds a predetermined threshold.
  • an electrical excitation signal consists of a voltage step
  • the characteristic value of the response of the electrical circuit to said excitation signal consists of a duration so that, following excitation of the electric circuit by said voltage step, the voltage of the electrical output signal reaches a reference voltage
  • an electrical excitation signal consists of a voltage step
  • the characteristic value of the response of the electric circuit to said excitation signal consists of a voltage of the electrical output signal reached after a predetermined duration following the excitation of the circuit electric by said voltage step.
  • an electrical excitation signal consists of an alternating signal whose frequency varies over time, and the characteristic value of the response of the electrical circuit to said excitation signal consists of a resonant frequency of the electric circuit.
  • an electrical excitation signal consists of an alternating signal whose frequency varies over time, and the characteristic value of the response of the electrical circuit to said excitation signal consists of a quality factor of the electrical circuit.
  • an electrical excitation signal consists of an alternating signal having a predetermined frequency, and the characteristic value of the response of the electrical circuit to said excitation signal consists of an amplitude of the electrical output signal.
  • the electrical circuit comprises a plurality of cells.
  • the cells of the electrical circuit comprise at least two electrically insulated cells with respect to one another, said cells being electromagnetically coupled to one another.
  • the mesh surfaces comprise a primary mesh surface, comprising primary cells, and a secondary mesh surface, comprising secondary cells electrically isolated from the primary cells, and the electrical circuit comprises at least one primary cell and at least one secondary cell; electromagnetically coupled to each other.
  • said primary and secondary cells of the electrical circuit are electromagnetically coupled to each other at least by induction.
  • the protection device comprises at least one interconnection surface comprising a plurality of connectors, the connectors being able to connect cells of the one or more mesh surfaces to form the or each electrical circuit, and a module of configuration of the interconnections of the connectors, able to control the connectors to modify over time the connection of the cells to each other.
  • the interconnection surface comprises at least one programmable component, the configuration module and the detection module being software applications integrated into the programmable component (s).
  • an electronic system comprising an electronic circuit contained in a housing and an electronic circuit protection device comprising at least one mesh surface interposed between the electronic circuit and an outer surface of the housing, the protection device being a protective device as defined above.
  • the subject of the invention is also, according to the first aspect, a method for protecting an electronic circuit comprising the following steps:
  • Reverse engineering also known as reverse engineering, is an activity that involves studying an object to determine its internal function or manufacturing method.
  • the object of the invention is, according to the second aspect, a system of the aforementioned type (which may also be a protection device of the aforementioned type), comprising an intrusion detection system of the aforementioned type, in which which system further comprises a module for configuring the interconnections of the connectors, the configuration module being able to modify over time the first configuration to obtain at least a second configuration of the interconnection surface.
  • the system comprises one or more of the following characteristics, taken separately or in any technically possible combination: the configuration module is capable of randomly determining the second one of a plurality of configurations of the interconnection surface and of reconfiguring all the interconnections of the connectors according to the second configuration.
  • the configuration module when a break in the electrical continuity of at least one DC circuit is detected on an area of a mesh surface, the configuration module is able to modify the configuration of the interconnection surface so as to increase the number of groups of connected cells present in the area.
  • the system comprises at least two mesh surfaces and a module for measuring variations of a magnitude between two of the mesh surfaces, the quantity being chosen from an impedance, a resistance, a capacitance and an inductance.
  • At least one electrical circuit is formed by the non-reconfigurable connection by the configuration module, at least two adjacent cells of a mesh surface via a previously statically configured component.
  • the configuration module is able to move over time, on one or on each mesh surface, an area of the mesh surface having the number of groups of connected cells the highest.
  • the system comprises a device able to activate at randomly or pseudo-randomly chosen instants the configuration module and / or the detection module.
  • the interconnection surface comprises a programmable component, the configuration module and the detection module being software applications integrated into the programmable component.
  • the interconnection surface comprises an electromechanical microsystem controlled by actuators, the configuration module being able to actuate the actuators.
  • the mesh surface and the interconnection surface form a physical protection barrier for the configuration module and for the detection module.
  • the detection module is able to apply a security policy, the security policy including the deletion of sensitive data, the implementation of tests integrity and / or reconfiguration of the interconnections of the connectors of the interconnection surface.
  • the detection module includes several methods for detecting the rupture or the alteration of each group of electrically connected cells and is suitable for using them in a combined manner according to a defined, pseudo-random or random temporal interleaving.
  • the subject of the invention is also, according to the second aspect, an intrusion detection method, comprising the steps of:
  • the detection module of a modification of a characteristic impedance of a group of electrically connected cells
  • FIG. 1 is a diagrammatic sectional view of an exemplary electronic system according to the invention, showing in section an electronic circuit contained in a housing and a device for protecting this electronic circuit,
  • FIG. 2 is a diagrammatic sectional view of the protection device of FIG. 1, showing a first embodiment of this device,
  • FIG. 3 is a schematic view from above of a primary mesh surface of the device of FIG. 2,
  • FIG. 4 is a schematic view from above of the interconnection surface of the device of FIG. 2,
  • FIG. 5 is a schematic view from above of a secondary mesh surface of the device of FIG. 2,
  • FIG. 6 is a schematic view from above of a first example of a pattern of a cell of the mesh surface of FIG. 3 or 5
  • FIG. 7 is a schematic view from above of a second example of a pattern of a cell of the mesh surface of FIG. 3 or 5
  • FIG. 8 is a flow diagram of an example of an intrusion detection method using a dynamic configuration of the interconnections
  • FIG. 9 is a schematic sectional view of the protection device of FIG. 1, showing a second example; of realization of this device,
  • FIG. 10 is a schematic view from above of a primary mesh surface of the device of FIG. 9,
  • FIG. 11 is a schematic view from above of a secondary mesh surface of the device of FIG. 9,
  • FIG. 12 is a schematic view from above of an example of a pattern of a cell of the mesh surface of FIG. 10 or 11, and
  • FIG. 13 is a schematic view from above of an exemplary arrangement of two cells of the mesh surface of FIG. 10 or 11.
  • the electronic system 80 shown in Figure 1 comprises a housing 82, an electronic circuit 84 housed in the housing 82 and a device 1 for protecting the electronic circuit 84, also housed in the housing 82.
  • the electronic system 80 is typically a encryption or transmission equipment through which encrypted data such as bank data passes.
  • the housing 82 has an outer face 86, accessible to a user.
  • the electronic circuit 84 is for example a printed circuit. Alternatively, the electronic circuit 84 is an integrated circuit.
  • the protection device 1 is interposed between the electronic circuit 84 and said outer face 86.
  • the protection device 1 is able to detect attempts to intrude from outside the electronic system 80. Intrusion attempts include physical attacks consisting of approaching probes or connecting electrodes to the electronic circuit. .
  • the protection device 1 comprises a detection film 1A capable of completely enveloping the electronic circuit 84 or at least covering all or part of the printed circuits and integrated circuits of the electronic circuit 84.
  • the detection film 1 A is interposed between the outer face 86 of the housing 82 and the electronic circuit.
  • this film 1A is limited to a flat surface and extends only in two dimensions.
  • the film 1 A is extends on at least two angularly offset surfaces and thus forms a three-dimensional surface.
  • the film 1A comprises at least one mesh surface 2A, 2B, each mesh surface 2A, 2B comprising at least one cell 3A, 3B, the total number of cells being at least equal to two.
  • the film 1A further comprises at least one interconnection surface 4 of the cells 3A, 3B.
  • the protection device 1 also comprises a module 6 for configuring the interconnections of the connectors 24 of the interconnection surface 4 over time.
  • the protection device 1 also comprises a generator 7 for generating an electrical excitation signal for the cells 3A. , 3B, an electric signal sensor 9, an intrusion detection module 8, and a module 10 for reacting to intrusion attempts detected by the detection module 8.
  • the protection device 1 also comprises a device such as a timer configured to activate the configuration module 6 and / or the detection module 8.
  • the protection device 1 further comprises at least one shielding surface disposed above or around the one or more mesh surfaces 2A, 2B. This shielding surface makes it possible, for example, to protect the equipment from chemical or electromagnetic attacks.
  • the film 1A comprises a primary mesh surface 2A, a secondary mesh surface 2B and an interconnection surface 4.
  • the cells 3A of the primary mesh surface 2A will here be called “cells primary cells "and the cells 3B of the mesh surface 2B will be referred to as” secondary cells ".
  • the primary mesh surface 2A is interposed between the secondary mesh surface 2B and the outer face 86 of the housing 82, and the interconnection surface 4 is interposed between the primary and secondary mesh surfaces 2A, 2B .
  • an attacker must first pass through the primary mesh surface 2A.
  • the interconnection surface 4 is disposed below the primary and secondary mesh surfaces 2A, 2B, i.e. between said mesh surfaces 2A, 2B and the electronic circuit 84.
  • each mesh surface 2A, 2B comprises thirty-five cells 3A, 3B.
  • the cells 3A, 3B have, for example, an identical surface. Alternatively, the cells 3A, 3B have distinct sizes.
  • the cells 3A, 3B of each mesh surface 2A, 2B are distributed over said mesh surface 2A, 2B
  • Each cell 3A, 3B is constituted by a continuous portion of electrical circuit 20, the breaking of which, the alteration of an electrical characteristic or the short-circuit makes it possible to detect an attempt to intrude into the protective device 1.
  • This continuous portion 20 comprises a continuous electrical line, typically formed by a continuous segment of a conductive track.
  • the continuous portion 20 is constituted by such a continuous electrical line.
  • the continuous portion 20 comprises, in addition to the electrical line, an electrical component electrically connected to said power line; this electrical component is for example a resistive component, a capacitive component or an inductive component, and it is typically electrically connected in series or in parallel with the continuous electrical line.
  • Each conductive track forms a geometric pattern, as illustrated in FIGS. 6 and 7.
  • This geometric pattern is for example a boustrophedon, as shown in FIG. 6.
  • the geometric pattern is a spiral, as represented in FIG. 7: the cell 3A, 3B then has an inductance, and it is adapted to generate an electromagnetic field under the effect of an electric current flowing in the cell 3A, 3B, and to induce an electric current in the conductive track when it is subject to an electromagnetic field.
  • the cells 3A, 3B whose conductive track forms a spiral will hereinafter be called "inductive cells”.
  • the generator 7 is able to inject an electrical excitation signal of the cells 3A, 3B at an entry point (not shown) of the 1A film.
  • the signal sensor 9 is adapted to pick up an output electrical signal measured at an output point (not shown) of the 1A film.
  • the interconnection surface 4 is adapted to electrically connect certain cells 3A, 3B to each other so as to form at least one electrical circuit (not shown) capable of conducting an electric signal from the entry point to the point of contact. exit. It should be noted that the expression “capable of conducting an electrical signal” must here be understood in a broad sense, and thus includes the case where the electrical signal led by the electric circuit is altered between the entry and exit points.
  • the interconnection surface 4 is configured to connect together cells 3A, 3B of the same mesh surface 2A, 2B in order to form a more or less complex mesh.
  • the interconnection surface 4 is also configured, in this first embodiment, for interconnecting cells 3A, 3B of different mesh surfaces 2A, 2B.
  • the interconnection surface 4 comprises, in the example illustrated in FIG. 4, a programmable component 23 and a plurality of connectors 24.
  • the programmable component 23 is, for example, an FPGA (acronym
  • the programmable component 23 is able to activate the configuration module 6, the detection module 8, the reaction module 10, the generator 7, the signal sensor 9 and, optionally, the timer.
  • the programmable component 23 houses the generator 7, the detection module 8, the signal sensing module 9, the reaction module 10 and the timer, which are then software applications integrated into the programmable component 23.
  • the programmable component 23 is also configured to determine the interconnections of the connectors 24 on the interconnection surface 4 and to interconnect the connectors 24 according to the determined interconnections.
  • the programmable component executes, for example, a function of evolution of the interconnections adapted to evolve over time the interconnections of the connectors 24 for each group of connected cells 3A, 3B.
  • the connectors 24 are on the one hand connected to the ends of the continuous portions 20 of the cells 3A, 3B.
  • the connectors 24 are further interconnected by the programmable component 23 for serially connecting cells 3A, 3B of the mesh surfaces 2A, 2B in a first configuration to form groups of cells connected in series. These groups of connected cells form the meshes mentioned above. Such groups of cells connected in series are also called "equipotential". There may be several equipotentials in parallel, each corresponding to a group of cells.
  • the interconnection surface 4 comprises several programmable components 23.
  • the interconnection surface 4 comprises an electromechanical microsystem controlled by actuators.
  • An electromechanical microsystem also called MEMS (Microelectromechanical Systems Acronym) is a microsystem comprising one or more mechanical elements and using electricity as a source of energy, in order to perform a sensor and / or actuator function, with at least one structure having micrometric dimensions.
  • the conductive tracks 20 of the cells 3A, 3B of each group of connected cells form a continuous electrical circuit of conductive tracks.
  • FIGS. 2 and 4 in which the same filling is used for the cells 3A, 3B of the same continuous electrical circuit, illustrate various continuous electrical circuits of conductive tracks.
  • Each DC circuit is electrically connected to the input and output points and has a characteristic impedance.
  • characteristic impedance it is understood that it is the impedance of the entire electrical circuit, taken between said entry and exit points.
  • This characteristic impedance comprises a characteristic resistance and reactance of the electric circuit.
  • the characteristic reactance itself comprises an inductive component (or characteristic inductance) and a capacitive component (or characteristic capacitance). It should be noted that each of the characteristic inductance and capacitance can be zero.
  • the configuration module 6 is able to configure the interconnections of the connectors 24 according to the first configuration of the interconnection surface 4.
  • the configuration module 6 is adapted to reconfigure the interconnections of the connectors 24 in the course of time according to a new configuration of the interconnection surface 4.
  • the configuration module 6 is thus able to modify over time the current configuration of the interconnection surface 4 to obtain a new configuration of the interconnection surface 4 and to reconfigure all the interconnections of the connectors 24 according to the second configuration.
  • the configuration module 6 is able to randomly determine each of a plurality of configurations of the interconnection surface 4.
  • each configuration is selected from a plurality of configurations tested and validated at the factory to avoid configuration errors or non-optimal configurations.
  • the determination of each configuration is pseudo-random, that is to say that although the possible configurations are known, the multiplicity of configurations does not allow to predict the configuration that will be chosen by the configuration module 6 .
  • the configuration module 6 is further adapted to modify the configuration of the interconnection surface 4 when an intrusion attempt is detected by the detection module 8.
  • the configuration module 6 is, for example, able to modify the configuration of the interconnection surface 4 so as to increase the number of groups of cells connected in the area of the mesh surface 2 where an attempt to intrusion was detected.
  • Such an increase in the number of cell groups and therefore electrical circuits in an area is called "mesh tightening" in the area. Tighten the mesh in an area makes it even more complex the use of short circuits to free access space to the area to protect.
  • the configuration module 6 is capable of increasing or decreasing the number of cells of a group on a part of the interconnection surface 4 according to a predefined rule, a state or an event .
  • the configuration module 6 is activated at times randomly, pseudo-randomly or periodically chosen by the timer of the protection device 1, which makes it more difficult for an attacker to anticipate the configuration of the device. the interconnection surface 4.
  • the configuration module 6 is able to modify the configuration of the interconnection surface 4 so as to move over time, on one or on each mesh surface 2, the area of the surface mesh 2 having the highest number of connected cell groups.
  • a dense zone in groups of cells and therefore in electrical circuits makes it possible to detect an intrusion more easily.
  • such a zone uses more resources to function. The displacement of such a zone therefore makes it possible to compromise between the fineness of detection of an intrusion and the consumption of the protection device 1.
  • the configuration module 6 is, for example, a software application integrated in the programmable component 23.
  • the configuration module 6 is able to actuate the actuators.
  • the detection module 8 is able to detect a modification of the characteristic impedance of each electric circuit. Any intrusion being characterized by a modification of the impedance of an electrical circuit, for example a modification of its resistance (in particular in case of breakage of the electrical continuity within a group of connected cells) or of its reactance (in particular if a probe is inserted into the heart of an inductive cell), the detection module 8 is therefore able to detect the intrusions.
  • the detection module 8 is able to detect a break in the electrical continuity within each group of cells connected along the interconnection surface 4.
  • the detection module 8 typically employs the so-called “dry loop” technique, or a transmit-receive of a signal, or a latency measure.
  • the detection module 8 is also clean, in this first embodiment always, to detect a modification of the characteristic reactance of each electrical circuit, and more particularly of its characteristic inductance.
  • the detection module 8 is able to periodically control the generation, by the generator 7, of at least one electrical excitation signal, so as to excite one of the electrical circuits, to measure a characteristic value of the response of the electrical circuit to said excitation signal, calculating a difference between the or each measured value and a reference value, and detecting a change in the characteristic reactance of the electric circuit in the case where the calculated difference or an average of the calculated differences exceeds a predetermined threshold.
  • An electrical excitation signal typically consists of a voltage step.
  • voltage step it is understood that it is an electrical signal consisting of a sudden change in the voltage at the input of the electrical circuit, the input voltage being then maintained at a substantially constant value during a predetermined duration.
  • the characteristic value measured is then a duration for the voltage of the electrical output signal following the excitation of the electrical circuit by the voltage step reaches a reference voltage.
  • the reference value is a reference time which is for example equal to an average of several durations each measured following the excitation of the electrical circuit by a voltage step and at the end of which the voltage of the output signal was substantially equal to the reference voltage.
  • the measured characteristic value is then a voltage reached after a given duration following the excitation of the electrical circuit by the voltage step, said given duration being less than the duration of the voltage step.
  • the reference value is a reference voltage which is for example equal to an average of several voltages each measured after the same duration following the excitation of the electrical circuit by a voltage step identical to the excitation signal used by the module. detection 8.
  • the detection module 8 is able to use the methods of detecting the breaking of the electrical continuity and of detecting the modification of the characteristic reactance in a combined manner according to a defined, pseudo-random or random temporal interleaving.
  • the detection module 8 is configured to be activated at a regular frequency, at least equal to the reconfiguration frequency of the interconnections of the connectors 24 by the configuration module 6.
  • the detection module 8 is activated at times chosen randomly or pseudo-randomly by the timer of the protection device 1.
  • the detection module 8 is configured to apply a security policy following the detection of a change in the impedance of an electrical circuit.
  • the security policy includes, for example, erasing the sensitive data of the equipment protected by the protection device 1, the activation of additional tests such as mesh surface integrity tests 2 or the reconfiguration of the devices. interconnections of the connectors 24 according to a new configuration of the interconnection surface 4 in order to carry out additional detection.
  • the reaction module 10 is connected to the detection module 8.
  • the reaction module 10 makes it possible to initiate a reaction action in response to an attempt to intrude into the protection device 1 detected by the detection module 8.
  • the reaction module 10 is configured to erase the sensitive data. present in the electronic circuit 84, to activate additional tests and / or to trigger a reconfiguration of the interconnections of the connectors 24.
  • the timer is advantageously a low power timer.
  • the ratio between the wake-up and sleep periods of the configuration module 6 and / or the detection module 8 activated by the timer is for example of the order of 1 per 1000; ie 1 millisecond of wake up for a second of sleep, with nevertheless differences between the wakes very weak compared to the time of implementation of an attack.
  • a method of protecting the electronic circuit 84 by means of the protection device 1 according to the first embodiment will now be described with reference to FIG. 8.
  • the protection method comprises a step 100 of providing the protection device 1 as described above.
  • This step 100 is preferably followed by an initial calibration step 102 of the detection module 8, during which the or each reference value which will be used to detect the change in the characteristic reactance of the circuit is determined.
  • the protection method comprises a step 1 for determination by the configuration module 6 of a first configuration of the interconnection surface 4. Then, during a next step 120, the configuration module 6 performs the configuration of the interconnections of the connectors 24 of the interconnection surface 4 according to the first configuration of the interconnection surface 4 previously determined during step 1. .
  • the detection module 8 is activated in order to detect a possible modification of the impedance on each electrical circuit formed by the groups of cells 3A, 3B electrically interconnected by the connectors 24 according to the first configuration. of the interconnection surface 4, and in particular to detect a possible rupture of the electrical continuity on each of said groups of cells.
  • the detection module 8 is, for example, activated at a moment chosen randomly by the timer.
  • the activation step 130 is followed by the following steps:
  • a step 134 for measuring a characteristic value of the response of the electrical circuit to the excitation signal is a step 134 for measuring a characteristic value of the response of the electrical circuit to the excitation signal.
  • step 134 is followed by the following steps:
  • the steps 132 and 134 are repeated so as to perform a plurality of measurements of the or each characteristic value, then followed by the following steps:
  • the detection module 8 When the detection module 8 detects a change in the impedance of an electrical circuit, for example a break in the electrical continuity of this circuit, the detection module 8 communicates, during a step 140, with the reaction module 10. The reaction module 10 then performs protective actions on the electronic circuit 84.
  • steps 1 to 140 are repeated over time.
  • the configuration module 6 is, for example, activated at times chosen randomly by the timer.
  • the configuration of the interconnection of the connectors 24 carried out by the configuration module 6 during the step 1 is alternatively, for example, a function of the state of the system or of a detected event.
  • the interconnections between the connectors 24 are reconfigured over time, which makes it possible to obtain new configurations of the interconnection surface 4 and to detect possible short circuits of several of different equipotential cells.
  • the detection module 8 is activated several times between two configurations, by the configuration module 6, interconnections of the connectors 24 of the interconnection surface 4.
  • the activation of the configuration module 6 is, in effect, independent activation of the detection module 8.
  • the interconnection surface 4 is, in this second embodiment, adapted so that the entry and exit points remain electrically isolated from each other.
  • the electrical circuits formed by the connection of the cells 3A, 3B to each other each have an electrical discontinuity.
  • the electrical circuit comprises at least one pair of cells 30 formed of two of the electrically isolated cells 3A, 3B, said cells 3A, 3B being, however, electromagnetically coupled to one another. to the other.
  • This pair 30 thus has a coupling impedance between the cells 3A, 3B of the pair.
  • the two cells 3A, 3B of the inductive couple 30 are inductive cells, a first of said cells 3A, 3B being a primary cell 3A and the second cell of the pair being a secondary cell 3B which is substantially aligned vertically with the first one. cell.
  • capacitor torque for which this electromagnetic coupling is a capacitive coupling, that is to say that the coupling impedance between the cells 3A, 3B of the cell pair comprises a capacitance.
  • the conductive tracks of the cells 3A, 3B of the capacitive pair 30 typically both have a rake-shaped geometric pattern, as shown in FIG. 12.
  • there is at least one capacitive torque a first of which cells 3A, 3B is a primary cell 3A and the second cell is a secondary cell 3B which is substantially vertically aligned with the first cell.
  • there is at least one capacitive couple whose cells 3A, 3B both belong to the same mesh surface 2A or 2B, said cells 3A, 3B then being embedded one inside the other, as shown in Figure 13.
  • an excitation signal used to detect a change in the characteristic reactance of the electrical circuits is preferably an alternating signal whose frequency varies over time.
  • the measured characteristic value is then typically a quality factor of the electrical circuit.
  • the detection module 8 is able to determine a resonant frequency of the electric circuit and a bandwidth of the electric circuit. For this purpose, the detection module 8 is able to measure the amplitude of the output signal sensed by the sensor 9 for each of the values taken by the frequency of the electrical excitation signal, and to determine:
  • the resonance frequency as being the frequency of the excitation signal for which the amplitude of the output signal is maximum
  • the bandwidth being the frequency width, including the resonance frequency, for which the ratio of the amplitude of the output signal to the amplitude of the maximum output signal is greater than a predetermined value, typically 0.5.
  • the reference value is then a reference quality factor which is typically measured at the factory during the production of the protection device 1.
  • the characteristic value measured is only the resonance frequency of the electric circuit.
  • the reference value is then a reference resonance frequency measured at the factory during the production of the protection device 1.
  • an excitation signal used to detect a change in the characteristic reactance consists of an alternating signal having a predetermined frequency.
  • the characteristic value measured is then an amplitude of the electrical output signal sensed by the sensor 9 during the excitation of the electrical circuit by the excitation signal, and the reference value is a reference amplitude which is typically equal to an amplitude of electrical output signal measured at the factory during the production of the protection device 1 and while the electric circuit was excited by an electrical signal at the predetermined frequency.
  • the interconnection surface 4 is, in this second embodiment, configured to maintain the mesh surfaces 2A, 2B electrically isolated from each other.
  • Each primary cell 3A is then electrically isolated from each secondary cell 3B; each primary cell 3A is, however, advantageously electromagnetically coupled to the secondary cell 3B which is substantially aligned vertically with said primary cell 3A.
  • the interconnection surface 4 is also configured so that each primary cell 3A of an electrical circuit is substantially aligned vertically with a secondary cell 3B belonging to the same electrical circuit.
  • This characteristic is illustrated by FIGS. 10 and 11, in which the filling used is identical for each primary cell 3A and the secondary cell 3B is aligned vertically with it.
  • the primary cells 3A of the same electrical circuit are all electrically connected to each other and together form a primary mesh.
  • the secondary cells 3B of the same electrical circuit are advantageously all electrically connected to each other and together form a secondary mesh.
  • the interconnection surface 4 is adapted so that the entry point is electrically connected to at least one primary cell 3A of each electrical circuit.
  • the cells directly excited by the electrical excitation signal of the generator 7 are all primary cells 3A, and the electrical signal flowing in the secondary cells 3B is only a signal induced by the inductive or capacitive coupling phenomena between cells 3A, 3B.
  • the exit point is advantageously electrically connected to at least one secondary cell 3B of each electric circuit.
  • the electronic circuit 84 is effectively protected against physical attacks with a simple and inexpensive mesh format that does not complicate the development and manufacturing phases of the protection device 1.
  • the interconnection surface 4 is programmed to renew itself in time function, which brings a significant gain for the level of protection provided by the mesh.
  • the reconfiguration over time of the interconnections of the connectors 24 between the cells 3A, 3B of the mesh surfaces 2A, 2B makes it possible to limit the reverse engineering attacks and thus render inoperative the use of shunts to bypass the electrical circuits of the mesh.
  • the knowledge acquired by an attacker on the system is only partially recoverable for the development of an attack on another system.
  • the mesh surfaces 2A, 2B and the interconnection surface 4 form a physical protection barrier for the electronic circuit 84, for the configuration module 6 and for the detection module 8.
  • the tightening of the mesh at the level of an area of interest is particularly useful in the case of optimized management of the number of available resources, that is to say of optimization of the number of inputs and outputs of the area of interest. interconnection surface 4.
  • the protection device 1 thus solves the problem of increasing the complexity of the meshes of the state of the art by reconfiguring the interconnections of the connectors 24 of the interconnection surface 4 over time.
  • the geometry of the mesh is thus specific to a device to be protected and is variable in time.
  • the frequency of the reconfigurations, by the configuration module 6, interconnections of the connectors 24 of the interconnection surface 4 is also adaptable depending on the desired level of protection for the electronic system 80 or the estimated attack risks.
  • the protection device 1 also makes it possible to maintain the energy consumption at an acceptable level and to make the protection durable, even when the equipment of the protection device 1 is powered by an emergency power supply for a long period.
  • the protection device 1 makes it possible to detect intrusion attempts targeting isolation regions between the conducting tracks or involving the short-circuit. individual cell of a set of cells covering an area of interest, which was not possible with existing solutions. The protection of the electronic circuit 84 is thus reinforced. It will be understood by those skilled in the art that the invention is not limited to the described embodiments, nor to the particular examples of the description.
  • At least one electrical circuit is formed by the connection, not reconfigurable by the configuration module 6, of at least two adjacent cells 3 of a mesh surface 2 via a component previously configured statically at the factory.
  • a previously statically configured component is a component that is unalterably integrated with the protection device 1 during its manufacture.
  • Each group of cells connected to each other by a previously statically configured component forms a macro-cell.
  • the macro-cells have the advantage of limiting the number of interconnections of the connectors 24 of the interconnection surface 4.
  • a statically configured component is a component integrally integrated with the protection device 1 during its manufacture.
  • Each group of cells connected to each other by a statically configured component forms a macro-cell.
  • the macro-cells interconnected by the configuration module 6 have the advantage of limiting the number of interconnections of the connectors 24 of the interconnection surface 4.
  • interconnections of the connectors 24 of the interconnection surface 4 are defined statically partly for certain groups of cells and dynamically for others.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Condensed Matter Physics & Semiconductors (AREA)
  • Power Engineering (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)
EP16775586.7A 2015-09-22 2016-09-22 Vorrichtung zum schutz einer elektronischen schaltung mit erkennung einer änderung der elektrischen reaktanz Withdrawn EP3353704A1 (de)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
FR1501957A FR3041454B1 (fr) 2015-09-22 2015-09-22 Dispositif de protection d'un circuit electronique avec detection d'un changement de reactance electrique
PCT/EP2016/072566 WO2017050911A1 (fr) 2015-09-22 2016-09-22 Dispositif de protection d'un circuit électronique avec détection d'un changement de réactance électrique

Publications (1)

Publication Number Publication Date
EP3353704A1 true EP3353704A1 (de) 2018-08-01

Family

ID=55177993

Family Applications (1)

Application Number Title Priority Date Filing Date
EP16775586.7A Withdrawn EP3353704A1 (de) 2015-09-22 2016-09-22 Vorrichtung zum schutz einer elektronischen schaltung mit erkennung einer änderung der elektrischen reaktanz

Country Status (4)

Country Link
EP (1) EP3353704A1 (de)
FR (1) FR3041454B1 (de)
SG (1) SG11201802259QA (de)
WO (1) WO2017050911A1 (de)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3550466B1 (de) 2018-04-06 2023-08-02 Fraunhofer-Gesellschaft zur Förderung der angewandten Forschung e.V. Puf-film und verfahren zur herstellung davon
EP3550475A1 (de) 2018-04-06 2019-10-09 Fraunhofer-Gesellschaft zur Förderung der angewandten Forschung e.V. Puf-film und verfahren zur herstellung desselben
EP3550623B1 (de) 2018-04-06 2020-07-29 Fraunhofer-Gesellschaft zur Förderung der angewandten Forschung e.V. Puf-film und verfahren zur herstellung davon

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2864667B1 (fr) * 2003-12-29 2006-02-24 Commissariat Energie Atomique Protection d'une puce de circuit integre contenant des donnees confidentielles
US7281667B2 (en) * 2005-04-14 2007-10-16 International Business Machines Corporation Method and structure for implementing secure multichip modules for encryption applications
US7710286B1 (en) * 2007-03-30 2010-05-04 Maxim Integrated Products, Inc. Intrusion detection using a conductive material
US20120185636A1 (en) * 2010-08-04 2012-07-19 Isc8, Inc. Tamper-Resistant Memory Device With Variable Data Transmission Rate
US8434158B2 (en) * 2011-08-29 2013-04-30 Maxim Integrated Products, Inc. Systems and methods for detecting and thwarting unauthorized access and hostile attacks on secured systems

Also Published As

Publication number Publication date
SG11201802259QA (en) 2018-04-27
FR3041454B1 (fr) 2018-03-16
FR3041454A1 (fr) 2017-03-24
WO2017050911A1 (fr) 2017-03-30

Similar Documents

Publication Publication Date Title
EP3195296B1 (de) System und verfahren zur sicherung eines elektronischen schaltkreises
FR2755526A1 (fr) Systeme de lecture d'empreintes digitales avec resistances de chauffage integrees
WO2017050911A1 (fr) Dispositif de protection d'un circuit électronique avec détection d'un changement de réactance électrique
EP3401830B1 (de) Verfahren zur sicherung eines integrierten schaltkreises bei seiner herstellung
EP2866259A1 (de) Elektronischer Chip mit Mitteln zum Schutz dessen Rückseite
WO2011015795A2 (fr) Dispositif de detection capacitif a integration de fonctions
CA2466675C (fr) Dispositif de securite filaire pour la detection du vol d'un objet a proteger et procede de fonctionnement
EP2432302B1 (de) Schutzvorrichtung für einen gedruckten elektronischen Schaltkreis
EP3210162A1 (de) Vorrichtung zur erfassung digitaler fingerabdrücke
EP0231549A1 (de) Geschützte Umfassung mit elektrischem Schalter und ihre Anwendung
FR2485231A1 (fr) Systeme electronique d'identification
WO2003083769A1 (fr) Entite electronique transactionnelle securisee par mesure du temps
CA2709733A1 (fr) Capteur tactile multicontacts a mode veille
EP3794415B1 (de) Serienredundante kapazitive abtastvorrichtung
EP3353767A1 (de) System zur erkennung von intrusionen durch rekonfiguration
EP0965994B1 (de) Mit Hilfe komplementärer Busleitungen gesicherte integrierte Schaltkreisanordnung
FR2849244A1 (fr) Procede de determination du caractere vivant d'un element porteur d'une empreinte digitale
EP4033389B1 (de) Vorrichtung zum schutz und zur überwachung eines elektronischen systems, die mindestens eine elektronische komponente umfasst, entsprechendes verfahren zum schutz und zur überwachung der integrität des elektronischen systems und der vorrichtung sowie zum stören von angriffen
WO2014180664A1 (fr) Surcouche destinee a recouvrir un objet, notamment un cable, pour la detection et/ou la localisation d'un defaut a sa surface
WO2019025516A1 (fr) Dispositif de détection d'attaque lce et de contre-mesure
FR2863746A1 (fr) Circuit integre protege par bouclier actif
EP3188073B1 (de) Angrifferkennungssystem
EP3329417B1 (de) Behandlungsvorrichtung für elektronische chips eines länglichen elements
FR2844897A1 (fr) Entite electronique securisee avec gestion du temps
EP3855352B1 (de) Vorrichtung zum erfassen von fingerabdrücken

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

17P Request for examination filed

Effective date: 20180322

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

DAV Request for validation of the european patent (deleted)
DAX Request for extension of the european patent (deleted)
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20200603