KR20170141110A - Integrated circuit, mobile device having the same, and operating method for preventing hacking thereof - Google Patents

Abstract

The present invention relates to an integrated circuit, which protects an attack detection circuit from physical damage or laser error attacks. The integrated circuit can comprise: an internal circuit; and an attack detection circuit detecting an external attack on the internal circuit, wherein the attack detection circuit can include a built-in-self-test (BIST) circuit which detects a physical attack on the attack detection circuit.

Description

TECHNICAL FIELD [0001] The present invention relates to an integrated circuit, a mobile device including the same, and an anti-hacking method thereof. BACKGROUND OF THE INVENTION [0002]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a semiconductor circuit, and more particularly, to an integrated circuit, a mobile device including the same, and a hack prevention method thereof.

As hacking methods for systems are gradually developed, hackers are attempting to leak important information (personal information, financial information, technical information, etc.) inside the system through various methods. In particular, an attacker may attempt to disable an attack detection circuit for physical damage to the chip or to prevent hacking through a laser fault attack.

It is an object of the present invention to provide an integrated circuit that protects an attack detection circuit from physical damage or a laser error attack, a mobile device including the same, and a method of operation thereof.

An integrated circuit according to an embodiment of the present invention includes an internal circuit and an attack detection circuit for detecting an external attack on the internal circuit, And may include a built-in self-test (BIST) circuit.

An integrated circuit according to another embodiment of the present invention includes an internal circuit and an attack detection circuit for detecting an external attack on the internal circuit, and the attack detection circuit includes a plurality of detectors In-self-test (BIST) units corresponding to each of the plurality of detectors and detecting whether each of the plurality of detectors is in a normal operation state, a comparator for comparing the output values of the BIST units with a reference voltage And a detector for generating an attack notification signal according to at least one result value of the comparator.

A mobile device according to an embodiment of the present invention includes an application processor, a memory for storing data necessary for operation of the application processor, and a security chip for performing a security operation of the application processor, And an attack detection circuit for detecting an external attack on the chip, and the attack detection circuit includes a built-in-self-test (BIST) circuit for detecting a physical attack or a laser error attack on the attack detection circuit can do.

An operation method of an integrated circuit according to an embodiment of the present invention includes: receiving a security built-in-self-test (BIST) activation signal; performing a security BIST operation in response to the security BIST activation signal; The method comprising the steps of: determining a normal state or an attack state of an attack detection circuit of the integrated circuit as a result of performing a BIST operation; transmitting an attack notification signal to an internal circuit of the integrated circuit when the attack detection circuit is in the attack state; And resetting or shutting down the internal circuit or deleting data used in the internal circuit in response to the attack notification signal.

An integrated circuit, a mobile device including the same, and an operation method thereof according to an embodiment of the present invention can monitor a physical attack or a laser error attack on an attack detection circuit to block a hacking threat to an internal circuit in real time have.

BRIEF DESCRIPTION OF THE DRAWINGS Figure 1 is an exemplary illustration of an integrated circuit for illustrating the concept of the present invention.
2 is a diagram illustrating an exemplary attack detection circuit according to an embodiment of the present invention.
3 is an exemplary diagram illustrating an abnormal condition sensing circuit according to an embodiment of the present invention.
4 is a diagram illustrating an exemplary attack detection circuit according to another embodiment of the present invention.
5 is a diagram illustrating an exemplary attack detection circuit according to another embodiment of the present invention.
6 is a flowchart illustrating an exemplary process of performing an anti-hack operation in an integrated circuit according to an embodiment of the present invention.
FIGS. 7A, 7B, and 7C are conceptual diagrams of a normal mode and a security BIST mode of the attack detection circuit of the present invention. FIG.
FIG. 8 is a diagram illustrating a process of determining a normal state / an attack state of an attack detection circuit according to an embodiment of the present invention.
9 is a diagram illustrating an exemplary comparator according to an embodiment of the present invention.
10 is a view showing an integrated circuit according to another embodiment of the present invention.
11 is a diagram illustrating an exemplary attack detection circuit shown in FIG. 10;
12 is a diagram illustrating an exemplary embodiment of a laser detector according to an embodiment of the present invention.
13A, 13B, 13C, and 13D are views showing the laser detector according to the embodiment of the present invention in more detail.
14 is a diagram illustrating an example of an attack detection circuit having a reference voltage generation circuit 230 according to an embodiment of the present invention. 15 is a flowchart illustrating an exemplary process of performing an anti-hacking operation in an integrated circuit according to an embodiment of the present invention.
16 is a view showing an integrated circuit according to another embodiment of the present invention.
17 is a view illustrating an exemplary security system according to an embodiment of the present invention.
18 is a diagram illustrating an exemplary security system according to another embodiment of the present invention.
19 is an exemplary view illustrating a security chip inserted into a mobile device according to an embodiment of the present invention.
20 is an exemplary illustration of a mobile device in accordance with an embodiment of the present invention.
21 is an exemplary illustration of an electronic device according to an embodiment of the present invention.

BRIEF DESCRIPTION OF THE DRAWINGS The above and other objects, features and advantages of the present invention will be more apparent from the following detailed description taken in conjunction with the accompanying drawings, in which: FIG.

1 is an exemplary illustration of an integrated circuit 100 for illustrating the concept of the present invention. Referring to FIG. 1, an integrated circuit 100 may include an internal circuit 110 and an attack detection circuit 120. Here, the attack detection circuit 120 may be a circuit for protecting the internal circuit 110 from at least one attack.

The integrated circuit 100 may be implemented in a variety of computing devices such as, for example, a smart card, an embedded security element (eSE), a universal subscriber identity module (USIM) card, a financial security and identification (FSID) card, brand protection products, IoT (internet of things) wearable device products, and the like.

The internal circuit 110 may be implemented to provide at least one security function to the above described security product. For example, a security function may be a function related to data confidentiality, integrity, availability, user access control, and authority. In an embodiment, the internal circuit 110 may be implemented as a single chip. For example, the internal circuit 110 may be implemented as a system-on-chip (SoC).

The attack detection circuit 120 may be configured to detect whether the internal circuit 110 is operating abnormally to protect the internal circuit 110 from an external attack. For example, the attack detection circuit 120 may be implemented to detect an attack on the internal circuit 110 using glitch, voltage, temperature, frequency, and the like.

In addition, attack detection circuit 120 may include a built-in self-test (BIST) circuit 122. The security BIST circuit 122 may be implemented to detect whether all or a portion of the configuration of the attack detection circuit 120 is physically damaged or a laser fault attack.

In addition, the security BIST circuit 122 may be implemented to be activated in response to the BIST activation signal BEN. In an embodiment, the BIST activation signal BEN may be transmitted from the internal circuitry 110 either periodically or aperiodically. For example, the integrated circuit 100 may be powered on, and after a reference time, the BIST activation signal BEN may be generated periodically. In another embodiment, the BIST activation signal BEN may be generated in accordance with the internal policy of the integrated circuit 100. Illustratively, the BIST activation signal BEN may itself be generated within the attack detection circuit 120 according to a predetermined policy.

On the other hand, the attack detection circuit 120 may be configured to generate an attack notification signal when detecting an external attack to the internal circuit 110 or the attack detection circuit 120. The internal circuit 110 may be reset or shut down in response to an attack notification signal. In addition, the internal circuit 110 may delete important data that may be leaked to the outside in response to an attack notification signal.

The integrated circuit 100 according to the embodiment of the present invention detects an external attack to the attack detection circuit 120 as well as the internal circuit 110 and performs a protection function according to the detection result, have.

2 is a diagram illustrating an exemplary attack detection circuit 120 according to an embodiment of the present invention. Referring to FIG. 2, the attack detection circuit 120 may include an abnormal condition detection circuit 121, a security BIST circuit 122, a comparator 123, and a detector 124.

The abnormal condition sensing circuit 121 may be implemented to sense various abnormal conditions of the internal circuit 110. For example, the abnormal conditions may include voltages, currents, frequencies, temperatures, etc., that are outside the normal range. Although not shown in the figure, the abnormal condition detection circuit 121 may include a plurality of abnormal condition detectors for detecting such abnormal conditions. The detection result of the abnormal condition detection circuit 121 may be provided to the security BIST circuit 122.

The security BIST circuit 122 may include a floating switch 122-1 and a pull-up switch 122-2.

In an embodiment, the floating switch 122-1 may be implemented to float the output of the security BIST circuit 122. [ For example, the floating switch 122-1 is turned off in response to the inverted BIST activation signal BENB, so that the output terminal of the abnormal condition detection circuit 121 can be disconnected from the output terminal of the security BIST circuit 122 have. Further, the output terminal of the abnormal condition sensing circuit 121 can be connected to the output terminal of the security BIST circuit 122 by turning on the floating switch 122-1 in response to the inverted BIST activation signal BENB.

Up switch 122-2 is responsive to the BIST activation signal BEN to electrically connect the power supply terminal receiving the power supply voltage VDD and the output terminal of the security BIST circuit 122 Can be turned on. The pull-up switch 122-2 is turned on and off in response to the BIST activation signal BEN in order to electrically shut off the power supply terminal receiving the power supply voltage VDD and the output terminal of the security BIST circuit 122, .

Meanwhile, the security BIST circuit 122 may detect whether the attack detection circuit 120 is normally operating in response to the BIST activation signal BEN. For example, when the pull-up switch 122-2 is turned on in response to the BIST activation signal BEN, the comparator 123 compares the power supply voltage VDD ) And the reference voltage VREF. The comparison result of the comparator 123 may include information indicating whether the attack detection circuit 120 is normally operating.

For convenience of explanation, a security BIST circuit 122 implemented as one BIST unit corresponding to one abnormal condition sensor is shown in FIG. However, the scope of the present invention is not limited thereto, and it should be understood that the security BIST circuit 122 of the present invention may include a plurality of BIST units respectively corresponding to a plurality of abnormal condition detectors.

The detector 124 may be configured to receive at least one output value from the comparator 123 and to determine whether the attack detection circuit 120 is under attack from the outside. For example, if there is a change in the output value of the current comparator 123 compared with the output value of the comparator 123 in the previous state, it can be determined that there is no external attack to the attack detection circuit 120. Here, the previous state is a state in which the floating switch 122-1 is turned on and the pull-up switch 122-2 is turned off. Illustratively, the previous state may be an operating mode or operating state in which the integrated circuit 100 performs a general operation.

On the other hand, if there is no change in the output value of the comparator 123 compared with the previous state, it can be determined that there is an external attack to the attack detection circuit 120. 2, an attack detection circuit 120 including a comparator 123 and a detector 124 is shown. However, it should be understood that the attack detection circuit 120 of the present invention is not limited thereto. In the attack detection circuit of the present invention, the comparator and the detector may be implemented in a single configuration.

3 is an exemplary diagram illustrating an abnormal condition sensing circuit 121 according to an embodiment of the present invention. Referring to FIG. 3,

The circuit 121 includes an abnormal frequency sensor 121-1, an abnormal voltage sensor 121-2, an abnormal temperature sensor 121-3, a light exposure sensor 121-4, a glitch attack sensor 121-5, A de-encapsulation detector 121-6, and various other types of detectors 121-i.

The abnormal frequency detector 121-1 may be configured to detect the main clock frequency and to generate a detection signal when the detected frequency is outside the prescribed range. The abnormal voltage sensor 121-2 may be configured to detect a level of a voltage supplied from the outside and generate a detection signal when the level of the detected voltage is out of the rated range. The unsteady temperature sensor 121-3 may be configured to detect the ambient temperature of the integrated circuit 100 and to generate a sense signal when the sensed temperature is above or below the reference range. The light exposure sensor 121-4 may be implemented to generate a sensing signal when the silicon oxide film used as a protective film of the integrated circuit 100 is removed and exposed to external light. The glitch attack detector 121-5 may be configured to detect variations in the power supply voltage and generate a sense signal when the power supply voltage suddenly changes. The decapsulation detector 121-6 may be implemented to generate a detection signal when the integrated circuit 100 is decalcated.

3, the security BIST circuit 122 may include a plurality of BIST units, and each of the plurality of BIST units may include a plurality of detectors 121-1 to 121- 6, respectively.

On the other hand, the security BIST circuit 122 shown in FIG. 2 is implemented with a pull-up switch structure. However, the present invention is not limited thereto. The security BIST circuit of the present invention may be implemented with a pull-down switch structure or a pull-up / pull-down switch structure.

4 is a diagram illustrating an exemplary attack detection circuit 120a according to another embodiment of the present invention. 4, the attack detection circuit 120a is identical to the attack detection circuit 120 shown in FIG. 2 except for the security BIST circuit 122a having the pull-down switch 122-3 will be.

The security BIST circuit 122a may include a floating switch 122-1 and a pull-down switch 122-3 coupled to the ground terminal. The floating switch 122-1 may be configured to float at least one output value (i.e., sensing signal) of the abnormal condition sensing circuit 121. [ The floating switch 122-1 can perform a function similar to the floating switch 122-1 of FIG. In an embodiment, a ground voltage (GND) may be provided at the ground terminal.

In an embodiment, the pull-down switch 122-3 is turned on in response to the BIST activation signal BEN and the floating switch 122-1 is turned on in response to the inverted BIST activation signal BENB, Off. In another embodiment, the pull-down switch 122-3 is turned off in response to the BIST activation signal BEN and the floating switch 122-1 is turned on in response to the inverted BIST activation signal BENB - It can be turned on.

In addition, the security BIST circuit 122a can detect whether the attack detection circuit 120a operates normally in response to the BIST activation signal BEN. For example, when the pull-down switch 122-3 of the security BIST circuit 122a is turned on, the comparator 123 compares the ground voltage GND forcibly provided to the output terminal of the security BIST circuit 122 The reference voltage VREF can be compared. The comparison result value may indicate whether the attack detection circuit 120a is an external attack.

On the other hand, the security BIST circuit 122 of FIG. 2 includes a pull-up circuit structure and the security BIST circuit 122 of FIG. 4 includes a pull-down circuit structure. However, the security BIST circuit of the present invention will not be limited thereto. The security BIST circuit of the present invention may be implemented in a structure including both a pull-up circuit and a pull-down circuit. At this time, the pull-up circuit and the pull-down circuit are optimized for each of the detectors (for example, 121-1 to 121-7 and 121-i in FIG. 3) of the abnormal condition detection circuit 121 and selectively activated . For example, some of the detectors (e.g., abnormal frequency detector 121-1) may be coupled to a secure BIST circuit in a pull-up configuration, and some of the detectors (e.g., glitch attack detector 121 -5) may be connected to the security BIST circuit of the pull-down structure.

5 is a diagram illustrating an exemplary attack detection circuit 120b according to another embodiment of the present invention. 5, the attack detection circuit 120b includes a security BIST circuit 122-3 having a pull-up switch 122-2 and a pull-down switch 122-3, as compared with the attack detection circuit 120 of FIG. (122b).

The security BIST circuit 122b includes a floating switch 122-1 that is turned on in response to the inverted BIST activation signal BENB, a pull-up switch 122-1 that is turned on in response to the first BIST activation signal BEN1 122-2, and a pull-down switch 122-3 that is turned on in response to a second BIST enable signal BEN2. In an embodiment, either the first BIST activation signal BEN1 or the second BIST activation signal BEN2 may be a BIST activation signal BEN and the other may be a signal having a ground voltage GND. It should be understood that the first BIST activation signal BEN1 and the second BIST activation signal BEN2 of the present invention are not limited thereto.

In an embodiment, when the floating switch 122-1 is turned on in response to the inverted BIST activation signal BENB, the pull-up switch 122-2 and the pull-down switch 122-3 All can be turned off. In another embodiment, when the floating switch 122-1 is turned off in response to the inverted BIST activation signal BENB, the pull-up switch 122-2 and the pull-down switch 122-3, Can be turned on.

In FIG. 5, one security BIST circuit 122b is shown for convenience of explanation. It should be understood that the number of security BIST circuits 122b shown in Fig. 5 exists corresponding to the various attack detectors 121-1, 121-2, ..., 121-i shown in Fig.

6 is a flowchart illustrating an exemplary process of performing an anti-hacking operation in the integrated circuit 100 according to an embodiment of the present invention. Referring to Figs. 1 to 6, the hack prevention operation of the integrated circuit 100 is as follows.

The integrated circuit 100 can start to operate. (S110). For example, the integrated circuit 100 may operate according to control of an external device connected to the integrated circuit 100 or by booting the system including the integrated circuit 100 or by powering the integrated circuit 100 have. Illustratively, when the integrated circuit 100 starts operating, it may enter a secure BIST mode to perform a secure BIST operation. Illustratively, the security BIST operation is described with reference to the following operations.

For example, the internal circuit 110 (see FIG. 1) of the integrated circuit 100 may transmit the BIST activation signal BEN periodically or aperiodically to the security BIST circuit 122 to enter the security BIST mode (S120). The security BIST circuit 122 (see FIG. 1) of the attack detection circuit 120 (see FIG. 1) may be activated in response to the BIST activation signal BEN.

The security BIST circuit 122 may block the output values of the abnormal condition detection circuit 121 in response to the BIST activation signal BEN. The security BIST circuit 122 compulsorily pulls up the output terminal (i.e., an attack sensing terminal) of the security BIST circuit 122 to the power supply voltage VDD or to the ground voltage GND The security BIST operation to pull-down can be performed (S130).

As a result of performing the security BIST operation, it can be determined whether there is an attack to the attack detection circuit 120 or not. As a result of the security BIST operation, if there is a level change by comparing the previous output value with the current output value, it can be determined that there is no external attack to the attack detection circuit 120. That is, the attack detection circuit 120 is operating in a normal state. On the other hand, if the previous output value continues to be maintained as a result of the security BIST operation (i.e., if there is no level change by comparing the previous output value with the current output), it is determined that there is an external attack to the attack detection circuit 120 . That is, the attack detection circuit 120 is in an attack state (S140).

If the attack detection circuit 120 is in a normal state, the security BIST circuit 122 may be deactivated (S150). At this time, the abnormal condition sensing circuit 121 of the attack detection circuit 120 can perform normal operation (S160). Thereafter, it can be determined whether the operation of the attack detection circuit 120 is continued (S170). If the operation continues, the security BIST circuit 122 may be activated periodically or politically. Otherwise, the operation of the attack detection circuit 120 is terminated.

On the other hand, if the attack detection circuit 120 is in the attack state, the attack detection circuit 120 can notify the internal circuit 110 of the attack state (S155). The internal circuit 110 may reset or shut down in response to the alarm signal of the attack state or delete important information (e.g., personal information, financial information, etc.) that may be hacked (S165). In an embodiment, the important information to be deleted may be determined in advance.

The integrated circuit 100 according to the embodiment of the present invention can monitor the attack state of the internal circuit 110 as well as the attack detection circuit 120 to provide more secure hacking security measures.

7A, 7B, and 7C are conceptual illustrations of the normal mode and the security BIST mode of the attack detection circuit (e.g., 120b) of the present invention. 7A is a diagram illustrating an exemplary normal mode of the attack detection circuit. FIGS. 7B and 7C are diagrams illustrating an exemplary security BIST mode of the attack detection circuit.

First, referring to FIG. 7A, the floating switch of the security BIST circuit is in a turn-on state, and the pull-up / pull-down switches are in a turn-off state. 7B is a diagram showing a security BIST mode implemented with a pull-up switch of an attack detection circuit. Referring to FIG. 7B, the pull-up switch of the security BIST circuit is in a turn-on state, and the floating switch is in a turn-off state. 7C is a diagram showing a security BIST mode implemented with a pull-down switch of an attack detection circuit. Referring to FIG. 7C, the pull-down switch of the security BIST circuit is in a turn-on state, and the floating switch and the pull-up switch are in a turn-off state.

FIG. 8 is a diagram illustrating a process of determining a normal state / attack state of an attack detection circuit (e.g., 120b) according to an embodiment of the present invention. Referring to FIGS. 1 to 8, the process of determining the normal / attack state of the attack detection circuit is as follows.

The attack detection circuit operates either in a normal mode or a security BIST mode. In the normal mode, the floating switch of the security BIST circuit is turned on so that the output values of the abnormal condition detection circuit can be normally transmitted to the comparator 123 (see FIG. 2). On the other hand, in the security BIST mode, the floating switch of the security BIST circuit is turned off and the pull-up or pull-down switch of the security BIST circuit is turned on so that the power supply voltage VDD or the ground voltage GND, Lt; RTI ID = 0.0 > 122 < / RTI >

In an embodiment, in the normal state for the attack detection circuit, the output value COMP_OUT of the comparator 122 may change. On the other hand, in the attack state for the attack detection circuit, the output value COMP_OUT of the comparator 122 is constant and unchanged. Illustratively, a change in the output value COMP_OUT indicates a difference or a change in output values in each of the normal mode and the security BIST mode of the attack detection circuit.

For example, when the attack detection circuit is in a normal state (that is, in a state in which there is no attack from the attacker), the output value changes due to the power supply voltage VDD or the ground voltage GND forcibly generated by the security BIST circuit something to do. This means that the attack detection circuit can sense the power supply voltage VDD or the ground voltage GND forcibly generated. In other words, the change in the output value of the comparator 122 means that the attack detection circuit operates normally, which will indicate the normal state of the attack detection circuit.

On the other hand, when the attack detection circuit is in an attack state (i.e., an attack occurs from an attacker), the output value does not change due to the power supply voltage VDD or the ground voltage GND forcibly generated by the security BIST circuit . This means that the attack detection circuit can sense a change according to the power supply voltage VDD or the ground voltage GND forcibly generated. In other words, the fact that the output value of the comparator 122 does not change means that the attack detection circuit does not operate normally, which will indicate an attack state of the attack detection circuit.

Illustratively, FIG. 8 is a graph for briefly explaining the technical idea of the present invention. That is, the change of the signal shown in FIG. 8 is a schematic, and the scope of the present invention is not limited thereto.

Although not shown in the figure, in the normal mode operation of the attack detection circuit, if an external attack is detected, there may be a change in the output value COMP_OUT of the comparator 122. [

9 is a diagram illustrating an exemplary comparator 123 according to an embodiment of the present invention. Although two comparison units 123-1 and 123-2 are shown in FIG. 9 for convenience of explanation, it should be understood that the number of comparison units of the present invention is not limited thereto. Each of the comparison units 123-1 and 123-2 can be implemented to compare the output value of the security BIST circuit (FIG. 2, 122) with the corresponding reference voltages VREF1 and VREF2. In the security BIST mode, each of the comparison units 123-1 and 123-2 is configured to compare the reference voltages VREF1 and VREF2 with the power supply voltage VDD (in a pull-up switch structure) and the ground voltage GND In a pull-down switch structure). In an embodiment, the first reference voltage VREF1 and the second reference voltage VREF2 may have different voltage levels. In another embodiment, the first reference voltage VREF1 and the second reference voltage VREF2 may have the same voltage level.

If there is an attack to the attack detection circuit, the output values of the comparison units 123-1 and 123-2 will not be forcibly changed by the received power supply voltage VDD or the ground voltage GND. The detector 124 may include a logic circuit 124-1 for logically computing output values of the comparison units 123-1 and 123-2. For example, logic circuit 124-1 may be implemented to perform an AND operation. When the logical levels of the output values of the comparison units 123-1 and 123-2 are equal to each other, the detector 124 may generate an attack notification signal RST informing an external attack. On the other hand, it should be understood that the configuration of the comparator 124 is not limited to the end operation shown in FIG.

Each of the internal configurations of the attack detection circuit described in Figs. 1 to 9 may include a laser detector for detecting a laser error attack. These laser detectors can be used to monitor laser error attacks on the internal circuitry of the attack detection circuitry.

10 is a diagram illustrating an integrated circuit 200 in accordance with an embodiment of the present invention. 10, the integrated circuit 200 may include an internal circuit 210 and an attack detection circuit 220. The attack detection circuit 220 may include a security BIST circuit 222 and at least one laser detector 225 ). The security BIST circuit 222 may be implemented to detect that the attack detection circuit 220 is operating normally. The laser detector 225 may be configured to detect a laser error attack on the attack detection circuit 220. Upon detection of a laser error attack on the attack detection circuit 220, the internal circuit 210 may be immediately reset or shut down, or may delete critical data that may be leaked to the outside.

11 is a diagram illustrating an exemplary attack detection circuit 220 shown in FIG. 11, the attack detection circuit 220 is connected to each of the internal structures 221, 222, 223c, and 224, as compared with the attack detection circuit 120b shown in FIG. 5, , 225-2, 225-3, and 335-4). Each of the laser detectors 225-1, 225-2, 225-3, and 335-4 detects a laser fault attack and resets or shuts down the internal circuit 210 according to the detection result Can be implemented.

Meanwhile, each of the laser detectors 225-1, 225-2, 225-3, and 335-4 of the present invention can be implemented as a latch circuit.

12 is an exemplary illustration of a laser detector according to an embodiment of the present invention. Referring to FIG. 12, the laser detector 10 may include an initial value setting circuit 12 and a latch circuit 14.

The initial value setting circuit 12 may be configured to set an initial value of the first node N1 in response to the initial value signal IV. The latch circuit 14 may be implemented to latch the initial value.

In an embodiment, the initial value signal IV may be provided from an internal circuit. The latch circuit 14 may include inverters INV1, INV2, 15, 16 connected in opposite directions between the first node N1 and the second node N2. When there is a laser error attack, the initial value of the first node (N1) can be changed due to the leakage current of the latch circuit (14). The laser detector 10 can generate an output value OUT indicating whether or not to change the initial value.

13A, 13B, 13C, and 13D are views showing the laser detector according to the embodiment of the present invention in more detail.

13A is a circuit diagram of a laser detector according to an embodiment of the present invention. Referring to FIG. 13A, the laser detector 10a may include an initial value setting circuit 12a, first and second inverters 15a and 16a. The first inverter 15a may include a first PMOS transistor PT1 and a second NMOS transistor NT1. The first PMOS transistor PT1 is connected between the power supply voltage VDD and the first node N1 and the gate of the first PMOS transistor PT1 is connected to the second node N2. The first NMOS transistor NT1 is connected between the first node N1 and the ground voltage GND and the gate of the first NMOS transistor N1 is connected to the second node N2.

The second inverter 16a may include a second PMOS transistor PT2 and a second NMOS transistor NT2. The second PMOS transistor PT2 is connected between the power supply voltage VDD and the second node N2 and the gate of the second PMOS transistor PT2 is connected to the first node N1. The second NMOS transistor NT2 is connected between the second node N2 and the ground voltage GND and the gate of the second NMOS transistor NT2 is connected to the first node N1. Illustratively, the first node N1 may be a node outputting the output signal OUT, and the second node N2 may be a node outputting the inverted output signal OUTB.

The initial value setting circuit 12a may include an NMOS transistor NIT connected between the first node N1 and the ground voltage GND and receiving the initial value signal IV as a gate. The NMOS transistor NIT may be turned on in response to the initial value signal IV to initialize the output signal OUT to a low level (e.g., GND).

Some of the first and second PMOS transistors PT1 and PT2 and the first and second NMOS transistors NT1 and NT2 are designed (e.g., laid out) to increase reactivity to the laser, (E. G., Layout) in order to suppress the reactivity to the < / RTI > For example, the size (e.g., the active area) of some of the first and second PMOS transistors PT1 and PT2 and the first and second NMOS transistors NT1 and NT2 may increase the reactivity to the laser And may be designed to be relatively larger than the size of other transistors.

The first NMOS transistor NT1 and the second PMOS transistor PT2 are initially controlled to be turned on by the initial value setting circuit 12a and the first PMOS transistor PT1 And the second NMOS transistor NT2 may be initially controlled to be turned off by the initial value setting circuit 12a.

The first NMOS transistor NT1 and the second PMOS transistor PT2 that are initially controlled to be turned on may have a relatively small size as compared with the other transistors PT1 and NT2 so as not to react with the laser. On the other hand, the first PMOS transistor PT1 and the second NMOS transistor NT2, which are initially controlled to be turned off, have a relatively large size compared to the other transistors NT1 and PT2 so as to be able to react with the laser. .

In order to adjust the size of each of the first NMOS transistor NT1 and the second PMOS transistor PT2, the first PMOS transistor PT1 and the second NMOS transistor NT2, the ratio of the length to the width of the active region of each transistor ratio of width to length, W / L) can be adjusted. In order to adjust W / L, the length and / or width of the active region of each transistor can be adjusted.

According to an embodiment, the W / L of the active region of the first NMOS transistor NT1 versus the second NMOS transistor NT2 may be 1: 2. Also, according to the embodiment, the W / L of the active region of the second PMOS transistor PT2 versus the first PMOS transistor PT1 may be 1: 2. However, the present invention is not limited thereto.

The first NMOS transistor NT1 and the second PMOS transistor PT2 may be covered by a metal layer in order to prevent the first NMOS transistor NT1 and the second PMOS transistor PT2 from reacting with the laser, . ≪ / RTI > In order to allow the first PMOS transistor PT1 and the second NMOS transistor NT2 to react well with the laser, the first PMOS transistor PT1 and the second NMOS transistor NT2 are not covered by the metal layer Can be laid out.

13B is a circuit diagram of a laser detector according to another embodiment of the present invention. Referring to FIG. 13B, the laser detector 10b may be implemented in the same manner as the laser detector 10a of FIG. 13A except for the second inverter 16b. The second inverter 16b may include a PMOS transistor PT2 and NMOS transistors NT21 and NT22. Each of the NMOS transistors NT21 and NT22 may be connected between the first node N1 and the ground voltage GND and may include a gate connected to the first node N1.

13C is a circuit diagram of a laser detector according to another embodiment of the present invention. Referring to FIG. 13C, the laser detector 10c may be implemented in the same manner as the laser detector 10a of FIG. 13A except for the second inverter 16c. The second inverter 16c may include PMOS transistors PT21 and PT22 and NMOS transistors NT2. The PMOS transistors PT21 and PT22 may be connected in series between the power supply voltage VDD and the first node N1 and the gates of the PMOS transistors PT21 and PT22 may be coupled to the first node N1.

13D is a circuit diagram of a laser detector according to another embodiment of the present invention. Referring to FIG. 13D, the laser detector 10d may be implemented in the same manner as the laser detector 10a of FIG. 13A except for the initial value setting circuit 12d. The initial value setting circuit 12d may include a PMOS transistor PIT. The PMOS transistor PIT may be connected between the power supply voltage VDD and the second node N2 and may include a gate receiving the inverted initialization signal IVB.

Meanwhile, the laser detectors 10a to 10b shown in FIGS. 13A to 13D are merely illustrative for explaining embodiments of the present invention, and the scope of the present invention is not limited thereto.

On the other hand, the integrated circuit of the present invention may be implemented to include a laser detector in the reference voltage generating circuit that generates the reference voltage VREF.

14 is a diagram illustrating an example of an attack detection circuit having a reference voltage generation circuit 230 according to an embodiment of the present invention. Referring to FIG. 14, the attack detection circuit may further include a reference voltage generation circuit 230 as compared with the attack detection circuit 220 of FIG. The reference voltage generating circuit 230 may include at least one laser detector 231.

The reference voltage generating circuit 130 may generate the reference voltage VREF used in the attack detecting circuit 220 (for example, 220 in FIG. 11). The attacker may attempt to disable the operation of the attack detection circuit 220 by changing the reference voltage VREF through the laser error attack. The reference voltage generating circuit 230 of the present invention detects the attempted change of the reference voltage VREF of the attacker using the laser detector 231 and resets the internal circuit 210 (see FIG. 10) according to the detection result You can shut down.

Meanwhile, the attack detection circuit according to the embodiment of the present invention can perform the security detection operation simultaneously with the security BIST operation.

FIG. 15 is a flowchart illustrating an exemplary process of performing an anti-hacking operation in the integrated circuit 200 according to an embodiment of the present invention. Referring to FIGS. 10 to 15, the anti-hack operation of the integrated circuit 200 may include steps S210, S220, and S250 to S270. Steps S210, S220, and S250 through S270 are similar to steps S110, S120, and S150 through S170 in FIG. 6, and thus detailed description thereof will be omitted.

Illustratively, the integrated circuit 200 may detect a laser error attack in a secure BIST mode. (S230) For example, as described with reference to Figures 10-14, each of the internal configurations of attack detection circuit 220 may include a laser detector. The laser detector may be implemented to detect a laser error attack from an attacker.

The integrated circuit 200 may determine whether the laser is in the normal state or in the attack state according to the laser error attack detection result (S240). For example, if a laser error attack is not detected, it can be determined to be in the normal state, and it can be determined that it is in an attack state if a laser error attack is detected. According to the determination result, the integrated circuit 200 may perform steps S250 to S270.

Illustratively, a security BIST mode for detecting a laser error attack has been described with reference to FIG. 15, but the scope of the present invention is not limited thereto. According to the present invention, the attack detection circuitry 220 of the integrated circuit 200 can be configured to detect a laser error attack in the normal mode and to output an attack alert signal if a laser error attack is detected .

In addition, the security BIST mode for detecting the laser error attack of FIG. 15 may be performed in parallel in combination with the operation of the security BIST mode of FIG. For example, an operation of detecting a laser error attack and an operation of discriminating a laser error attack (i.e., the operation of FIG. 15) may be performed in parallel or simultaneously with the security BIST mode of FIG. Or laser error attack may be performed in the middle of the operations of the security BIST mode of FIG. That is, the attack detection circuit 220 can be implemented to detect a laser error attack from an attacker through the laser detector, and to perform a security BIST operation.

On the other hand, the integrated circuit of the present invention may further include a laser detector in an internal circuit.

16 is a diagram showing an integrated circuit 300 according to an embodiment of the present invention. 16, the integrated circuit 300 may be implemented identically, except for the internal circuit 310 having at least one laser detector 311 as compared to the integrated circuit 200 of FIG. That is, the attack detection circuit 320 includes a security BIST circuit 322 implemented in the same manner as the security circuit circuit 222 and the at least one laser detector 225 of the attack detection circuit 220 of FIG. 10, and at least one One detector 325 may be included.

On the other hand, the attack detection circuit according to the embodiment of the present invention is applicable to a memory system (for example, a smart card).

17 is a diagram illustrating an exemplary security system 1000 according to an embodiment of the present invention. 17, the security system 1000 includes at least one central processing unit 1100, a buffer memory 1200, a code memory 1300, a cryptographic circuit 1400, at least one non-volatile memory device NVM (s) 1500, a non-volatile memory controller NVM CTRL 1600, and an attack detection circuit 1700.

The central processing unit 1100 may be implemented to control the overall operation of the security system 1000. The buffer memory 1200 may be implemented to temporarily store data necessary for operating the security system 1000. [ For example, the buffer memory 1200 may be implemented as a randomly accessible memory. The code memory 1300 may be implemented to store code data necessary for operating the security system 1000. [ The encryption circuit 1400 can be implemented to decrypt the command enabling the encryption, authentication and digital signature under the control of the central processing unit 1100, and to process the data. The non-volatile memory 1500 may be implemented to store data necessary for driving the encryption circuit 1400. [ The non-volatile memory controller 1600 may be implemented to access the non-volatile memory 1500 under the control of the central processing unit or the encryption circuit 1400.

The attack detection circuit 1700 may be implemented with the attack detection circuit described in Figs. When an external attack on the internal configurations of the security system 1000 is detected, the detection circuit 1700 can generate and transmit an attack notification signal RST to the central processing unit 1100. [

On the other hand, it may be implemented to further include a laser detector in a cryptographic circuit to enhance the security of the cryptographic circuit of the security system.

18 is a diagram illustrating an exemplary security system 1000a according to another embodiment of the present invention. Referring to Fig. 18, the security system 1000a may be implemented in the same manner except for the encryption circuit 1400a in the security system 1000 shown in Fig. The encryption circuit 1400a may include a laser detector (LD) for detecting a laser error attack.

Meanwhile, the attack detection circuit of the present invention is applicable to a security identification card.

19 is an exemplary view illustrating a security chip 2000 inserted into a mobile device according to an embodiment of the present invention. Referring to FIG. 19, the security chip 2000 may include an attack detection circuit (ADC) described in FIGS. 1-16. In an embodiment, the security chip 2000 may be a SIM card, a USIM card, a smart card, or the like.

 Meanwhile, the attack detection circuit of the present invention is applicable to a security product embedded in a mobile device.

20 is an exemplary illustration of a mobile device 3000 in accordance with an embodiment of the present invention. 20, the mobile device 3000 may include an application processor (AP) 3100, a memory 3200, and a security chip (eSE, 3300).

The application processor 3100 may be implemented to control the overall operation of the mobile device 3000 and the wired / wireless communication with the outside. The buffer memory 3200 may be implemented to temporarily store data necessary for the processing operation of the mobile device 3000. [ In an embodiment, the buffer memory 3200 may be implemented as a DRAM, an SDRAM, an MRAM, or the like. The security chip 3330 is comprised of software and / or tamper resistant hardware and allows for a high level of security and can work in cooperation with the trusted execution environment (TEE) of the application processor 3100 . For example, the security chip 3300 may perform an encryption decryption operation, a MAC key generation / verification, and the like, which are performed in the TEE.

The security chip 3300 includes a native operating system (OS) as an operating system, a secure storage device as an internal data store, an access control block for controlling access rights to the security chip 3300, ownership management, management function, a digital signature, a security function block for performing encryption / decryption, and a firmware update block for updating firmware of the security chip. The security chip 3300 may be, for example, eSE (embedded secure elements). In addition, the security chip 3300 may be implemented to include the attack detection circuit described in Figs.

Although not shown, the mobile device 3000 may further include a display / touch module. The display / touch module may be implemented to display processed data at the processor 3100, or receive data from the touch panel.

Although not shown, the mobile device 3000 may further include a storage device. The storage device may be implemented to store user data. The storage device may be an embedded multimedia card (eMMC), a solid state drive (SSD), a universal flash storage (UFS), or the like. The storage device may include at least one non-volatile memory device. The nonvolatile memory device may be a NAND flash memory, a vertical NAND (VNAND), a NOR flash memory, a resistive random access memory (RRAM), a phase change memory (PRAM), a magnetoresistive random access memory (MRAM), a ferroelectric random access memory (FRAM), a spin transfer random access memory (STT-RAM), etc. .

The non-volatile memory device may also be implemented as a three-dimensional array structure. As an embodiment of the present invention, a three-dimensional memory array may be monolithically connected to one or more physical levels of arrays of memory cells having active areas disposed above a circuit associated with operation of a silicon substrate and memory cells. ). The circuitry associated with the operation of the memory cells may be located within or on the substrate. The term monolithical means that layers of each level in a three-dimensional array are deposited directly on the lower-level layers of the three-dimensional array.

As an embodiment in accordance with the inventive concept, a three-dimensional memory array has vertical directionality and includes vertical NAND strings in which at least one memory cell is located on the other memory cell. The at least one memory cell includes a charge trap layer. Each vertical NAND string may include at least one select transistor located over the memory cells. The at least one select transistor has the same structure as the memory cells and can be formed monolithically with the memory cells.

A three-dimensional memory array is composed of a plurality of levels and has word lines or bit lines shared between the levels. Suitable configurations for a three-dimensional memory array will be described in US 7,679,133, US 8,553,466, US 8,654,587, US 8,559,235, and US 2011/0233648, filed by Samsung Electronics and incorporated herein by reference. The nonvolatile memory device (NVM) of the present invention is applicable not only to a flash memory device in which the charge storage layer is composed of a conductive floating gate but also to a charge trap flash (CTF) in which the charge storage layer is composed of an insulating film.

On the other hand, the attack detection circuit of the present invention is applicable to an electronic device.

21 is an exemplary illustration of an electronic device according to an embodiment of the present invention. The electronic device according to the present invention may be an apparatus including a communication function. For example, a smartphone, a tablet personal computer, a mobile phone, a videophone, an e-book reader, a desktop personal computer, a laptop personal computer, netbook computer, personal digital assistant, portable multimedia player (PMP), MP3 player, mobile medical device, electronic bracelet, electronic necklace, electronic apps, camera, Wearable devices, electronic clocks, wrist watches, smart white appliances such as refrigerators, air conditioners, vacuum cleaners, artificial intelligence robots, TVs, digital video disk (Eg, magnetic resonance angiography (MRA), magnetic resonance imaging (MRI), computed tomography (CT), a photographic machine, an ultrasonic machine, etc.) A navigation device, a GPS receiver (g a lobal positioning system receiver, an event data recorder (EDR), a flight data recorder (FDR), a set-top box, a TV box (eg, Samsung HomeSync ™, Apple TV ™, or Google TV ™) Automotive infotainment devices, electronic equipment for ships (eg marine navigation devices, gyro compass, etc.), avionics, security devices, electronic apparel, electronic keys, camcorders, Game consoles, head-mounted displays, flat panel display devices, electronic albums, furniture or parts of buildings / structures including communication functions, electronic boards, An electronic signature receiving device or a projector, and the like. It is apparent to those skilled in the art that the electronic device according to the present invention is not limited to the above-mentioned devices.

The electronic device 4100 may include a bus 4110, a processor 4120, a memory 4130, a user input module 4140, a display module 4150, a communication module 4160, an attack detection circuit 4170 have.

Bus 4110 may be a circuit that couples the components described above to one another and communicates the communication (e.g., control messages) between the components described above.

Processor 4120 may receive instructions from other components (e.g., memory 4130, user input module 4140, display module 4150, communication module 4160, etc.) via bus 4110, To decode the received command, and to execute an operation or data processing according to the decoded command.

The memory 4130 may be coupled to the processor 4120 or other components such as the user input module 4140, the display module 4150, the communication module 4160, Lt; RTI ID = 0.0 > and / or < / RTI > The memory 4130 may include programming modules such as, for example, a kernel 4131, a middleware 4132, an application programming interface (API) 4133, or an application 4134. Each of the above-described programming modules may be composed of software, firmware, hardware, or a combination of at least two of them.

The kernel 4131 may include system resources (e.g., bus 4110) used to implement an operation or function implemented in the other programming modules, e.g., middleware 4132, API 4133, ), The processor 4120, the memory 4130, and the like). The kernel 4131 may provide an interface through which the individual components of the electronic device 4100 can be accessed and controlled or managed by the middleware 4132, the API 4133, or the application 4134.

The middleware 4132 can act as an intermediary for the API 4133 or the application 4134 to communicate with the kernel 4131 to exchange data. Middleware 4132 may also be associated with task requests received from applications 4134 such that at least one application of applications 4134 is associated with a system resource of electronic device 4100, (E.g., allocating a priority that can be used by the processor 4110, the processor 4120, or the memory 4130).

The API 4133 is an interface through which the application 4134 can control the functions provided by the kernel 4131 or the middleware 4132. For example, It may contain one interface or function.

The user input module 4140 may receive commands or data from a user, for example, and may transmit the received commands or data to the processor 4120 or the memory 4130 via the bus 4110. The display module 4150 can display images, images, data, and the like to the user.

Communication module 4160 can couple communications between electronic device 4100 and other electronic device 4102. The communication module 4160 may be coupled to a communications module 4160 that may be coupled to a communications module 4160 that may be coupled to a communications module 4160 using a predetermined short range communication protocol (e.g., wireless fidelity, Bluetooth, NFC, (e. g., of the same type) as the electronic device 4100. The electronic device 4102 may be an electronic device, such as a cellular telephone, Or other (e.g., other type of) device.

The attack detection circuit 4170 detects an external attack against the internal configurations 4110, 4120, 4130, 4140, 4150, 4160 of the electronic device 4100 or itself and prevents information leakage from the detected attack Can be implemented. In the embodiment, the attack detection circuit 4170 can be implemented with the attack detection circuit described in Figs. 1 to 16 described above.

Although not shown, the electronic device 4100 may include a biometric information management module for security function enhancement. The biometric information management module can manage, generate, store, delete, and the like biometric information of the user of the electronic device 4100.

The security system of the present invention can determine whether the security detector itself operates abnormally by using the security BIST. In the case of abnormal operation, the attack state of the security detector is transferred to the inside of the system, and the system can delete the system reset or stored important information. In addition, the security system of the present invention includes a laser detector (laser) which always operates in a normal mode and a security BIST mode regardless of a key block involved in attack sensing, detector can be added.

The security system of the present invention can prevent a physical or laser error attack on security detectors to prevent a hacking on a chip in advance, thereby improving the overall security reliability of the system. Therefore, security products using the security system of the present invention can have a high security level.

The above-described contents of the present invention are only specific examples for carrying out the invention. The present invention will include not only concrete and practical means themselves, but also technical ideas which are abstract and conceptual ideas that can be utilized as future technologies.

100, 200: integrated circuit
110, 210: internal circuit
120, 220: attack detection circuit
122, 222: Security BIST circuit
122-1, 122-2, and 122-3: switches
121: abnormal condition detection circuit
123: comparator
123-1, 123-2: comparison unit
124: detector
225: Laser detector

Claims (20)

Internal circuit; And
And an attack detection circuit for detecting an external attack on the internal circuit,
Wherein the attack detection circuit comprises:
And a secure built-in-self-test (BIST) circuit to sense a physical attack on the attack detection circuit. The method according to claim 1,
Wherein the internal circuit is implemented to perform a security function. The method according to claim 1,
Wherein the attack detection circuit comprises at least one sensor for sensing at least one abnormal condition of the internal circuit. The method of claim 3,
Wherein the attack detection circuit comprises:
Further comprising a comparator for comparing a reference voltage with an output value of the secure BIST circuit,
The security BIST circuit includes:
A floating switch for connecting an output of the at least one sensor and an output of the security BIST circuit in response to an inverted BIST activation signal; And
And a pull-up switch for connecting a power supply terminal provided with a power supply voltage in response to a BIST activation signal and an output terminal of the security BIST circuit. The method of claim 3,
Wherein the attack detection circuit comprises:
Further comprising a comparator for comparing a reference voltage with an output value of the secure BIST circuit,
The security BIST circuit includes:
A floating switch for connecting an output of the at least one sensor and an output of the security BIST circuit in response to an inverted BIST activation signal; And
And a pull-down switch connecting an output end of the security BIST circuit to a ground terminal providing a ground voltage in response to the BIST activation signal. The method of claim 3,
Wherein the attack detection circuit comprises:
Further comprising a comparator for comparing a reference voltage with an output value of the secure BIST circuit,
The security BIST circuit includes:
A floating switch for connecting an output of the at least one sensor and an output of the security BIST circuit in response to an inverted BIST activation signal;
A pull-up switch connecting a power supply terminal for providing a power supply voltage in response to a first BIST activation signal and an output terminal of the security BIST circuit; And
And a pull-down switch connecting an output end of the security BIST circuit to a ground terminal providing a ground voltage in response to a second BIST activation signal. The method according to claim 1,
The security BIST circuit is activated in response to the BIST activation signal,
Wherein the attack detection circuit operates in one of a security BIST mode in which the security BIST circuit is activated and a normal mode in which the security BIST circuit is inactivated. 8. The method of claim 7,
Wherein the BIST activation signal is generated periodically or aperiodically from the internal circuit. 8. The method of claim 7,
Wherein the attack detection circuit is configured to output an attack notification signal when the output value of the security BIST circuit in the normal mode is equal to the output value of the security BIST circuit in the security BIST mode. 10. The method of claim 9,
Wherein the internal circuit is configured to reset, shut down, or delete data to be processed in the internal circuit in response to the attack notification signal. The method according to claim 1,
Wherein the attack detection circuit further comprises at least one laser detector for detecting a laser error attack. 12. The method of claim 11,
Wherein the at least one laser detector comprises:
An initial value setting circuit for setting an initial value; And
And a latch circuit for latching the initial value. Internal circuit; And
And an attack detection circuit for detecting an external attack on the internal circuit,
Wherein the attack detection circuit comprises:
A plurality of detectors for detecting different abnormal conditions;
Built-in-self-test (BIST) units corresponding to each of the plurality of detectors and detecting whether each of the plurality of detectors is operating normally;
A comparator for comparing output values of the BIST units with a reference voltage; And
And a detector for generating an attack notification signal according to at least one result of the comparator. 14. The method of claim 13,
Each of the BIST units comprises:
A floating switch connected in response to an inverted BIST activation signal at each output of the plurality of detectors; And
A pull-up switch coupled to the power supply in response to the BIST activation signal, or a pull-down switch coupled to the ground terminal in response to the BIST activation signal. 14. The method of claim 13,
The comparator comprising:
And comparison units for comparing the respective output values of the BIST units with the reference voltage. 14. The method of claim 13,
Wherein at least one of the plurality of detectors, at least one of the BIST units, the comparator, and the detector includes a laser detector for detecting a laser error attack. 17. The method of claim 16,
Further comprising a reference voltage generator for generating the reference voltage,
Wherein the reference voltage generator comprises a laser detector. 14. The method of claim 13,
Wherein the internal circuit comprises at least one laser detector. 14. The method of claim 13,
The internal circuit includes:
A central processing unit;
A buffer memory for temporarily storing data used in the central processing unit;
A code memory for storing a program necessary for driving the central processing unit; And
And a cryptographic circuit for performing an encryption / decryption operation on the data,
Wherein the cryptographic circuit comprises at least one laser detector. An application processor;
A memory for storing data necessary for operation of the application processor; And
And a security chip for performing a security operation of the application processor,
The security chip
And an attack detection circuit for detecting an external attack on the security chip,
Wherein the attack detection circuit includes a built-in-self-test (BIST) circuit that detects a physical attack or a laser error attack on the attack detection circuit.

Images