WO2014100647A1 - Unique and unclonable platform identifiers using data-dependent circuit path responses - Google Patents

Unique and unclonable platform identifiers using data-dependent circuit path responses Download PDF

Info

Publication number
WO2014100647A1
WO2014100647A1 PCT/US2013/077049 US2013077049W WO2014100647A1 WO 2014100647 A1 WO2014100647 A1 WO 2014100647A1 US 2013077049 W US2013077049 W US 2013077049W WO 2014100647 A1 WO2014100647 A1 WO 2014100647A1
Authority
WO
WIPO (PCT)
Prior art keywords
identifier
circuits
threshold
data
frequency
Prior art date
Application number
PCT/US2013/077049
Other languages
French (fr)
Inventor
Xu Guo
Original Assignee
Qualcomm Incorporated
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Incorporated filed Critical Qualcomm Incorporated
Priority to KR1020157018765A priority Critical patent/KR101773490B1/en
Priority to CN201380064280.6A priority patent/CN104854465B/en
Priority to JP2015549795A priority patent/JP6096930B2/en
Priority to EP13828961.6A priority patent/EP2923214B1/en
Publication of WO2014100647A1 publication Critical patent/WO2014100647A1/en

Links

Classifications

    • GPHYSICS
    • G01MEASURING; TESTING
    • G01RMEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
    • G01R31/00Arrangements for testing electric properties; Arrangements for locating electric faults; Arrangements for electrical testing characterised by what is being tested not provided for elsewhere
    • G01R31/28Testing of electronic circuits, e.g. by signal tracer
    • G01R31/30Marginal testing, e.g. by varying supply voltage
    • G01R31/3004Current or voltage test
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3278Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response using physically unclonable functions [PUF]
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01RMEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
    • G01R31/00Arrangements for testing electric properties; Arrangements for locating electric faults; Arrangements for electrical testing characterised by what is being tested not provided for elsewhere
    • G01R31/28Testing of electronic circuits, e.g. by signal tracer
    • GPHYSICS
    • G01MEASURING; TESTING
    • G01RMEASURING ELECTRIC VARIABLES; MEASURING MAGNETIC VARIABLES
    • G01R31/00Arrangements for testing electric properties; Arrangements for locating electric faults; Arrangements for electrical testing characterised by what is being tested not provided for elsewhere
    • G01R31/28Testing of electronic circuits, e.g. by signal tracer
    • G01R31/317Testing of digital circuits
    • G01R31/31725Timing aspects, e.g. clock distribution, skew, propagation delay
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/73Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/76Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/86Secure or tamper-resistant housings

Definitions

  • Various features relate to generating unique and unclonable identifiers, and more specifically, to an identifier that is based on the intrinsic characteristics of a physical circuit or component.
  • Software protection is a family of computer security techniques that are used to prevent the unauthorized copying of software. In other words, software must be able to determine whether the user is properly licensed to use it, and run only if this is the case.
  • Another problem related to software protection is how to identify whether the chip (e.g., semiconductor device) or platform, on which the software is running, is a counterfeit chip.
  • Chip e.g., semiconductor device
  • platform on which the software is running
  • Counterfeit chips have proliferated and are a risk to the electronics supply chain.
  • the product fallout from counterfeit semiconductors can range from small problems like dropped calls to much larger issues. Consequently, identifying and restricting the usage of counterfeit chips in the electronics supply chain is vital.
  • a method operational in a processing circuit for generating a unique identifier.
  • One or more tests may be performed over one or more data- dependent circuit paths for one or more circuits.
  • the one or more circuits may be: (a) general purpose computational components, (b) non-identifier specific computational components, and/or (c) non-storage and/or non-memory circuits.
  • the one or more circuits may include at least one of: (a) one or more internal computational components; (b) one or more external computational components; and/or (c) a combination of internal and external computational components.
  • the one or more tests may be repeated over the one or more data-dependent circuit paths for the one or more circuits while adjusting an operating frequency and/or operating voltage for each of the one or more circuits.
  • the operating frequency and/or operating voltage are adjusted by at least one of: (a) increasing the operating frequency on each iteration of the test; (b) decreasing the operating voltage on each iteration of the test; and/or (c) adjusting a combination of the operating frequency and operating voltage on each iteration of the test.
  • a threshold frequency and/or threshold voltage may be ascertained for each of the one or more data-dependent circuit paths.
  • the threshold frequency may be the frequency at which a test over a given data-dependent circuit path provides an incorrect response to the test.
  • the threshold frequency may be the frequency at which an expected response to a test over a given data- dependent circuit path changes to an unexpected response.
  • An identifier may then be generated based on a plurality of the threshold frequencies and/or threshold voltages ascertained for the one or more data-dependent circuit paths.
  • the identifier may be associated with a platform which includes the processing circuit.
  • the method may further (a) associate a software application installation to the identifier; and/or (b) bind execution of the software application on the processing circuit to successful verification of the identifier. Successful verification of the identifier may compare an original instance of the identifier to a subsequent generated instance of the identifier to ascertain that they are the same.
  • the identifier may be based on: (a) two or more threshold frequencies and/or threshold voltages for two or more different circuit paths for one circuit, or (b) two or more threshold frequencies and/or threshold voltages for two or more different circuit paths for two or more different circuits.
  • the identifier may be stored for subsequent verification. During a verification process, a previously stored identifier may be retrieved. The generated identifier may then be compared to the previously stored identifier to ascertain whether they are the same.
  • An apparatus comprising one or more circuits coupled to a processing circuit may be provided for generating a unique identifier.
  • the processing circuit may be adapted to: (a) perform one or more tests over one or more data-dependent circuit paths of one or more circuits; (b) repeat the one or more tests over the one or more data- dependent circuit paths for the one or more circuits while adjusting an operating frequency and/or operating voltage for each of the one or more circuits; (c) ascertain a threshold frequency and/or threshold voltage for each of the one or more data-dependent circuit paths; and/or (d) generate an identifier based on a plurality of the threshold frequencies and/or threshold voltages ascertained for the one or more data-dependent circuit paths.
  • the identifier may be associated with a platform which includes the processing circuit.
  • a software application installation may be associated to the identifier, and execution of the software application on the processing circuit is bound to successful verification of the identifier.
  • Successful verification of the identifier may compare an original instance of the identifier to a subsequent generated instance of the identifier to ascertain that they are the same.
  • the one or more circuits may be: (a) general purpose computational components, (b) non-identifier specific computational components, and/or non- storage and/or non-memory circuits.
  • the operating frequency and/or operating voltage may be adjusted by at least one of: (a) increasing the operating frequency on each iteration of the test; (b) decreasing the operating voltage on each iteration of the test; and/or (c) adjusting a combination of the operating frequency and operating voltage on each iteration of the test.
  • the one or more circuits may include at least one of: (a) one or more internal computational components, (b) one or more external computational components; and/or (c) a combination of internal and external computational components.
  • the threshold frequency may be the frequency at which: (a) a test over a given data-dependent circuit path provides an incorrect response to the test, and/or (b) an expected response to a test over a given data-dependent circuit path changes to an unexpected response.
  • the identifier may be based on: (a) two or more threshold frequencies and/or threshold voltages for two or more different circuit paths for one circuit, and/or (b) two or more threshold frequencies and/or threshold voltages for two or more different circuit paths for two or more different circuits.
  • FIG. 1 illustrates a way of extracting an identifier (ID) by utilizing data-dependent circuit path response information for an on-board or off-board component or circuit.
  • ID identifier
  • FIG. 2 illustrates a way of extracting a platform identification (ID) by utilizing data-dependent circuit path response information from multiple on-board or off-board components or circuits.
  • ID platform identification
  • FIG. 3 is a table illustrating exemplary results for a set of input vectors at different operating frequencies.
  • FIG. 4 is a table illustrating exemplary results for a set of input vectors at different operating voltages.
  • FIG. 5 illustrates a table showing exemplary results for a set of input vectors at different operating frequency-voltage pairs.
  • FIG. 6 illustrates an exemplary processing circuit which may be adapted to compute a unique and unclonable identifier based on data-dependent circuit paths.
  • FIG. 7 illustrates a method for computing a unique and unclonable platform identifier (ID) by utilizing data-dependent circuit path response information for one or more on-board and/or off-board components, circuits, and/or semiconductors.
  • ID unique and unclonable platform identifier
  • a first aspect provides for using the unique characteristics inherent in each semiconductor circuit to generate a unique and unclonable platform identifier which can be extracted by the software at runtime and can be used to judge whether the software is running on the expected or intended semiconductor circuit or whether it is instead running on a simulator environment or a counterfeit platform.
  • the same circuit path in two instances of the same semiconductor circuit may have a different response (e.g., path delay, frequency response, voltage response, etc.).
  • the threshold frequency for stable operation for each data-dependent path of the same design may vary.
  • a second aspect provides for generating and applying different input vectors to simulate different data-dependent circuit paths and then extracting the frequency characteristics for each data-dependent circuit path.
  • a set of instructions may use a given input to perform various operations (e.g., different mathematical operations, etc.). Depending on the input used, the operations performed may use different circuit paths (i.e., data-dependent paths).
  • the input vectors may serve to introduce a plurality of data-dependent paths that can be characterized to generate the unique and unclonable platform identifier.
  • each data-dependent circuit path tested repeatedly until the results for each circuit path become unstable (e.g., the test results change from previous tests or are incorrect). The last known stable voltage/frequency for each pre-defined test is used to generate the unique identifier.
  • a third aspect provides for characterizing data-dependent circuit paths among a plurality of different semiconductor circuits, and/or over multiple internal and/or external sub-circuits or components. The characterization of two or more data- dependent circuit paths in different semiconductor circuits, sub-circuits, and/or components is then used to generate the unique and unclonable identifier.
  • a mechanism for generating a unique and unclonable identifier for a hardware device based on intrinsic variations of physical components (e.g., semiconductor devices, electrical paths, electrical components, etc.) and the use of data- dependent circuit paths. For instance, when multiple semiconductor devices are manufactured, the complex semiconductor process introduces slight variations that are beyond the control of the manufacturer or designer. Even if two semiconductor devices are manufactured from the same silicon wafer, electrical wires/paths designed to be the same will probably differ in width by a few nanometers. Microscopic differences in the surface of the silicon may also induce almost trivial variations in the curvature of electrical paths. Additionally, soldering of the semiconductor devices on a printed circuit board may cause differences in capacitances/impedance, etc.
  • physical components e.g., semiconductor devices, electrical paths, electrical components, etc.
  • a physical component e.g., semiconductor device
  • quantifying them can produce an intrinsic, unique and unclonable identifier.
  • one or more data-dependent circuit paths e.g., through one or more semiconductor devices are used to further improve the uniqueness of the identifier.
  • FIG. 1 illustrates a way of extracting an identifier (ID) by utilizing data- dependent circuit path response information for an on-board or off-board component or circuit.
  • the component or circuit 104 is being tested by an identifier generating module comprising input vectors 102 and an identifier generator 106.
  • the component or circuit may include: (a) a printed circuit board with electrically passive and active components, (b) a semiconductor device, and/or (c) a processing device.
  • the component or circuit 104 may be dynamically configurable by adjusting its operating frequency 118 and/or its operating voltage 120.
  • the component or circuit 104 may include multiple data- dependent circuit-paths A 114, B 116, C 118, and D 120.
  • the component or circuit 104 may be a signal processor, an arithmetic module, etc., that performs operations differently depending on the input data provided. For instance, additions and multiplication operations may take different paths in an arithmetic module. Additionally, an addition operation of larger numbers may take a different path than an addition operation of smaller numbers.
  • Such "path” may refer to, for example, the transistor(s) and/or electrical traces through with a particular operation is performed in the component or circuit 104.
  • the input vectors 102 may include one or more instructions and/or data input that cause certain operations and/or computations to be performed by the component or circuit 104.
  • Various examples of an input vector may include performing the operations: D1+D2, DlxD2, D1/D2, log(Dl), bitwise Dl AND D2, Dl XOR D2, among other more complex operations on Dl and/or D2, where Dl and D2 are data inputs (e.g., numbers, bit strings, etc.).
  • the input vectors may be any control signals or configurations that make a component run in different modes of operations.
  • a single input vector may be performed several times as an operating frequency 110 and/or voltage 112 for the component or circuit 104 is adjusted (e.g., increase frequency or decrease voltage, etc.) in each iteration. After each iteration, a check is performed to make sure the component/circuit 104 is still stable (e.g., providing the expected or correct response/result to the input vector). This process is repeated until a threshold operating frequency (or threshold operating voltage) is identified at which a data-dependent circuit path response/result changes. Once a threshold frequency and/or threshold voltage are identified, execution of that particular input vector on the data-dependent circuit path is ceased or terminated. Such threshold frequency for that particular input vector may then be used (e.g., in combination with the threshold frequencies for one or more other input vectors) to generate an identifier for the component or circuit.
  • an operating frequency 110 and/or voltage 112 for the component or circuit 104 is adjusted (e.g., increase frequency or decrease voltage, etc.) in each iteration.
  • the threshold frequency and/or threshold voltage may be ascertained in a number of ways.
  • the operating frequency 110 is incrementally increased while the operating voltage 112 is kept fixed.
  • the threshold voltage and/or threshold frequency are those at which the response/result to the input vector changes or is incorrect.
  • the operating voltage 112 is incrementally decreased, causing a corresponding decrease of the operating frequency 110.
  • the operating voltage 112 may be incrementally reduced (decreased) each iteration of an input vector until the results/response changes. Note that as the operating voltage 112 is reduced, this may also reduce the operating frequency.
  • the last minimum voltage (or resulting operating frequency) which provides the correct result/response for a particular input vector is used (e.g., in combination with the minimum voltage for one or more other input vectors) to generate an identifier for the component or circuit.
  • the operating voltage 112 is incrementally decreased, while the operating frequency 110 is incrementally increased.
  • a combination of both frequency and voltage may be adjusted (e.g., according to a predefined frequency/voltage pairing) until a threshold frequency/voltage is identified (e.g., frequency/ voltage pair at which a particular data path becomes unstable).
  • the identifier generator 106 may keep track of the maximum stable operating frequency (or lowest stable operating voltage) for each test vector and then uses these to compute the unique and unclonable identifier for the component, circuit, or semiconductor.
  • the maximum operating frequency of a component, circuit, or semiconductor may be determined by the longest (critical) circuit path delay (e.g., a series of different gates or logic devices connected in a chain with a maximum latency). This also means that the component, circuit, or semiconductor has shorter paths with different path delays which are dependent on the data values it computes in a particular test vector. Due to the influence of semiconductor process variations to the circuit path delay, the maximum frequency/minimum voltage of each data-dependent critical path of the same design but in different components, circuits, or semiconductors will have random variations. This also implies that the characterization of these maximum frequency (or lowest voltage) information of each data-dependent circuit path is good source of identification information for a particular component, circuit, and/or semiconductor.
  • critical circuit path delay e.g., a series of different gates or logic devices connected in a chain with a maximum latency
  • the data-dependent circuit paths may be dynamic circuit paths that receive an input and provide an output. So, they are non-storage and/or non-memory circuit paths.
  • FIG. 2 illustrates a way of extracting a platform identification (ID) by utilizing data-dependent circuit path response information from multiple on-board or off-board components or circuits.
  • ID platform identification
  • This aspect operates similar to the approach describe in FIG. 1 but with a plurality components or circuits 204, 206, and 208 being used to run one or more input vectors 202.
  • an input vector may be run while iteratively adjusting the corresponding operating voltage and/or operating frequency for each component or circuit 204, 206, and 208.
  • the operating frequency of a first component or circuit 204 may be increased to ascertain the maximum stable frequency for one or more data- dependent paths in the first component or circuit 204.
  • the operating voltage of a second component or circuit 206 may be decreased to ascertain the minimum stable voltage for one or more data-dependent paths in the second component or circuit 206.
  • the operating frequency/voltage pair of a third component or circuit 208 may be adjusted to ascertain a threshold stable frequency/voltage pair for one or more data- dependent paths in the third component or circuit 208.
  • the identifier generator may then use this response information for the plurality of components or circuits 204, 206, and 208 to compute a unique and unclonable intrinsic identifier for the platform (e.g., combination of components or circuits).
  • FIG. 3 is a table illustrating exemplary results for a set of input vectors at different operating frequencies. These input vectors may have been performed on one or more components, circuits, and/or semiconductor devices. Each of the input vectors (e.g., test-a, test-b, test-c, test-d) may be iteratively executed as the operating frequency is incrementally adjusted (e.g., increased) across one or more frequencies Freq-A, Freq- B, Freq-C, Freq-D, Freq-E, and/or Freq-F. As can be appreciated, depending on the data-dependent circuit path for each input vector, the input vector may Pass or Fail up to a maximum/threshold operating frequency.
  • the input vector may Pass or Fail up to a maximum/threshold operating frequency.
  • a Pass means that the data-dependent circuit path provided the expected or correct response to the input vector at a particular operating frequency.
  • a Fail means that the data-dependent circuit path provided an incorrect, unexpected, or changed response to the input vector at a particular operating frequency. For example, in test-c, the transition from Pass to Fail occurs between Freq- C and Freq-D.
  • the threshold frequency may be selected as either Freq-C or Freq- D. This threshold frequency at which an input vector transitions from Pass to Fail may be recorded and used to generate a unique and unclonable identifier associated with a platform.
  • FIG. 4 is a table illustrating exemplary results for a set of input vectors at different operating voltages. These input vectors may have been performed on one or more components, circuits, and/or semiconductor devices. Each of the input vectors (e.g., test-a, test-b, test-c, test-d) may be iteratively executed as the operating voltage is incrementally adjusted (e.g., decreased) across one or more voltages Volt-A, Volt-B, Volt-C, Volt-D, Volt-E, and/or Volt-F. As can be appreciated, depending on the data- dependent circuit path for each input vector, the input vector may Pass or Fail down to a minimum/threshold operating voltage.
  • the input vector may Pass or Fail down to a minimum/threshold operating voltage.
  • a Pass means that the data-dependent circuit path provided the expected or correct response to the input vector at a particular operating voltage.
  • a Fail means that the data-dependent circuit path provided an incorrect, unexpected, or changed response to the input vector at a particular operating voltage. For example, in test-a, the transition from Pass to Fail occurs between Volt-D and Volt-E.
  • the threshold voltage may be selected as either Volt-D or Volt-E. This threshold voltage at which an input vector transitions from Pass to Fail may be recorded and used to generate a unique and unclonable identifier associated with a platform.
  • FIG. 5 illustrates a table showing exemplary results for a set of input vectors at different operating frequency-voltage pairs. These input vectors may have been performed on one or more components, circuits, and/or semiconductor devices. Each of the input vectors (e.g., test-a, test-b, test-c, test-d) may be iteratively executed as the operating frequency/voltage pair is incrementally adjusted (e.g., increased or decreased) across one or more frequency/voltage pairs Freq/Volt-A, Freq/Volt-B, Freq/Volt-C, Freq/Volt-D, Freq/Volt-E, and/or Freq/Volt-F.
  • Each of the input vectors e.g., test-a, test-b, test-c, test-d
  • Each of the input vectors may be iteratively executed as the operating frequency/voltage pair is incrementally adjusted (e.g., increased or decreased) across one or more frequency/voltage pairs Freq/Volt-A, Freq
  • the input vector may Pass or Fail up to a threshold operating frequency-voltage pair.
  • a Pass means that the data-dependent circuit path provided the expected or correct response to the input vector at a particular operating frequency/voltage pair.
  • a Fail means that the data-dependent circuit path provided an incorrect, unexpected, or changed response to the input vector at a particular operating frequency/voltage pair.
  • the threshold frequency/voltage pair may be selected as either Volt-B or Volt-C. This threshold frequency/voltage pair at which an input vector transitions from Pass to Fail may be recorded and used to generate a unique and unclonable identifier associated with a platform.
  • FIG. 6 illustrates an exemplary processing circuit which may be adapted to compute a unique and unclonable identifier based on data-dependent circuit paths.
  • the processing circuit 602 may be coupled to an external storage device 604 containing instructions to effectuate generation of a unique identifier based on characteristics for one or more data-dependent circuit paths.
  • the storage device 604 may be integrated with the processing circuit 602 to effectuate generation of the unique identifier based on characteristics for one or more data- dependent circuit paths.
  • the processing circuit 602 may also include a programmable frequency module 622 (e.g., clock generator, etc.) that permits adjusting an operating frequency for one or more internal sub-circuits 610, 612, and/or 614 and/or one or more external components 616, 618, and 620. Additionally, the processing circuit 602 may also include a programmable voltage module 624 that permits adjusting an operating voltage for the one or more internal sub-circuits 610, 612, and/or 614 and/or the one or more external components 616, 618, and 620.
  • a programmable frequency module 622 e.g., clock generator, etc.
  • a programmable voltage module 624 that permits adjusting an operating voltage for the one or more internal sub-circuits 610, 612, and/or 614 and/or the one or more external components 616, 618, and 620.
  • the processing circuit 602 may include or obtain one or more instructions from the storage device 604 to ascertain data-dependent path response information for the one or more internal sub-circuits 610, 612, and/or 614 and/or the one or more external components 616, 618, and 620.
  • One or more input vectors 606 may be used by the processing circuit to execute or perform one or more operations on the sub-circuits 610, 612, 614, and/or components 616, 618, 620.
  • These input vectors may be run multiple times while incrementally adjusting the operating frequency and/or operating voltage of each of the sub-circuits 610, 612, 614 or components 616, 618, and 620 being tested until a threshold frequency and/or threshold voltage is ascertained for each data- dependent circuit path.
  • An identifier generator 608 then uses the resulting threshold frequencies and/or threshold voltages for a plurality of the data-dependent paths tested to generate a unique identifier 622.
  • the unique identifier is associated with a platform which includes the processing circuit 602, the internal/external circuits 610, 612, 614 and/or the components 616, 618, and 620.
  • the unique identifier is associated with a software application installation or execution on the processing circuit.
  • execution of a software application on the processing circuit 602 may be bound to successful verification of the unique identifier. For instance, every time the software application is executed, a verification is performed to ascertain that it is still being executed on the same platform as when it was installed based on the unique identifier. Successful verification of the unique identifier may compare an original instance of the unique identifier to a subsequent generated instance of the unique identifier to ascertain that they are the same.
  • FIG. 7 illustrates a method for computing a unique and unclonable platform identifier (ID) by utilizing data-dependent circuit path response information for one or more on-board and/or off-board components, circuits, and/or semiconductors.
  • One or more tests e.g., input vectors, computational operations, etc.
  • the one or more circuits may not be identifier-specific circuits, but rather general purpose circuits.
  • the one or more circuits are non-storage and/or non-memory circuits.
  • the one or more tests may be repeated over the one or more data-dependent circuit paths for the one or more circuits while adjusting an operating frequency and/or voltage for each of the one or more circuits 704. For instance, the operating frequency for each of the one or more circuits may be increased and/or the operating voltage for the one or more circuits may be decreased.
  • a threshold frequency and/or voltage may be ascertained for each of the one or more data-dependent circuit paths 706. For example, such threshold frequency or voltage may be the maximum frequency or minimum voltage at which a particular test starts to fail (e.g., the result/response changes).
  • An identifier may then be generated based on a plurality of the threshold frequencies and/or voltages ascertained for the one or more data-dependent circuit paths 708.
  • the identifier may be based (e.g., generated) on two or more threshold frequencies and/or threshold voltages for two or more different circuit paths for one circuit.
  • the identifier may be based on two or more threshold frequencies and/or threshold voltages for two or more different circuit paths for two or more different circuits.
  • the identifier In the case where the identifier is being initially generated, it may be stored (e.g., in non- volatile memory) for subsequent verification 710. For instance, a software application may obtain and store a first identifier when it is installed on a platform, thereby binding the software installation to one or more specific circuits, microprocessors, and/or semiconductor devices for a platform.
  • a previously stored identifier is retrieved 712.
  • the newly generated identifier (from step 708) is then compared to the previously stored identifier to ascertain whether they are the same 714. If they are the same, then it may be concluded that the platform used to generate both the stored identifier and newly generated identifier is the same and verification is successful. Otherwise, if the newly generated identifier and stored identifier are different, verification fails.
  • a software application may verify that it is still being executed on its original platform by verifying a newly generated identifier to a previously stored identifier, thereby binding the software installation to one or more specific circuits, microprocessors, and/or semiconductor devices for the platform.
  • Two exemplary implementation scenarios may be defined on a system-on-chip platform.
  • the on-chip computational component may provide one or more data-dependent circuit paths that can be used by the identifier extraction control software to generate an identifier.
  • a processor with platform identifier extraction control software, a programmable clock generator, and an off-chip computational component in communication with the processor.
  • the off-chip computational component may provide one or more data-dependent circuit paths that can be used by the identifier extraction control software to generate an identifier.
  • the processor may operate at a designated frequency in a stable state and it will execute several steps.
  • the control software may be run/executed with a collection of the test (input) vectors which can address different data-dependent circuit paths to test the on/off-chip computational components at first operating frequency.
  • the control software may then be run/executed with the test (while) vectors while at the same time the clock frequency generator is adjusted to increase or decrease the clock frequency (e.g., operating frequency) supplied to the computational component under test until a threshold frequency (e.g., maximum frequency) for each data-dependent circuit path is ascertained and/or recorded.
  • a threshold frequency e.g., maximum frequency
  • a comparison and quantization procedure may then be used to generate the unique identifier, which may also be a platform identifier. If the platform has multiple on-chip and/or off-chip computational components, multiple extracted identifiers can be combined into a single platform identifier.
  • This approach may be applicable to existing processors, semiconductors, and/or chips, many of which already have flexible clock frequency control mechanism enabled for low power consumption. Additionally, this approach for generating a unique identifier is bound to the hardware does not need to use external expensive testing setups and procedures. Moreover, there is no need to revise current chip design by adding extra hardware logic and its function can be enabled by software requests, so it is a zero-cost solution.
  • One or more of the components, steps, features, and/or functions illustrated in the Figures may be rearranged and/or combined into a single component, step, feature or function or embodied in several components, steps, or functions. Additional elements, components, steps, and/or functions may also be added without departing from the invention.
  • the apparatus, devices, and/or components illustrated in the Figures may be configured to perform one or more of the methods, features, or steps described in the Figures.
  • the algorithms described herein may also be efficiently implemented in software and/or embedded in hardware.
  • the processing circuit(s) illustrated in the Figures may be a specialized processor (e.g., an application specific integrated circuit (e.g., ASIC)) that is specifically designed and/or hard- wired to perform the algorithms, methods, and/or steps described in the Figures.
  • a specialized processor e.g., ASIC
  • ASIC application specific integrated circuit
  • the computer-readable storage medium may also store processor readable instructions that when executed by a specialized processor (e.g., ASIC) causes the specialized processor to perform the algorithms, methods, and/or steps described in the Figures.
  • aspects of the present disclosure may be described as a process that is depicted as a flowchart, a flow diagram, a structure diagram, or a block diagram. Although a flowchart may describe the operations as a sequential process, many of the operations can be performed in parallel or concurrently. In addition, the order of the operations may be re-arranged.
  • a process is terminated when its operations are completed.
  • a process may correspond to a method, a function, a procedure, a subroutine, a subprogram, etc.
  • a process corresponds to a function
  • its termination corresponds to a return of the function to the calling function or the main function.
  • a storage medium may represent one or more devices for storing data, including read-only memory (ROM), random access memory (RAM), magnetic disk storage mediums, optical storage mediums, flash memory devices and/or other machine-readable mediums and, processor-readable mediums, and/or computer- readable mediums for storing information.
  • ROM read-only memory
  • RAM random access memory
  • magnetic disk storage mediums magnetic disk storage mediums
  • optical storage mediums flash memory devices and/or other machine-readable mediums and, processor-readable mediums, and/or computer- readable mediums for storing information.
  • the terms “machine-readable medium”, “computer-readable medium”, and/or “processor-readable medium” may include, but are not limited to non-transitory mediums such as portable or fixed storage devices, optical storage devices, and various other mediums capable of storing, containing or carrying instruction(s) and/or data.
  • aspects of the disclosure may be implemented by hardware, software, firmware, middleware, microcode, or any combination thereof.
  • the program code or code segments to perform the necessary tasks may be stored in a machine-readable medium such as a storage medium or other storage(s).
  • a processor may perform the necessary tasks.
  • a code segment may represent a procedure, a function, a subprogram, a program, a routine, a subroutine, a module, a software package, a class, or any combination of instructions, data structures, or program statements.
  • a code segment may be coupled to another code segment or a hardware circuit by passing and/or receiving information, data, arguments, parameters, or memory contents. Information, arguments, parameters, data, etc. may be passed, forwarded, or transmitted via any suitable means including memory sharing, message passing, token passing, network transmission, etc.
  • DSP digital signal processor
  • ASIC application specific integrated circuit
  • FPGA field programmable gate array
  • a general purpose processor may be a microprocessor, but in the alternative, the processor may be any conventional processor, controller, microcontroller, or state machine.
  • a processor may also be implemented as a combination of computing components, e.g., a combination of a DSP and a microprocessor, a number of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other such configuration.
  • a software module may reside in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art.
  • a storage medium may be coupled to the processor such that the processor can read information from, and write information to, the storage medium. In the alternative, the storage medium may be integral to the processor.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Technology Law (AREA)
  • Multimedia (AREA)
  • Computer Hardware Design (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Semiconductor Integrated Circuits (AREA)
  • Tests Of Electronic Circuits (AREA)

Abstract

A method and apparatus are provided for generating a unique identifier. One or more tests are performed over one or more data-dependent circuit paths for one or more circuits. The one or more tests are then repeated over the one or more data-dependent circuit paths for the one or more circuits while adjusting an operating frequency and/or operating voltage for each of the one or more circuits. A threshold frequency and/or threshold voltage is ascertained for each of the one or more data-dependent circuit paths. An identifier may then be generated based on a plurality of the threshold frequencies and/or threshold voltages ascertained for the one or more data-dependent circuit paths.

Description

UNIQUE AND UNCLONABLE PLATFORM IDENTIFIERS USING DATA- DEPENDENT CIRCUIT PATH RESPONSES
Claim of Priority under 35 U.S.C. §119
[0001] The present application claims priority to U.S. Provisional Application No. 61/740,333 entitled "Unique and Unclonable Platform Identifiers Using Data- Dependent Circuit Path Responses", filed December 20, 2012, which is hereby expressly incorporated by reference herein.
Field
[0002] Various features relate to generating unique and unclonable identifiers, and more specifically, to an identifier that is based on the intrinsic characteristics of a physical circuit or component.
Background
[0003] Software protection is a family of computer security techniques that are used to prevent the unauthorized copying of software. In other words, software must be able to determine whether the user is properly licensed to use it, and run only if this is the case.
[0004] Another problem related to software protection is how to identify whether the chip (e.g., semiconductor device) or platform, on which the software is running, is a counterfeit chip. Counterfeit chips have proliferated and are a risk to the electronics supply chain. The product fallout from counterfeit semiconductors can range from small problems like dropped calls to much larger issues. Consequently, identifying and restricting the usage of counterfeit chips in the electronics supply chain is vital.
[0005] One of the biggest challenges for software intellectual property and content protection is to make the protected software be able to identify the hardware platform on which it is running. There is a need to design a zero-cost solution which does not need to add extra logic to the existing chip designs and could even be applied to the already manufactured chips.
[0006] Therefore, a solution is needed that allows software to uniquely identify a hardware platform in which it is running without the need for extra logic and/or identification specific circuit components. SUMMARY
[0007] A method operational in a processing circuit is provided for generating a unique identifier. One or more tests may be performed over one or more data- dependent circuit paths for one or more circuits. In various examples, the one or more circuits may be: (a) general purpose computational components, (b) non-identifier specific computational components, and/or (c) non-storage and/or non-memory circuits. In other examples, the one or more circuits may include at least one of: (a) one or more internal computational components; (b) one or more external computational components; and/or (c) a combination of internal and external computational components.
[0008] The one or more tests may be repeated over the one or more data-dependent circuit paths for the one or more circuits while adjusting an operating frequency and/or operating voltage for each of the one or more circuits. The operating frequency and/or operating voltage are adjusted by at least one of: (a) increasing the operating frequency on each iteration of the test; (b) decreasing the operating voltage on each iteration of the test; and/or (c) adjusting a combination of the operating frequency and operating voltage on each iteration of the test.
[0009] A threshold frequency and/or threshold voltage may be ascertained for each of the one or more data-dependent circuit paths. In one example, the threshold frequency may be the frequency at which a test over a given data-dependent circuit path provides an incorrect response to the test. In another example, the threshold frequency may be the frequency at which an expected response to a test over a given data- dependent circuit path changes to an unexpected response.
[0010] An identifier may then be generated based on a plurality of the threshold frequencies and/or threshold voltages ascertained for the one or more data-dependent circuit paths. In one example, the identifier may be associated with a platform which includes the processing circuit. In another example, the method may further (a) associate a software application installation to the identifier; and/or (b) bind execution of the software application on the processing circuit to successful verification of the identifier. Successful verification of the identifier may compare an original instance of the identifier to a subsequent generated instance of the identifier to ascertain that they are the same. In some examples, the identifier may be based on: (a) two or more threshold frequencies and/or threshold voltages for two or more different circuit paths for one circuit, or (b) two or more threshold frequencies and/or threshold voltages for two or more different circuit paths for two or more different circuits. The identifier may be stored for subsequent verification. During a verification process, a previously stored identifier may be retrieved. The generated identifier may then be compared to the previously stored identifier to ascertain whether they are the same.
[0011] An apparatus comprising one or more circuits coupled to a processing circuit may be provided for generating a unique identifier. The processing circuit may be adapted to: (a) perform one or more tests over one or more data-dependent circuit paths of one or more circuits; (b) repeat the one or more tests over the one or more data- dependent circuit paths for the one or more circuits while adjusting an operating frequency and/or operating voltage for each of the one or more circuits; (c) ascertain a threshold frequency and/or threshold voltage for each of the one or more data-dependent circuit paths; and/or (d) generate an identifier based on a plurality of the threshold frequencies and/or threshold voltages ascertained for the one or more data-dependent circuit paths.
[0012] In one example, the identifier may be associated with a platform which includes the processing circuit. In another example, a software application installation may be associated to the identifier, and execution of the software application on the processing circuit is bound to successful verification of the identifier. Successful verification of the identifier may compare an original instance of the identifier to a subsequent generated instance of the identifier to ascertain that they are the same.
[0013] In various examples, the one or more circuits may be: (a) general purpose computational components, (b) non-identifier specific computational components, and/or non- storage and/or non-memory circuits.
[0014] The operating frequency and/or operating voltage may be adjusted by at least one of: (a) increasing the operating frequency on each iteration of the test; (b) decreasing the operating voltage on each iteration of the test; and/or (c) adjusting a combination of the operating frequency and operating voltage on each iteration of the test.
[0015] The one or more circuits may include at least one of: (a) one or more internal computational components, (b) one or more external computational components; and/or (c) a combination of internal and external computational components. [0016] The threshold frequency may be the frequency at which: (a) a test over a given data-dependent circuit path provides an incorrect response to the test, and/or (b) an expected response to a test over a given data-dependent circuit path changes to an unexpected response.
[0017] The identifier may be based on: (a) two or more threshold frequencies and/or threshold voltages for two or more different circuit paths for one circuit, and/or (b) two or more threshold frequencies and/or threshold voltages for two or more different circuit paths for two or more different circuits.
DRAWINGS
[0018] Various features, nature and advantages may become apparent from the detailed description set forth below when taken in conjunction with the drawings in which like reference characters identify correspondingly throughout.
[0019] FIG. 1 illustrates a way of extracting an identifier (ID) by utilizing data- dependent circuit path response information for an on-board or off-board component or circuit.
[0020] FIG. 2 illustrates a way of extracting a platform identification (ID) by utilizing data-dependent circuit path response information from multiple on-board or off-board components or circuits.
[0021] FIG. 3 is a table illustrating exemplary results for a set of input vectors at different operating frequencies.
[0022] FIG. 4 is a table illustrating exemplary results for a set of input vectors at different operating voltages.
[0023] FIG. 5 illustrates a table showing exemplary results for a set of input vectors at different operating frequency-voltage pairs.
[0024] FIG. 6 illustrates an exemplary processing circuit which may be adapted to compute a unique and unclonable identifier based on data-dependent circuit paths.
[0025] FIG. 7 illustrates a method for computing a unique and unclonable platform identifier (ID) by utilizing data-dependent circuit path response information for one or more on-board and/or off-board components, circuits, and/or semiconductors. DETAILED DESCRIPTION
[0026] In the following description, specific details are given to provide a thorough understanding of the various aspects of the disclosure. However, it will be understood by one of ordinary skill in the art that the aspects may be practiced without these specific details. For example, circuits may be shown in block diagrams in order to avoid obscuring the aspects in unnecessary detail. In other instances, well-known circuits, structures and techniques may not be shown in detail in order not to obscure the aspects of the disclosure.
[0027] The word "exemplary" is used herein to mean "serving as an example, instance, or illustration." Any implementation or aspect described herein as "exemplary" is not necessarily to be construed as preferred or advantageous over other aspects of the disclosure. Likewise, the term "aspects" does not require that all aspects of the disclosure include the discussed feature, advantage or mode of operation.
Overview
[0028] A first aspect provides for using the unique characteristics inherent in each semiconductor circuit to generate a unique and unclonable platform identifier which can be extracted by the software at runtime and can be used to judge whether the software is running on the expected or intended semiconductor circuit or whether it is instead running on a simulator environment or a counterfeit platform. Due to the variations in semiconductor manufacturing, the same circuit path in two instances of the same semiconductor circuit may have a different response (e.g., path delay, frequency response, voltage response, etc.). For example, the threshold frequency for stable operation for each data-dependent path of the same design (but in different semiconductor circuits) may vary. These variations among semiconductor circuits with the same design may be exploited/used to characterize each semiconductor circuit and generate a unique and unclonable identifier.
[0029] A second aspect provides for generating and applying different input vectors to simulate different data-dependent circuit paths and then extracting the frequency characteristics for each data-dependent circuit path. In one example, a set of instructions may use a given input to perform various operations (e.g., different mathematical operations, etc.). Depending on the input used, the operations performed may use different circuit paths (i.e., data-dependent paths). Thus, the input vectors may serve to introduce a plurality of data-dependent paths that can be characterized to generate the unique and unclonable platform identifier. By using a plurality of input vectors, each data-dependent circuit path tested repeatedly until the results for each circuit path become unstable (e.g., the test results change from previous tests or are incorrect). The last known stable voltage/frequency for each pre-defined test is used to generate the unique identifier.
[0030] A third aspect provides for characterizing data-dependent circuit paths among a plurality of different semiconductor circuits, and/or over multiple internal and/or external sub-circuits or components. The characterization of two or more data- dependent circuit paths in different semiconductor circuits, sub-circuits, and/or components is then used to generate the unique and unclonable identifier.
Exemplary Generation of Unique and Unclonable Identifier
[0031] A mechanism is provided for generating a unique and unclonable identifier for a hardware device based on intrinsic variations of physical components (e.g., semiconductor devices, electrical paths, electrical components, etc.) and the use of data- dependent circuit paths. For instance, when multiple semiconductor devices are manufactured, the complex semiconductor process introduces slight variations that are beyond the control of the manufacturer or designer. Even if two semiconductor devices are manufactured from the same silicon wafer, electrical wires/paths designed to be the same will probably differ in width by a few nanometers. Microscopic differences in the surface of the silicon may also induce almost trivial variations in the curvature of electrical paths. Additionally, soldering of the semiconductor devices on a printed circuit board may cause differences in capacitances/impedance, etc. As these unique characteristics are uncontrollable and inherent to a physical component (e.g., semiconductor device), quantifying them can produce an intrinsic, unique and unclonable identifier. Additionally, one or more data-dependent circuit paths (e.g., through one or more semiconductor devices) are used to further improve the uniqueness of the identifier.
[0032] The present approach may provide a zero-cost solution which does not need to add extra logic (e.g., circuit components, transistors, etc.) to a semiconductor design and may even be applicable to the already manufactured semiconductor devices. [0033] FIG. 1 illustrates a way of extracting an identifier (ID) by utilizing data- dependent circuit path response information for an on-board or off-board component or circuit. In this example, the component or circuit 104 is being tested by an identifier generating module comprising input vectors 102 and an identifier generator 106. According to a few examples, the component or circuit may include: (a) a printed circuit board with electrically passive and active components, (b) a semiconductor device, and/or (c) a processing device. The component or circuit 104 may be dynamically configurable by adjusting its operating frequency 118 and/or its operating voltage 120.
[0034] As illustrated here, the component or circuit 104 may include multiple data- dependent circuit-paths A 114, B 116, C 118, and D 120. For example, the component or circuit 104 may be a signal processor, an arithmetic module, etc., that performs operations differently depending on the input data provided. For instance, additions and multiplication operations may take different paths in an arithmetic module. Additionally, an addition operation of larger numbers may take a different path than an addition operation of smaller numbers. Such "path" may refer to, for example, the transistor(s) and/or electrical traces through with a particular operation is performed in the component or circuit 104.
[0035] The input vectors 102 may include one or more instructions and/or data input that cause certain operations and/or computations to be performed by the component or circuit 104. Various examples of an input vector may include performing the operations: D1+D2, DlxD2, D1/D2, log(Dl), bitwise Dl AND D2, Dl XOR D2, among other more complex operations on Dl and/or D2, where Dl and D2 are data inputs (e.g., numbers, bit strings, etc.). The input vectors may be any control signals or configurations that make a component run in different modes of operations.
[0036] A single input vector may be performed several times as an operating frequency 110 and/or voltage 112 for the component or circuit 104 is adjusted (e.g., increase frequency or decrease voltage, etc.) in each iteration. After each iteration, a check is performed to make sure the component/circuit 104 is still stable (e.g., providing the expected or correct response/result to the input vector). This process is repeated until a threshold operating frequency (or threshold operating voltage) is identified at which a data-dependent circuit path response/result changes. Once a threshold frequency and/or threshold voltage are identified, execution of that particular input vector on the data-dependent circuit path is ceased or terminated. Such threshold frequency for that particular input vector may then be used (e.g., in combination with the threshold frequencies for one or more other input vectors) to generate an identifier for the component or circuit.
[0037] The threshold frequency and/or threshold voltage may be ascertained in a number of ways. In a first example, the operating frequency 110 is incrementally increased while the operating voltage 112 is kept fixed. The threshold voltage and/or threshold frequency are those at which the response/result to the input vector changes or is incorrect.
[0038] In a second example, the operating voltage 112 is incrementally decreased, causing a corresponding decrease of the operating frequency 110. For instance, the operating voltage 112 may be incrementally reduced (decreased) each iteration of an input vector until the results/response changes. Note that as the operating voltage 112 is reduced, this may also reduce the operating frequency. The last minimum voltage (or resulting operating frequency) which provides the correct result/response for a particular input vector is used (e.g., in combination with the minimum voltage for one or more other input vectors) to generate an identifier for the component or circuit.
[0039] In a third example, the operating voltage 112 is incrementally decreased, while the operating frequency 110 is incrementally increased. For instance, a combination of both frequency and voltage may be adjusted (e.g., according to a predefined frequency/voltage pairing) until a threshold frequency/voltage is identified (e.g., frequency/ voltage pair at which a particular data path becomes unstable).
[0040] The identifier generator 106 may keep track of the maximum stable operating frequency (or lowest stable operating voltage) for each test vector and then uses these to compute the unique and unclonable identifier for the component, circuit, or semiconductor.
[0041] In one example, the maximum operating frequency of a component, circuit, or semiconductor may be determined by the longest (critical) circuit path delay (e.g., a series of different gates or logic devices connected in a chain with a maximum latency). This also means that the component, circuit, or semiconductor has shorter paths with different path delays which are dependent on the data values it computes in a particular test vector. Due to the influence of semiconductor process variations to the circuit path delay, the maximum frequency/minimum voltage of each data-dependent critical path of the same design but in different components, circuits, or semiconductors will have random variations. This also implies that the characterization of these maximum frequency (or lowest voltage) information of each data-dependent circuit path is good source of identification information for a particular component, circuit, and/or semiconductor.
[0042] In some implementations, the data-dependent circuit paths may be dynamic circuit paths that receive an input and provide an output. So, they are non-storage and/or non-memory circuit paths.
[0043] FIG. 2 illustrates a way of extracting a platform identification (ID) by utilizing data-dependent circuit path response information from multiple on-board or off-board components or circuits. This aspect operates similar to the approach describe in FIG. 1 but with a plurality components or circuits 204, 206, and 208 being used to run one or more input vectors 202. For each component or circuit 204, 206, and 208, an input vector may be run while iteratively adjusting the corresponding operating voltage and/or operating frequency for each component or circuit 204, 206, and 208.
[0044] In one implementation, the operating frequency of a first component or circuit 204 may be increased to ascertain the maximum stable frequency for one or more data- dependent paths in the first component or circuit 204. Meanwhile, the operating voltage of a second component or circuit 206 may be decreased to ascertain the minimum stable voltage for one or more data-dependent paths in the second component or circuit 206. Similarly, the operating frequency/voltage pair of a third component or circuit 208 may be adjusted to ascertain a threshold stable frequency/voltage pair for one or more data- dependent paths in the third component or circuit 208. The identifier generator may then use this response information for the plurality of components or circuits 204, 206, and 208 to compute a unique and unclonable intrinsic identifier for the platform (e.g., combination of components or circuits).
[0045] FIG. 3 is a table illustrating exemplary results for a set of input vectors at different operating frequencies. These input vectors may have been performed on one or more components, circuits, and/or semiconductor devices. Each of the input vectors (e.g., test-a, test-b, test-c, test-d) may be iteratively executed as the operating frequency is incrementally adjusted (e.g., increased) across one or more frequencies Freq-A, Freq- B, Freq-C, Freq-D, Freq-E, and/or Freq-F. As can be appreciated, depending on the data-dependent circuit path for each input vector, the input vector may Pass or Fail up to a maximum/threshold operating frequency. A Pass means that the data-dependent circuit path provided the expected or correct response to the input vector at a particular operating frequency. A Fail means that the data-dependent circuit path provided an incorrect, unexpected, or changed response to the input vector at a particular operating frequency. For example, in test-c, the transition from Pass to Fail occurs between Freq- C and Freq-D. Thus, the threshold frequency may be selected as either Freq-C or Freq- D. This threshold frequency at which an input vector transitions from Pass to Fail may be recorded and used to generate a unique and unclonable identifier associated with a platform.
[0046] FIG. 4 is a table illustrating exemplary results for a set of input vectors at different operating voltages. These input vectors may have been performed on one or more components, circuits, and/or semiconductor devices. Each of the input vectors (e.g., test-a, test-b, test-c, test-d) may be iteratively executed as the operating voltage is incrementally adjusted (e.g., decreased) across one or more voltages Volt-A, Volt-B, Volt-C, Volt-D, Volt-E, and/or Volt-F. As can be appreciated, depending on the data- dependent circuit path for each input vector, the input vector may Pass or Fail down to a minimum/threshold operating voltage. A Pass means that the data-dependent circuit path provided the expected or correct response to the input vector at a particular operating voltage. A Fail means that the data-dependent circuit path provided an incorrect, unexpected, or changed response to the input vector at a particular operating voltage. For example, in test-a, the transition from Pass to Fail occurs between Volt-D and Volt-E. Thus, the threshold voltage may be selected as either Volt-D or Volt-E. This threshold voltage at which an input vector transitions from Pass to Fail may be recorded and used to generate a unique and unclonable identifier associated with a platform.
[0047] FIG. 5 illustrates a table showing exemplary results for a set of input vectors at different operating frequency-voltage pairs. These input vectors may have been performed on one or more components, circuits, and/or semiconductor devices. Each of the input vectors (e.g., test-a, test-b, test-c, test-d) may be iteratively executed as the operating frequency/voltage pair is incrementally adjusted (e.g., increased or decreased) across one or more frequency/voltage pairs Freq/Volt-A, Freq/Volt-B, Freq/Volt-C, Freq/Volt-D, Freq/Volt-E, and/or Freq/Volt-F. As can be appreciated, depending on the data-dependent circuit path for each input vector, the input vector may Pass or Fail up to a threshold operating frequency-voltage pair. A Pass means that the data-dependent circuit path provided the expected or correct response to the input vector at a particular operating frequency/voltage pair. A Fail means that the data-dependent circuit path provided an incorrect, unexpected, or changed response to the input vector at a particular operating frequency/voltage pair. For example, in test-d, the transition from Pass to Fail occurs between Freq/Volt-B and Freq/Volt-C. Thus, the threshold frequency/voltage pair may be selected as either Volt-B or Volt-C. This threshold frequency/voltage pair at which an input vector transitions from Pass to Fail may be recorded and used to generate a unique and unclonable identifier associated with a platform.
[0048] FIG. 6 illustrates an exemplary processing circuit which may be adapted to compute a unique and unclonable identifier based on data-dependent circuit paths. In one example, the processing circuit 602 may be coupled to an external storage device 604 containing instructions to effectuate generation of a unique identifier based on characteristics for one or more data-dependent circuit paths. In another example, the storage device 604 may be integrated with the processing circuit 602 to effectuate generation of the unique identifier based on characteristics for one or more data- dependent circuit paths. The processing circuit 602 may also include a programmable frequency module 622 (e.g., clock generator, etc.) that permits adjusting an operating frequency for one or more internal sub-circuits 610, 612, and/or 614 and/or one or more external components 616, 618, and 620. Additionally, the processing circuit 602 may also include a programmable voltage module 624 that permits adjusting an operating voltage for the one or more internal sub-circuits 610, 612, and/or 614 and/or the one or more external components 616, 618, and 620.
[0049] The processing circuit 602 may include or obtain one or more instructions from the storage device 604 to ascertain data-dependent path response information for the one or more internal sub-circuits 610, 612, and/or 614 and/or the one or more external components 616, 618, and 620. One or more input vectors 606 may be used by the processing circuit to execute or perform one or more operations on the sub-circuits 610, 612, 614, and/or components 616, 618, 620. These input vectors may be run multiple times while incrementally adjusting the operating frequency and/or operating voltage of each of the sub-circuits 610, 612, 614 or components 616, 618, and 620 being tested until a threshold frequency and/or threshold voltage is ascertained for each data- dependent circuit path. An identifier generator 608 then uses the resulting threshold frequencies and/or threshold voltages for a plurality of the data-dependent paths tested to generate a unique identifier 622.
[0050] In one example, the unique identifier is associated with a platform which includes the processing circuit 602, the internal/external circuits 610, 612, 614 and/or the components 616, 618, and 620.
[0051] In another example, the unique identifier is associated with a software application installation or execution on the processing circuit.
[0052] In yet another example, execution of a software application on the processing circuit 602 may be bound to successful verification of the unique identifier. For instance, every time the software application is executed, a verification is performed to ascertain that it is still being executed on the same platform as when it was installed based on the unique identifier. Successful verification of the unique identifier may compare an original instance of the unique identifier to a subsequent generated instance of the unique identifier to ascertain that they are the same.
[0053] FIG. 7 illustrates a method for computing a unique and unclonable platform identifier (ID) by utilizing data-dependent circuit path response information for one or more on-board and/or off-board components, circuits, and/or semiconductors. One or more tests (e.g., input vectors, computational operations, etc.) may be performed on one or more data-dependent circuit paths for one or more circuits 702. Note that the one or more circuits may not be identifier-specific circuits, but rather general purpose circuits. In some instances, the one or more circuits are non-storage and/or non-memory circuits.
[0054] The one or more tests may be repeated over the one or more data-dependent circuit paths for the one or more circuits while adjusting an operating frequency and/or voltage for each of the one or more circuits 704. For instance, the operating frequency for each of the one or more circuits may be increased and/or the operating voltage for the one or more circuits may be decreased. A threshold frequency and/or voltage may be ascertained for each of the one or more data-dependent circuit paths 706. For example, such threshold frequency or voltage may be the maximum frequency or minimum voltage at which a particular test starts to fail (e.g., the result/response changes).
[0055] An identifier may then be generated based on a plurality of the threshold frequencies and/or voltages ascertained for the one or more data-dependent circuit paths 708. In one example, the identifier may be based (e.g., generated) on two or more threshold frequencies and/or threshold voltages for two or more different circuit paths for one circuit. In another example, the identifier may be based on two or more threshold frequencies and/or threshold voltages for two or more different circuit paths for two or more different circuits.
[0056] In the case where the identifier is being initially generated, it may be stored (e.g., in non- volatile memory) for subsequent verification 710. For instance, a software application may obtain and store a first identifier when it is installed on a platform, thereby binding the software installation to one or more specific circuits, microprocessors, and/or semiconductor devices for a platform.
[0057] In the case where an identifier is being verified, a previously stored identifier is retrieved 712. The newly generated identifier (from step 708) is then compared to the previously stored identifier to ascertain whether they are the same 714. If they are the same, then it may be concluded that the platform used to generate both the stored identifier and newly generated identifier is the same and verification is successful. Otherwise, if the newly generated identifier and stored identifier are different, verification fails. For instance, on subsequent start-ups of a software application, it may verify that it is still being executed on its original platform by verifying a newly generated identifier to a previously stored identifier, thereby binding the software installation to one or more specific circuits, microprocessors, and/or semiconductor devices for the platform.
[0058] Two exemplary implementation scenarios may be defined on a system-on-chip platform. In a first example, a processor with platform identifier extraction control software, a programmable clock generator, and an on-chip computational component coupled to an on-chip bus in communication with the processor. The on-chip computational component may provide one or more data-dependent circuit paths that can be used by the identifier extraction control software to generate an identifier. In a second example, a processor with platform identifier extraction control software, a programmable clock generator, and an off-chip computational component in communication with the processor. Here, the off-chip computational component may provide one or more data-dependent circuit paths that can be used by the identifier extraction control software to generate an identifier.
[0059] In both exemplary implementation scenarios, the processor may operate at a designated frequency in a stable state and it will execute several steps. First, the control software may be run/executed with a collection of the test (input) vectors which can address different data-dependent circuit paths to test the on/off-chip computational components at first operating frequency. Second, the control software may then be run/executed with the test (while) vectors while at the same time the clock frequency generator is adjusted to increase or decrease the clock frequency (e.g., operating frequency) supplied to the computational component under test until a threshold frequency (e.g., maximum frequency) for each data-dependent circuit path is ascertained and/or recorded. A comparison and quantization procedure may then be used to generate the unique identifier, which may also be a platform identifier. If the platform has multiple on-chip and/or off-chip computational components, multiple extracted identifiers can be combined into a single platform identifier.
[0060] This approach may be applicable to existing processors, semiconductors, and/or chips, many of which already have flexible clock frequency control mechanism enabled for low power consumption. Additionally, this approach for generating a unique identifier is bound to the hardware does not need to use external expensive testing setups and procedures. Moreover, there is no need to revise current chip design by adding extra hardware logic and its function can be enabled by software requests, so it is a zero-cost solution.
[0061] One or more of the components, steps, features, and/or functions illustrated in the Figures may be rearranged and/or combined into a single component, step, feature or function or embodied in several components, steps, or functions. Additional elements, components, steps, and/or functions may also be added without departing from the invention. The apparatus, devices, and/or components illustrated in the Figures may be configured to perform one or more of the methods, features, or steps described in the Figures. The algorithms described herein may also be efficiently implemented in software and/or embedded in hardware.
[0062] Moreover, in one aspect of the disclosure, the processing circuit(s) illustrated in the Figures may be a specialized processor (e.g., an application specific integrated circuit (e.g., ASIC)) that is specifically designed and/or hard- wired to perform the algorithms, methods, and/or steps described in the Figures. Thus, such a specialized processor (e.g., ASIC) may be one example of a means for executing the algorithms, methods, and/or steps described in the Figures. The computer-readable storage medium may also store processor readable instructions that when executed by a specialized processor (e.g., ASIC) causes the specialized processor to perform the algorithms, methods, and/or steps described in the Figures.
[0063] Also, it is noted that the aspects of the present disclosure may be described as a process that is depicted as a flowchart, a flow diagram, a structure diagram, or a block diagram. Although a flowchart may describe the operations as a sequential process, many of the operations can be performed in parallel or concurrently. In addition, the order of the operations may be re-arranged. A process is terminated when its operations are completed. A process may correspond to a method, a function, a procedure, a subroutine, a subprogram, etc. When a process corresponds to a function, its termination corresponds to a return of the function to the calling function or the main function.
[0064] Moreover, a storage medium may represent one or more devices for storing data, including read-only memory (ROM), random access memory (RAM), magnetic disk storage mediums, optical storage mediums, flash memory devices and/or other machine-readable mediums and, processor-readable mediums, and/or computer- readable mediums for storing information. The terms "machine-readable medium", "computer-readable medium", and/or "processor-readable medium" may include, but are not limited to non-transitory mediums such as portable or fixed storage devices, optical storage devices, and various other mediums capable of storing, containing or carrying instruction(s) and/or data. Thus, the various methods described herein may be fully or partially implemented by instructions and/or data that may be stored in a "machine-readable medium", "computer-readable medium", and/or "processor-readable medium" and executed by one or more processors, machines and/or devices.
[0065] Furthermore, aspects of the disclosure may be implemented by hardware, software, firmware, middleware, microcode, or any combination thereof. When implemented in software, firmware, middleware or microcode, the program code or code segments to perform the necessary tasks may be stored in a machine-readable medium such as a storage medium or other storage(s). A processor may perform the necessary tasks. A code segment may represent a procedure, a function, a subprogram, a program, a routine, a subroutine, a module, a software package, a class, or any combination of instructions, data structures, or program statements. A code segment may be coupled to another code segment or a hardware circuit by passing and/or receiving information, data, arguments, parameters, or memory contents. Information, arguments, parameters, data, etc. may be passed, forwarded, or transmitted via any suitable means including memory sharing, message passing, token passing, network transmission, etc.
[0066] The various illustrative logical blocks, modules, circuits, elements, and/or components described in connection with the examples disclosed herein may be implemented or performed with a general purpose processor, a digital signal processor (DSP), an application specific integrated circuit (ASIC), a field programmable gate array (FPGA) or other programmable logic component, discrete gate or transistor logic, discrete hardware components, or any combination thereof designed to perform the functions described herein. A general purpose processor may be a microprocessor, but in the alternative, the processor may be any conventional processor, controller, microcontroller, or state machine. A processor may also be implemented as a combination of computing components, e.g., a combination of a DSP and a microprocessor, a number of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other such configuration.
[0067] The methods or algorithms described in connection with the examples disclosed herein may be embodied directly in hardware, in a software module executable by a processor, or in a combination of both, in the form of processing unit, programming instructions, or other directions, and may be contained in a single device or distributed across multiple devices. A software module may reside in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, a removable disk, a CD-ROM, or any other form of storage medium known in the art. A storage medium may be coupled to the processor such that the processor can read information from, and write information to, the storage medium. In the alternative, the storage medium may be integral to the processor. [0068] Those of skill in the art would further appreciate that the various illustrative logical blocks, modules, circuits, and algorithm steps described in connection with the aspects disclosed herein may be implemented as electronic hardware, computer software, or combinations of both. To clearly illustrate this interchangeability of hardware and software, various illustrative components, blocks, modules, circuits, and steps have been described above generally in terms of their functionality. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the overall system.
[0069] The various features of the invention described herein can be implemented in different systems without departing from the invention. It should be noted that the foregoing aspects of the disclosure are merely examples and are not to be construed as limiting the invention. The description of the aspects of the present disclosure is intended to be illustrative, and not to limit the scope of the claims. As such, the present teachings can be readily applied to other types of apparatuses and many alternatives, modifications, and variations will be apparent to those skilled in the art.

Claims

CLAIMS WHAT IS CLAIMED IS:
1. A method operational in a processing circuit for generating a unique identifier, comprising:
performing one or more tests over one or more data-dependent circuit paths for one or more circuits;
repeating the one or more tests over the one or more data-dependent circuit paths for the one or more circuits while adjusting an operating frequency and/or operating voltage for each of the one or more circuits;
ascertaining a threshold frequency and/or threshold voltage for each of the one or more data-dependent circuit paths; and
generating an identifier based on a plurality of the threshold frequencies and/or threshold voltages ascertained for the one or more data-dependent circuit paths.
2. The method of claim 1, wherein the identifier is associated with a platform which includes the processing circuit.
3. The method of claim 1, further comprising:
associating a software application installation to the identifier; and
binding execution of the software application on the processing circuit to succesfull verification of the identifier.
4. The method of claim 3, wherein successful verification of the identifier
compares an original instance of the identifier to a subsequent generated instance of the identifier to ascertain that they are the same.
5. The method of claim 1, wherein the one or more circuits are general purpose computational components.
6. The method of claim 1, wherein the one or more circuits are non- identifier specific computational components.
7. The method of claim 1, wherein the one or more circuits are non-storage and/or non-memory circuits.
8. The method of claim 1, wherein the operating frequency and/or operating voltage are adjusted by at least one of:
increasing the operating frequency on each iteration of the test;
decreasing the operating voltage on each iteration of the test; and/or
adjusting a combination of the operating frequency and operating voltage on each iteration of the test.
9. The method of claim 1, wherein the one or more circuits include at least one of: one or more internal computational components;
one or more external computational components; and/or
a combination of internal and external computational components.
10. The method of claim 1, wherein the threshold frequency is the frequency at which a test over a given data-dependent circuit path provides an incorrect response to the test.
11. The method of claim 1, wherein the threshold frequency is the frequency at which an expected response to a test over a given data-dependent circuit path changes to an unexpected response.
12. The method of claim 1, wherein the identifier is based on:
two or more threshold frequencies and/or threshold voltages for two or more different circuit paths for one circuit.
13. The method of claim 1, wherein the identifier is based on:
two or more threshold frequencies and/or threshold voltages for two or more different circuit paths for two or more different circuits.
14. The method of claim 1, further comprising:
storing the identifier for subsequent verification.
15. The method of claim 1, further comprising:
retrieving a previously stored identifier; and
comparing the generated identifier to the previously stored identifier to ascertain whether they are the same.
16. An apparatus, comprising:
one or more circuits;
a processing circuit coupled to the one or more circuits, the processing circuit adapted to:
perform one or more tests over one or more data-dependent circuit paths of one or more circuits;
repeat the one or more tests over the one or more data-dependent circuit paths for the one or more circuits while adjusting an operating frequency and/or operating voltage for each of the one or more circuits; ascertain a threshold frequency and/or threshold voltage for each of the one or more data-dependent circuit paths; and
generate an identifier based on a plurality of the threshold frequencies and/or threshold voltages ascertained for the one or more data-dependent circuit paths.
17. The apparatus of claim 16, wherein the identifier is associated with a platform which includes the processing circuit.
18. The apparatus of claim 16, wherein the processing circuit is further adapted to: associate a software application installation to the identifier; and
bind execution of the software application on the processing circuit to successful verification of the identifier.
19. The apparatus of claim 18, wherein successful verification of the identifier
compares an original instance of the identifier to a subsequent generated instance of the identifier to ascertain that they are the same.
20. The apparatus of claim 16, wherein the one or more circuits are general purpose computational components.
21. The apparatus of claim 16, wherein the one or more circuits are non- identifier specific computational components.
22. The apparatus of claim 16, wherein the one or more circuits are non-storage and/or non-memory circuits.
23. The apparatus of claim 16, wherein the operating frequency and/or operating voltage are adjusted by at least one of:
increasing the operating frequency on each iteration of the test;
decreasing the operating voltage on each iteration of the test; and/or
adjusting a combination of the operating frequency and operating voltage on each iteration of the test.
24. The apparatus of claim 16, wherein the one or more circuits include at least one of:
one or more internal computational components;
one or more external computational components; and/or
a combination of internal and external computational components.
25. The apparatus of claim 16, wherein the threshold frequency is the frequency at which a test over a given data-dependent circuit path provides an incorrect response to the test.
26. The apparatus of claim 16, wherein the threshold frequency is the frequency at which an expected response to a test over a given data-dependent circuit path changes to an unexpected response.
27. The apparatus of claim 16, wherein the identifier is based on: two or more threshold frequencies and/or threshold voltages for two or more different circuit paths for one circuit.
28. The apparatus of claim 16, wherein the identifier is based on:
two or more threshold frequencies and/or threshold voltages for two or more different circuit paths for two or more different circuits.
29. An apparatus, comprising:
means for performing one or more tests over one or more data-dependent circuit paths for one or more circuits;
means for repeating the one or more tests over the one or more data-dependent circuit paths for the one or more circuits while adjusting an operating frequency and/or operating voltage for each of the one or more circuits;
means for ascertaining a threshold frequency and/or threshold voltage for each of the one or more data-dependent circuit paths; and
means for generating an identifier based on a plurality of the threshold frequencies and/or threshold voltages ascertained for the one or more data-dependent circuit paths.
30. The apparatus of claim 29, wherein the operating frequency and/or voltage are adjusted by at least one of:
increasing the operating frequency on each iteration of the test;
decreasing the operating voltage on each iteration of the test; and/or
adjusting a combination of the operating frequency and operating voltage on each iteration of the test.
31. The apparatus of claim 29, wherein the one or more circuits include one of: one or more internal computational components;
one or more external computational components; or
a combination of internal and external computational components.
32. The apparatus of claim 29, wherein the threshold frequency and/or threshold voltage is the frequency and/or voltage, respectively, at which an expected response to a test over a given data-dependent circuit path changes to an unexpected response.
33. The apparatus of claim 29, wherein the identifier is based on:
two or more threshold frequencies and/or voltages for two or more different circuit paths for at least one circuit.
34. A machine-readable storage medium having instructions stored thereon, which when executed by at least one processor causes the at least one processor to:
perform one or more tests over one or more data-dependent circuit paths for one or more circuits;
repeat the one or more tests over the one or more data-dependent circuit paths for the one or more circuits while adjusting an operating frequency and/or operating voltage for each of the one or more circuits;
ascertain a threshold frequency and/or threshold voltage for each of the one or more data-dependent circuit paths; and
generate an identifier based on a plurality of the threshold frequencies and/or threshold voltages ascertained for the one or more data-dependent circuit paths.
35. The machine-readable storage medium of claim 34, wherein the operating frequency and/or voltage are adjusted by at least one of:
increasing the operating frequency on each iteration of the test;
decreasing the operating voltage on each iteration of the test; and/or
adjusting a combination of the operating frequency and operating voltage on each iteration of the test.
36. The machine-readable storage medium of claim 34, wherein the one or more circuits include one of:
one or more internal computational components;
one or more external computational components; or
a combination of internal and external computational components.
PCT/US2013/077049 2012-12-20 2013-12-20 Unique and unclonable platform identifiers using data-dependent circuit path responses WO2014100647A1 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
KR1020157018765A KR101773490B1 (en) 2012-12-20 2013-12-20 Unique and unclonable platform identifiers using data-dependent circuit path responses
CN201380064280.6A CN104854465B (en) 2012-12-20 2013-12-20 The unique and not imitability land identification responded using data dependencies circuit paths is accorded with
JP2015549795A JP6096930B2 (en) 2012-12-20 2013-12-20 Unique and non-clonal platform identifier using data-dependent circuit path response
EP13828961.6A EP2923214B1 (en) 2012-12-20 2013-12-20 Unique and unclonable platform identifiers using data-dependent circuit path responses

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US201261740333P 2012-12-20 2012-12-20
US61/740,333 2012-12-20
US13/752,215 2013-01-28
US13/752,215 US9449153B2 (en) 2012-12-20 2013-01-28 Unique and unclonable platform identifiers using data-dependent circuit path responses

Publications (1)

Publication Number Publication Date
WO2014100647A1 true WO2014100647A1 (en) 2014-06-26

Family

ID=50976391

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2013/077049 WO2014100647A1 (en) 2012-12-20 2013-12-20 Unique and unclonable platform identifiers using data-dependent circuit path responses

Country Status (7)

Country Link
US (1) US9449153B2 (en)
EP (1) EP2923214B1 (en)
JP (1) JP6096930B2 (en)
KR (1) KR101773490B1 (en)
CN (1) CN104854465B (en)
TW (1) TWI559162B (en)
WO (1) WO2014100647A1 (en)

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2015031683A1 (en) * 2013-08-28 2015-03-05 Stc.Unm Systems and methods for leveraging path delay variations in a circuit and generating error-tolerant bitstrings
US20160047855A1 (en) * 2014-08-15 2016-02-18 Case Western Reserve University Pcb authentication and counterfeit detection
KR102709350B1 (en) * 2014-12-15 2024-09-23 유엔엠 레인포레스트 이노베이션즈 Reliability enhancement methods for physically unclonable function bitstring generation
EP3046096B1 (en) * 2015-01-15 2022-03-30 Siemens Aktiengesellschaft A protection method of writting encrypted data to a memory device and reading decrypted data from the memory device using the power up of a PUF
EP3535682A4 (en) * 2016-11-04 2020-06-24 Stc.Unm System and methods for entropy and statistical quality metrics
FR3065556B1 (en) * 2017-04-19 2020-11-06 Tiempo ELECTRONIC CIRCUIT SECURE BY DISRUPTION OF ITS POWER SUPPLY.
US10810346B2 (en) 2018-09-28 2020-10-20 Taiwan Semiconductor Manufacturing Co., Ltd. Static voltage drop (SIR) violation prediction systems and methods
DE102019116061A1 (en) 2018-09-28 2020-04-02 Taiwan Semiconductor Manufacturing Co., Ltd. SYSTEMS AND METHODS FOR PREDICTING STATIC VOLTAGE INJURIES
GB201919297D0 (en) 2019-12-24 2020-02-05 Aronson Bill Temperature sensing physical unclonable function (puf) authenication system
US11516028B2 (en) 2019-12-24 2022-11-29 CERA Licensing Limited Temperature sensing physical unclonable function (PUF) authentication system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011086051A1 (en) * 2010-01-18 2011-07-21 Institut Telecom-Telecom Paris Tech Integrated silicon circuit comprising a physically non-reproducible function, and method and system for testing such a circuit
US20110317829A1 (en) * 2010-06-25 2011-12-29 International Business Machines Corporation Physically Unclonable Function Implemented Through Threshold Voltage Comparison

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6161213A (en) * 1999-02-17 2000-12-12 Icid, Llc System for providing an integrated circuit with a unique identification
US7215684B1 (en) * 2000-09-20 2007-05-08 Qualcomm Incorporated Method and apparatus for reducing transmission overhead in a communication system
US7840803B2 (en) * 2002-04-16 2010-11-23 Massachusetts Institute Of Technology Authentication of integrated circuits
JP4524176B2 (en) * 2004-12-17 2010-08-11 パナソニック株式会社 Manufacturing method of electronic device
US8127347B2 (en) 2006-12-29 2012-02-28 02Micro International Limited Virtual firewall
US20110002461A1 (en) * 2007-05-11 2011-01-06 Validity Sensors, Inc. Method and System for Electronically Securing an Electronic Biometric Device Using Physically Unclonable Functions
EP2191410B1 (en) 2007-08-22 2014-10-08 Intrinsic ID B.V. Identification of devices using physically unclonable functions
WO2011047062A1 (en) 2009-10-13 2011-04-21 Tiger's Lair Inc. Protecting electronic systems from counterfeiting and reverse-engineering
JP5354611B2 (en) * 2010-07-29 2013-11-27 独立行政法人産業技術総合研究所 Authenticity judgment method for electronic circuit components
JP5474705B2 (en) * 2010-08-23 2014-04-16 ルネサスエレクトロニクス株式会社 Semiconductor device
TWM443215U (en) 2012-04-19 2012-12-11 C One Technology Corp Portable storage device wit security mechanism and validation system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2011086051A1 (en) * 2010-01-18 2011-07-21 Institut Telecom-Telecom Paris Tech Integrated silicon circuit comprising a physically non-reproducible function, and method and system for testing such a circuit
US20110317829A1 (en) * 2010-06-25 2011-12-29 International Business Machines Corporation Physically Unclonable Function Implemented Through Threshold Voltage Comparison

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
CHI-EN YIN ET AL: "Temperature-aware cooperative ring oscillator PUF", HARDWARE-ORIENTED SECURITY AND TRUST, 2009. HOST '09. IEEE INTERNATIONAL WORKSHOP ON, IEEE, PISCATAWAY, NJ, USA, 27 July 2009 (2009-07-27), pages 36 - 42, XP031520802, ISBN: 978-1-4244-4805-0, DOI: 10.1109/HST.2009.5225055 *
EDWARD SUH G ET AL: "Physical Unclonable Functions for Device Authentication and Secret Key Generation", 2007 44TH ACM/IEEE DESIGN AUTOMATION CONFERENCE : SAN DIEGO, CA, 4 - 8 JUNE 2007, IEEE, PISCATAWAY, NJ, 1 June 2007 (2007-06-01), pages 9 - 14, XP031183294, ISBN: 978-1-59593-627-1 *

Also Published As

Publication number Publication date
EP2923214A1 (en) 2015-09-30
KR101773490B1 (en) 2017-08-31
JP2016510498A (en) 2016-04-07
TWI559162B (en) 2016-11-21
CN104854465B (en) 2018-01-09
CN104854465A (en) 2015-08-19
US20140181986A1 (en) 2014-06-26
US9449153B2 (en) 2016-09-20
KR20150097624A (en) 2015-08-26
EP2923214B1 (en) 2016-10-19
JP6096930B2 (en) 2017-03-15
TW201430605A (en) 2014-08-01

Similar Documents

Publication Publication Date Title
EP2923214B1 (en) Unique and unclonable platform identifiers using data-dependent circuit path responses
JP6377865B2 (en) Integrated circuit identification and dependability verification using ring oscillator-based physical non-replicatable function and age detection circuit
JP6949843B2 (en) Hardware integrity check
US20130191689A1 (en) Functional testing of a processor design
US9954534B2 (en) Methods and circuits for preventing hold time violations
US9971644B2 (en) Serial I/O functional tester
US9858382B2 (en) Computer program product for timing analysis of integrated circuit
US9837170B2 (en) Systems and methods for testing performance of memory modules
US9182943B2 (en) Methods and devices for prime number generation
US11947891B2 (en) Balancing cycle stealing with early mode violations
CN115496021A (en) Automatic testing method, device, chip, equipment and system for system chip
US8352234B2 (en) Model generation based on a constraint and an initial model
JP6062795B2 (en) Semiconductor device
TW201833772A (en) Secure code jump and execution gating
CN112639783B (en) Simultaneous mirror measurement and execution
US20230394209A1 (en) Functional verification flow of obfuscated designs for circuits
TWI553648B (en) Integrated circuit with self-verification function, verification method and method for generating a bist signature adjustment code.
CN117910399A (en) Verification method of reset function and related device
US10230374B1 (en) Methods and circuits for preventing hold violations
US20170351794A1 (en) System and method for verifying the deterministic starting state of a digital device
JP2014182499A (en) Dimm pseudo failure occurrence method and dimm pseudo failure occurrence device

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 13828961

Country of ref document: EP

Kind code of ref document: A1

ENP Entry into the national phase

Ref document number: 2015549795

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

REEP Request for entry into the european phase

Ref document number: 2013828961

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2013828961

Country of ref document: EP

ENP Entry into the national phase

Ref document number: 20157018765

Country of ref document: KR

Kind code of ref document: A