WO2015124673A1 - Integrated circuit with parts activated based on intrinsic features - Google Patents

Integrated circuit with parts activated based on intrinsic features Download PDF

Info

Publication number
WO2015124673A1
WO2015124673A1 PCT/EP2015/053505 EP2015053505W WO2015124673A1 WO 2015124673 A1 WO2015124673 A1 WO 2015124673A1 EP 2015053505 W EP2015053505 W EP 2015053505W WO 2015124673 A1 WO2015124673 A1 WO 2015124673A1
Authority
WO
WIPO (PCT)
Prior art keywords
integrated circuit
enrolment
pattern
generator
configuration
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/EP2015/053505
Other languages
English (en)
French (fr)
Inventor
Fabrice Poulard
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Renesas Electronics Europe Ltd
Original Assignee
Renesas Electronics Europe Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Renesas Electronics Europe Ltd filed Critical Renesas Electronics Europe Ltd
Priority to CN201580019225.4A priority Critical patent/CN106164918B/zh
Priority to JP2016552915A priority patent/JP6695805B2/ja
Priority to US15/120,207 priority patent/US10833878B2/en
Priority to EP15705989.0A priority patent/EP2973198B1/en
Publication of WO2015124673A1 publication Critical patent/WO2015124673A1/en
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3278Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response using physically unclonable functions [PUF]
    • GPHYSICS
    • G09EDUCATION; CRYPTOGRAPHY; DISPLAY; ADVERTISING; SEALS
    • G09CCIPHERING OR DECIPHERING APPARATUS FOR CRYPTOGRAPHIC OR OTHER PURPOSES INVOLVING THE NEED FOR SECRECY
    • G09C1/00Apparatus or methods whereby a given sequence of signs, e.g. an intelligible text, is transformed into an unintelligible sequence of signs by transposing the signs or groups of signs or by replacing them by others according to a predetermined system
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/73Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information by creating or determining hardware identification, e.g. serial numbers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0866Generation of secret information including derivation or calculation of cryptographic keys or passwords involving user or device identifiers, e.g. serial number, physical or biometrical information, DNA, hand-signature or measurable physical characteristics

Definitions

  • the present invention relates to a fixed logic integrated circuit, such as a
  • microcontroller or a system-on-a-chip.
  • featurization can be used to configure a wide variety of different functions and device properties, such as operating voltage, maximum clock operating frequency, memory capacity and availability of a number of peripheral modules, such as communication ports, timers and the like.
  • Featurization offers a cheap and easy way to provide a range of differently-featured integrated circuits having a fixed set of features present on chip from those having a full set of features (herein referred to as “fully-featured integrated circuits”) to others having fewer features (herein referred to as “variants").
  • Featurization involves programming a device configuration file in non-volatile memory which is then used by a feature activation function to enable or disable features. Access to the non-volatile memory may be controlled using a configuration access key which is defined during integrated circuit manufacture. If a programming tool does not have the correct key, then it cannot program the device configuration file.
  • the featurization process can be undermined. For example, if an unauthorized user has access to the key, then they can use a device configuration file to create fully-featured integrated circuits.
  • IP intellectual property
  • FPGA field programmable gate array
  • US 8 427 193 Bi concerns protecting IP cores incorporated into circuit designs implemented in programmable integrated circuits, such as FPGAs.
  • US 8 427 193 Bi concerns protecting IP cores incorporated into circuit designs implemented in programmable integrated circuits, such as FPGAs.
  • 2011/ 113392 Ai describes a method of protecting an IP core.
  • WO 2008/ 125999 A2 describes controlled activation of at least one function in a product or a component such as an FPGA or software module.
  • WO 2009/024913 A2 describes generating a response to a physically unclonable function which is uniquely representative of the identity of a device having challengeable memory, such as an FPGA.
  • GB 2 268 605 A concerns a method of providing functional options to purchasers of computer-type systems, such as a telephone switching system.
  • a fixed logic integrated circuit comprising a unique code generator configured to generate a code having a value which is intrinsically unique to the integrated circuit and an enrolment pattern generator configured to generate an enrolment pattern based on the unique code.
  • the code is preferably generated on demand and is transitory.
  • the integrated circuit may comprise memory for storing remotely-generated enabling data (generated using the enrolment pattern and remotely-stored configuration data).
  • the integrated circuit comprises a configuration file generator configured to generate configuration data using the remotely-generated enabling data and the unique code.
  • the integrated circuit comprises a feature activation module configured to activate and/or disable features of the integrated circuit and/or customise the integrated circuit in dependence upon the configuration data.
  • the term “featurization” is intended to include not only featurization, but also customisation, such as trimming and identity initialization.
  • featurization need not necessarily involve enabling or disabling specific features. However, in certain circumstances, featurization may exclusively involve enabling or disabling specific features, i.e. without any trimming or identity
  • the enrolment pattern preferably contains at least part of the unique code in encrypted form.
  • the unique code generator is preferably a physical unclonable function (PUF).
  • the physical unclonable function may be an SRAM physical unclonable function.
  • the enrolment pattern generator is preferably configured to remove noise from the code.
  • the enrolment pattern generator may be configured to encrypt the enrolment pattern and the integrated circuit may be configured to transmit the enrolment pattern in encrypted form to the external enrolment device.
  • the configuration module may be configured to activate a set of features in dependence upon configuration data.
  • the configuration module is configured to activate a set of peripheral modules (such as universal asynchronous receiver/transmitters (UARTs) or analogue-to-digital converters (ADCs)), in dependence upon the configuration data.
  • peripheral modules such as universal asynchronous receiver/transmitters (UARTs) or analogue-to-digital converters (ADCs)
  • UARTs universal asynchronous receiver/transmitters
  • ADCs analogue-to-digital converters
  • the configuration module may be configured to set a clock speed in dependence upon the configuration data.
  • the feature activation module may be configured to activate a minimum set of features in response to incorrect configuration data.
  • the minimum set of features may include modules which allow featurization.
  • the minimum set of features mainly or only include modules which are only or primarily used in featurization.
  • the unique code generator, the enrolment pattern generator, the configuration file generator and the feature activation module may be included in a minimum set of features.
  • configuration file generator and the feature activation module respective fixed-logic modules preferably comprise fixed-logic modules.
  • the integrated circuit may be a digital integrated circuit.
  • the integrated circuit may include memory.
  • the memory may be volatile memory such as DRAM or SRAM.
  • the memory may be non-volatile memory, such as EPROM, EEPROM, NOR flash or NAND flash.
  • the integrated circuit may be a micro integrated circuit, such as a
  • the integrated circuit may be a microcontroller with embedded Flash memory.
  • the integrated circuit may be a processor without embedded Flash memory.
  • the integrated circuit may be a system- on-a-chip (SoC).
  • SoC system- on-a-chip
  • the integrated circuit may a logic integrated circuit, such as application-specific integrated circuit chip, standard logic or display driver.
  • an enrolment device (which may be implemented in software on a computer system) comprises configuration data for configuring an integrated circuit and an enabling data generator configured to generate enabling data for the integrated circuit using the configuration data and an enrolment pattern generated at the integrated circuit.
  • a system comprising the integrated circuit and the enrolment device.
  • the integrated circuit and the enrolment device may be in secure (i.e. encrypted) communication.
  • the party e.g. a semiconductor foundry
  • sending the enrolment pattern may be authenticated by the enrolment device using a certificate or other authenticating means.
  • a method of enrolling an integrated circuit comprises generating a code having a value which is unique to the integrated circuit.
  • the method comprises generating an enrolment pattern based on the unique code and sending the enrolment pattern to an external enrolment device.
  • the method comprises receiving enabling data from the enrolment device.
  • the method may comprise storing the remotely-generated enabling data on-chip (i.e. on the integrated circuit).
  • the method may comprise storing the remotely-generated enabling data off-chip (i.e. in external memory).
  • the method of enrolling an integrated circuit may be a hardware-implemented method.
  • a method of configuring an integrated circuit comprises generating configuration data using remotely-generated enabling data and a code having a value which is unique to the integrated circuit.
  • the method comprises activating and/or deactivating features of the integrated circuit in dependence upon the configuration data.
  • the method of configuring the integrated circuit may be a hardware-implemented method.
  • Figure 1 is a schematic block diagram of an integrated circuit and an external enrolment device
  • Figure 2 is a schematic block diagram of an integrated circuit, external memory and an external enrolment device
  • Figure 3 is a schematic block diagram of a microcontroller or system-on-a-chip
  • Figure 4 illustrate pre-activated features of an integrated circuit
  • Figure 5 illustrates control of featurization
  • Figure 6 is a schematic block diagram of modules involved in enrolment
  • Figure 7 is a process flow diagram of a method of enrolment
  • Figure 8 illustrates on-chip generation of an activation pattern
  • Figure 9 is a process flow diagram of a method of feature activation
  • FIG. 10 illustrates multi-bit activation of peripheral modules
  • FIG. 11 illustrates setting clock frequency
  • Figure 12 is a table of some examples of activation patterns
  • Figure 13 illustrates setting an upper boundary of memory
  • Figure 14 illustrates device enrolment in a fab-light manufacturing environment
  • Figure 15 illustrates device enrolment in a fab-less manufacturing environment.
  • the integrated circuit 1 is a fixed logic device (as opposed to a programmable logic device).
  • the integrated circuit 1 includes logic circuits and other modules whose functions are fixed at time of fabrication, but which can be individually selectably enabled or disabled, and/or customised, after fabrication.
  • the integrated circuit 1 includes a unique code generator 3 for reproducibly generating a code 4 which is intrinsically unique to the integrated circuit 1.
  • the unique code generator 3 is based on a physical unclonable function (PUF).
  • the unique code 4 depends on the physical properties that are intrinsic to an element in the integrated circuit 1. For example, the unique code generator 3 may generate the unique code 4 using a value at startup of a memory element.
  • the code 4 is unique to the integrated circuit 1 even with respect to other integrated circuits (not show) having the same design and fabricated at same time using the same set of masks (not shown).
  • the code 4 is generated on demand and is transitory. In other words, the code 4 is not generated and then permanently stored. An initialized serial number or other initialized root-of trust is not used as the unique code 4.
  • the integrated circuit 1 includes a device enrolment module 5 for generating an enrolment pattern 6 using the unique code 4.
  • the integrated circuit 1 transmits the enrolment pattern 6 to the enrolment device 2 and, in return, receives a configuration enabler 7 (herein also referred to as "code constructor data" or "helper data”).
  • code constructor data herein also referred to as "code constructor data” or "helper data”
  • the integrated circuit 1 does not transmit the original (i.e. noisy) unique code 4 to the enrolment device 2 in the clear.
  • the original unique code 4 does not leave the integrated circuit 2. Instead, only a processed code, such as an enrolment pattern 6 which may be encrypted, is transmitted.
  • the integrated circuit 1 may include non-volatile memory 8 for storing the configuration enabler 7 and a configuration file generator 9 for generating a feature activation pattern 10 using the unique code 4 and the configuration enabler 7.
  • the integrated circuit 1 includes a feature activation module 11 which generates enable and/or disable signals 12 for enabling and/or disabling integrated circuit features 13 (herein referred to simply as "features").
  • a feature may be a peripheral module, such as a universal asynchronous receiver/transmitter (UART) or analogue-to-digital converter (ADC).
  • a feature may be a parameter, such as a clock speed.
  • the enrolment device 2 includes storage 14 which stores a device configuration file 15 for the integrated circuit 1 and a configuration enabler generator 15 for generating the configuration enabler 7.
  • the configuration enabler 7 is generated specifically for the integrated circuit 1 and an activation pattern 10 can only be generated using the configuration enabler 7 and the code 4 which was used to create the configuration enabler 7. Furthermore, the activation pattern 10 is generated on-chip, as-and-when required. Thus, this can help provide tighter control of featurization.
  • the integrated circuit 1 may be provided with external nonvolatile memory 8' for storing the configuration enabler 7.
  • the integrated circuit 1 need not include on-chip non- volatile memory 8.
  • first and second integrated circuits li, i 2 are shown.
  • the first integrated circuit li is intended to be a fully-featured integrated circuit and the second integrated circuit i 2 is intended to be a partially-featured integrated circuit, i.e. one in which fewer functions are enabled than a fully-featured integrated circuit.
  • Featurization of the first and second integrated circuits li, i 2 is set by respective first and second device configuration files 151, 152.
  • the first and second device configuration files 151, 152 are generated specifically for the first and second integrated circuits li, i 2 .
  • the first configuration enabler li is copied, it cannot be used for featurization of the second integrated circuit i 2 , let alone to enable a full set of features.
  • the integrated circuit 1 is at least partially featurized (or “partially activated”).
  • the code generator 3, the device enrolment module 5, the configuration file generator 9 and feature activation module 11 are fixed logic modules which are activated and operational.
  • at least one central processing unit 17, a clock 18 which may operate at a limited clock speed, that is, below the fastest available (i.e. fastest featurizable) clock speed, memory 19 whose available size may lie below a maximum available and a communications peripheral module 20 are active and operational to allow featurization
  • voltage supplies 21, clock signal 22 and reset signals 23 and to the code generator 3, the device enrolment module 5, the configuration file generator 9 and feature activation module 11 are not controllable by the central processing unit(s) 17 or other processing units, such as a direct memory access module, on the integrated circuit 1.
  • the central processing unit(s) 17 or other processing units such as a direct memory access module, on the integrated circuit 1.
  • supply voltage and clocks signal lines 21, 22 to the pre-activated on-chip modules 3, 5, 9, 11 are protected.
  • a processing element cannot switch on or off or vary supply voltages and clocks to the pre-activated on-chip modules 3, 5, 9, 11.
  • internal (i.e. on-chip) supply voltages 21 may be obtained, e.g.
  • a reset signal 23 to the pre- activated on-chip modules 3, 5, 9, 11 may be generated by a reset function 26 in response to a restricted set of circumstances, such as at the end of start-up or in response to an error signal 27 being generated by the configuration file generator 9.
  • the reset function 26 and the error signal 27 are protected.
  • a processing element such as the central processing unit 17
  • the reset function 26 may be implemented hardwired.
  • the pre-activated on-chip modules 3, 5, 9, 11 preferably take the form of specific on- chip circuits.
  • the code generator 3 does not have any interfaces which accessible by a central processing unit 17 or other processing unit.
  • the code generator 3 preferably has one input interface and one output interface, the output interface coupled directly to the device enrolment module 5 and the configuration file generator 9. Limiting the number of interfaces can help to prevent or discourage manipulation or alteration of the code 4 by the central processing unit(s) 17 or other processing elements or units.
  • the input/output interfaces can take different forms depending on the PUF used to implement the code generator 3. For example, in case of an SRAM PUF, the interfaces can be address and data lines to SRAM memory (not shown) that will be used as the source of noisy data.
  • the code generator 3 embed circuits (not shown) to protect it against manipulation by an external voltage 24 which might influence or manipulate the generation of code 4. Furthermore, circuits (not shown) may be provided to
  • Such a circuit can, for instance, dynamically switch off the supply voltage within the code generator 3 whenever it is not used by the device enrolment module 5 and the configuration file generator 9.
  • the device enrolment module 5 has one input interface 28 for a signal 29 which allows a central processing unit 17 or other processing element to trigger generation of the enrolment pattern 6.
  • the device enrolment module 5 has one output interface 29 in the form of one or more registers that allows the central processing unit 17 or other processing unit (such as a DMA) to read-out, in one or more operations, the enrolment pattern 6.
  • the device enrolment module 5 may provide status information (not shown) to the central processing unit 17 or other processing unit to indicate when the generation of the enrolment pattern 6 has been completed.
  • the device enrolment module 5 may process the code 4 by removing noise from the code 4 before processing it further, e.g. by applying encryption.
  • the enrolment pattern 6 may be protected further against potential manipulation in such a way that any such manipulation can be detected by the configuration enabler generator 16.
  • the enrolment pattern 6 may further be encrypted with a key shared with configuration enabler generator 16.
  • the configuration enabler generator 16 is implemented in a high-security tamper- resistant Hardware Security Module (HSM) that serves as the enrolment device. The installation and the maintenance of this generator 16 is controlled and handled by the IC manufacturer. The device configuration file 15 is stored securely in the HSM and its installation and maintenance is be controlled and handled by the IC manufacturer.
  • HSM Hardware Security Module
  • the configuration enabler 7 contains sufficient information for the configuration file generator 9 to transform the code 4 into an activation pattern 10.
  • An attacker knowing a configuration enabler 7 and the associated enrolment pattern 6 does not have sufficient information to reconstruct the generation algorithm processed in the configuration enabler generator 16.
  • the configuration file generator 9 may also be arranged to detect whether the configuration enabler 7 has been manipulated.
  • the configuration enabler generator 16 may encrypt the configuration enabler 7 with a key shared with configuration file generator 9.
  • the configuration file generator 9 has an input interface 30 in the form of one or more registers that allows a central processing unit 17 or other processing element (such as a DMA) to write-in, in one or more operations, the enrolment pattern 6 the configuration enabler 7.
  • the configuration file generator 9 may provide status information (not shown) to the central processing unit 17 or other processing element to indicate successful generation of the activation pattern 10 and/or when an error occurs.
  • the configuration file generator 9 outputs the activation pattern 10 directly to the feature activation module 11.
  • the feature activation module 11 has no input interface that can be used a central processing unit 17 or other processing element. This can help to discourage or prevent manipulation of the activation pattern 10.
  • the configuration enabler 9 can generates an activation pattern 10 having a default value (herein referred to as the "default activation pattern") which results in either no features 13 being activated or a few, predefined features 13 being activated, such as a communication module.
  • the feature activation module 11 outputs a set of independent signals 12 to enable (or “activate") or disable a one or more feature 13, e.g. a peripheral module.
  • Each enable (or disable) signal 12 is connected to an enable input (not shown) of at least one peripheral module, such as a communication interface module, a timer, a graphical processing unit or the like.
  • Each enable (or disable) signal 12 can be coupled with a user-configurable enable signal (not shown) using an AND gate (not shown).
  • the enable (or disable) signal 12 are arranged such that they cannot be directly manipulated by a central processing unit 17 or other processing unit.
  • a feature 12 If a feature 12 is disabled, then the feature 12 does not operate. Consequently, any attempt by a central processing unit 17 or other processing unit leads to unexpected behaviour, such as no communication, no timer tick, no graphical processing, and so on.
  • the output of feature activation module 11 may also include a set of one or more multiple-bit registers (not shown) providing integer values. These registers may provide partial or complete configuration information to integrated circuit resources, such as memory address boundaries, clock multipliers or the like. The registers (not shown) are arranged such that they cannot be manipulated by a central processing unit 17 or other form of processing unit. If a default activation pattern 10 is provided after reset, then the feature activation module 11 can lead to a minimal device configuration, for example, opening a limited memory space, providing a minimum-value clock multiplier and so on.
  • Featurization using device-intrinsic parameters is generally divided into two stages, namely enrolment and feature activation stages.
  • the device enrolment module 5 obtains a unique code 4 from the code generator 3 removes noise from the code 4 and generates an enrolment pattern 6 (step Si).
  • An encryption module 18 may encrypt the enrolment pattern 6 with a public key (not shown) of the enrolment device 2 (step S2).
  • the device enrolment module 5 transmits the enrolment pattern 6 to the enrolment device 2 (step S3).
  • the party (e.g. semiconductor foundry) sending the enrolment pattern 6 may be authenticated by the enrolment device 2 using a certificate (not shown) or other means.
  • the enrolment pattern 6 takes the form of a q-bit integer number.
  • the enrolment device 2 can take different forms.
  • the enrolment device 2 takes the form of a programmable Hardware Security Module (HSM).
  • HSM Hardware Security Module
  • the enrolment device 2 receives the enrolment pattern 6 (step S4) and, if the code is encrypted, a decryption module (not shown) decrypts the enrolment pattern 6 (step S5).
  • the configuration enabler generator 16 retrieves a device configuration file 15 from storage 14 (step S6).
  • the configuration enabler generator 16 generates a configuration enabler 7 which is specific to the integrated circuit 1 based on the enrolment pattern 6 and the device configuration file 15 (step S7) and transmits the configuration enabler 7 to the integrated circuit 1 (step S8).
  • the configuration enabler 7 takes the form of a p-bit integer number.
  • p is at least 32. The larger the values of p and q are, then the more secure enrolment can be made.
  • the integrated circuit 1 receives the configuration enabler 7 (step S9) and stores the configuration enabler in non-volatile memory (step S10).
  • Enrolment is carried out once for the integrated circuit 1.
  • the enrolment device 2 may enrol many different integrated circuits 1. Feature activation
  • feature activation can take place. Feature activation takes place when the integrated circuit 1 starts up.
  • the configuration file generator 9 includes a number of functions which allow it exclusively to generate a configuration file in the form of an activation pattern 10 using the unique code 4.
  • the configuration file generator 9 may include a noise reduction unit (not shown), a randomness extractor unit (not shown), a digital pattern extraction unit (not shown) and a post-process unit (not shown).
  • the configuration file generator 9 retrieves the configuration enabler 7 from memory 8 (step S11).
  • the unique code generator 3 generates another instance of the code 4 (step S12).
  • the configuration file generator 9 extracts an activation pattern 10 using the code 4 and configuration enabler 7 (step S13).
  • the activation pattern 10 takes the form of an n-bit integer number, where n ⁇ p.
  • configuration file generator 9 can carry out an error check to determine whether the activation pattern 10 is valid (step S14).
  • the configuration file generator 9 If the activation pattern 10 is valid, the configuration file generator 9 outputs the activation pattern 10 to the feature activation module 11 to be stored in a configuration register 25 (step S15). If, however, the activation pattern 10 is invalid, the configuration file generator 9 may optionally output an error signal 34 (step S16).
  • the error signal 24 may be supplied to a device reset function 27 which can disable the device 1. However, in some cases, the device 1 can operate with a minimal set of functions, for instance all configurable peripheral modules are disabled and a minimum amount of memory is set.
  • the configuration enabler 7 can be stored off-chip.
  • the integrated circuit 1 may be connected to a separate Flash or EEPROM chip, for example, as shown in Figure 2. This can allow featurization of integrated circuits which do not have Flash memory.
  • Feature activation can be used to generate signals to enable or disable individual and/or groups of peripheral modules and integer values which fix device parameters such as an address of an upper boundary of memory, clock frequencies and the like.
  • a simple coding scheme can be used to enable or disable a function. For example, two bit symbol and an AND gate with one inverting input and one non-inverting input can be used. Thus, a symbol having a value of, say, '01' may result in an activation signal having a value '1' which results in a function being enabled. A symbol having any other value, such as '10', may result in an activation signal having a value '0' which results in a function not being enabled.
  • an r-bit activation signal may be used, where r >2.
  • v can take a value 4.
  • bit numbers o to 3 of the main configuration register 33 can be used to control activation of a first peripheral module 13A.
  • First, second and third AND gates Qi, Q2, Q3 are used, wherein the first and second AND gates Qi and Q2 have one inverting input and one non-inverting input.
  • Bit number o of the main configuration register 23 is supplied to the inverting input of the first gate Qi.
  • Bit number 1 of the main configuration register 33 is supplied to the non-inverting input of the first gate Qi.
  • Bit number 2 of the main configuration register 23 is supplied to the inverting input of the second gate Q2.
  • Bit number 3 of the main configuration register 33 is supplied to the non-inverting input of the second gate Q2.
  • the outputs of the first and second gates Qi, Q2 are supplies as inputs to the third gate Q3.
  • a symbol having a value '1010' (hexadecimal oxA) in bits numbers 3 to o will enable a first peripheral module 13A. Other values will not enable the peripheral module 13A.
  • bit numbers 7 to 4 of the main configuration register 23 can be used to control activation of a second peripheral module 13B using a similar configuration of fourth, fifth and sixth AND gates Q4, Q5, Q6.
  • bit numbers 7 to 4 of the main configuration register 23 can be used to control activation of a second peripheral module 13B using a similar configuration of fourth, fifth and sixth AND gates Q4, Q5, Q6.
  • the fifth AND gate Q5 has an inverting input corresponding to bit number 6.
  • a symbol having a value '0111' (hexadecimal 0x7) in bits numbers 7 to 4 will enable a second peripheral module
  • a multiplexer 37A, 37B can be provided in series between the feature activation module 11 and each peripheral module 13A, 13B controlled by a production test module 38.
  • the production test module 38 can allow the integrated circuit 1 to be tested without the need of an enrolment pattern.
  • the test module 38 is protected to discourage or prevent circumvention of control over feature activation. For example, this may be achieved by using a key (not shown) to control access to the module 38, by blowing the module 38 automatically after use and/or by placing the module 38 in a wafer scribe line (not shown) which will mean that module 38 is destroyed during a subsequent wafer dicing step.
  • an r-bit activation signal may be used to control clock speed.
  • Bit number 10 is a parity control.
  • Bit number 11 takes a
  • a clock multiplier can be set to 4 using the symbol '0110' (hexadecimal 0x6).
  • Figure 12 shows a table 30 which list three possible activation codes for bits o to 11 of the main configuration register 33.
  • a portion of the main configuration register 33 can be copied into another register 31 to provide a parameter.
  • bit numbers 16 to 18 are copied into bits 20 to 22 of an upper address boundary register 31.
  • Bits o to 19 are set to '1' and bits 23 to 31 are set to ⁇ '.
  • the upper address boundary register 41 can take values of oxoFFFFF to oxFFFFFF.
  • device enrolment provides a way for fab-less or fab-light IP owner 42 to monitor production taking place at semiconductor foundries 43 since information identifying each manufactured integrated circuit and its respective enabled feature set is gathered. This can help to reduce or prevent overproduction.
  • the configuration enabler 7 may be protected by a hash function.
  • the device enrolment allow fab-less or fab-light semiconductor vendor to protect against overproduction. However, device enrolment can also protect original equipment manufacturers and/or original device manufacturers (or "customers") to protect their products from being tampered or counterfeited.
  • fixed-logic integrated circuits are delivered to customers before having been featurized. As such, the integrated circuits are only partially activated to allow the featurization process to take place, but are unable to run customer software. Customers first conduct the enrolment process using either an enrolment device located at their production facilities or accessing an enrolment device remotely via the Internet.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Mathematical Physics (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Semiconductor Integrated Circuits (AREA)
PCT/EP2015/053505 2014-02-19 2015-02-19 Integrated circuit with parts activated based on intrinsic features Ceased WO2015124673A1 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
CN201580019225.4A CN106164918B (zh) 2014-02-19 2015-02-19 基于内在特征而部分被激活的集成电路
JP2016552915A JP6695805B2 (ja) 2014-02-19 2015-02-19 部品が本質的な特徴に基づいて起動される集積回路
US15/120,207 US10833878B2 (en) 2014-02-19 2015-02-19 Integrated circuit with parts activated based on intrinsic features
EP15705989.0A EP2973198B1 (en) 2014-02-19 2015-02-19 Integrated circuit with parts activated based on intrinsic features

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP14290043.0 2014-02-19
EP14290043.0A EP2911086A1 (en) 2014-02-19 2014-02-19 Integrated circuit with parts activated based on intrinsic features

Publications (1)

Publication Number Publication Date
WO2015124673A1 true WO2015124673A1 (en) 2015-08-27

Family

ID=50774788

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2015/053505 Ceased WO2015124673A1 (en) 2014-02-19 2015-02-19 Integrated circuit with parts activated based on intrinsic features

Country Status (5)

Country Link
US (1) US10833878B2 (enExample)
EP (2) EP2911086A1 (enExample)
JP (1) JP6695805B2 (enExample)
CN (1) CN106164918B (enExample)
WO (1) WO2015124673A1 (enExample)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017125144A1 (en) * 2016-01-20 2017-07-27 Renesas Electronics Europe Gmbh Integrated circuit with anti-counterfeiting capabilities
US11283632B2 (en) 2017-12-28 2022-03-22 Mitsubishi Heavy Industries, Ltd. Integrated circuit, control device, information distribution method, and information distribution system

Families Citing this family (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10534882B2 (en) 2016-03-29 2020-01-14 Qualcomm Incorporated Method and apparatus for configuring an integrated circuit with a requested feature set
US10911229B2 (en) 2016-08-04 2021-02-02 Macronix International Co., Ltd. Unchangeable physical unclonable function in non-volatile memory
US10715340B2 (en) 2016-08-04 2020-07-14 Macronix International Co., Ltd. Non-volatile memory with security key storage
US11258599B2 (en) 2016-08-04 2022-02-22 Macronix International Co., Ltd. Stable physically unclonable function
US10855477B2 (en) 2016-08-04 2020-12-01 Macronix International Co., Ltd. Non-volatile memory with physical unclonable function and random number generator
EP3407335B1 (en) * 2017-05-22 2023-07-26 Macronix International Co., Ltd. Non-volatile memory based physically unclonable function with random number generator
FR3074933B1 (fr) * 2017-12-07 2021-05-21 Algodone Systeme et procede de licence et de mesure d'utilisation d'un bloc ip
KR101989149B1 (ko) * 2018-02-09 2019-06-13 성균관대학교산학협력단 PUF(Physically Unclonable Function) 셀 재조합 방법 및 장치와, PUF 회로
US10944557B2 (en) 2018-04-25 2021-03-09 Nxp B.V. Secure activation of functionality in a data processing system
US11380379B2 (en) 2020-11-02 2022-07-05 Macronix International Co., Ltd. PUF applications in memories
US12423434B2 (en) * 2022-12-05 2025-09-23 Cisco Technology, Inc. On-demand and secure hardware license-based SKU creation for ASICs
EP4630943A1 (en) * 2022-12-05 2025-10-15 Cisco Technology, Inc. On-demand and secure hardware license-based sku creation for asics
CN118395517B (zh) * 2024-06-25 2024-09-06 北京芯驰半导体科技股份有限公司 针对芯片开发的信息处理方法、系统及电子设备

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2268605A (en) * 1992-07-08 1994-01-12 Mitel Corp Option selection and control.
US5530749A (en) * 1994-08-15 1996-06-25 International Business Machines Corporation Methods and apparatus for secure hardware configuration
WO2008125999A2 (en) * 2007-04-12 2008-10-23 Intrinsic Id Bv Controlled activation of function
WO2009024913A2 (en) * 2007-08-22 2009-02-26 Intrinsic Id Bv Identification of devices using physically unclonable functions
US20110113392A1 (en) * 2009-11-09 2011-05-12 Rajat Subhra Chakraborty Protection of intellectual property (ip) cores through a design flow
US8427193B1 (en) * 2010-12-07 2013-04-23 Xilinx, Inc. Intellectual property core protection for integrated circuits

Family Cites Families (39)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6161213A (en) * 1999-02-17 2000-12-12 Icid, Llc System for providing an integrated circuit with a unique identification
US20010032318A1 (en) * 1999-12-03 2001-10-18 Yip Kun Wah Apparatus and method for protecting configuration data in a programmable device
US6425116B1 (en) * 2000-03-30 2002-07-23 Koninklijke Philips Electronics N.V. Automated design of digital signal processing integrated circuit
US6931543B1 (en) * 2000-11-28 2005-08-16 Xilinx, Inc. Programmable logic device with decryption algorithm and decryption key
EP1227385A3 (en) * 2001-01-24 2005-11-23 Matsushita Electric Industrial Co., Ltd. Semiconductor integrated circuit
US20020129261A1 (en) * 2001-03-08 2002-09-12 Cromer Daryl Carvis Apparatus and method for encrypting and decrypting data recorded on portable cryptographic tokens
GB0114317D0 (en) * 2001-06-13 2001-08-01 Kean Thomas A Method of protecting intellectual property cores on field programmable gate array
US7162644B1 (en) * 2002-03-29 2007-01-09 Xilinx, Inc. Methods and circuits for protecting proprietary configuration data for programmable logic devices
US7840803B2 (en) * 2002-04-16 2010-11-23 Massachusetts Institute Of Technology Authentication of integrated circuits
US7469338B2 (en) * 2002-07-29 2008-12-23 Broadcom Corporation System and method for cryptographic control of system configurations
DE10340861A1 (de) * 2003-09-04 2005-04-07 Infineon Technologies Ag Prozessorschaltung und Verfahren zum Zuordnen eines Logikchips zu einem Speicherchip
US7802085B2 (en) * 2004-02-18 2010-09-21 Intel Corporation Apparatus and method for distributing private keys to an entity with minimal secret, unique information
CN101036340A (zh) * 2004-10-04 2007-09-12 皇家飞利浦电子股份有限公司 用于物理令牌的双向纠错
EP1842203A4 (en) * 2004-11-12 2011-03-23 Verayo Inc KEYS OF VOLATILE DEVICES, AND THEIR APPLICATIONS
JP2008545323A (ja) * 2005-07-07 2008-12-11 コーニンクレッカ フィリップス エレクトロニクス エヌ ヴィ 物の真正性を検証する方法、装置及びシステム
ATE427501T1 (de) * 2005-08-10 2009-04-15 Nxp Bv Prufen einer integrierten schaltung, die geheiminformationen enthalt
US7759968B1 (en) * 2006-09-27 2010-07-20 Xilinx, Inc. Method of and system for verifying configuration data
WO2008056612A1 (en) * 2006-11-06 2008-05-15 Panasonic Corporation Information security apparatus
US7778074B2 (en) * 2007-03-23 2010-08-17 Sigmatel, Inc. System and method to control one time programmable memory
US8290150B2 (en) * 2007-05-11 2012-10-16 Validity Sensors, Inc. Method and system for electronically securing an electronic device using physically unclonable functions
US8166366B1 (en) * 2007-10-22 2012-04-24 Xilinx, Inc. Partial configuration of programmable circuitry with validation
DE102008003946A1 (de) * 2008-01-11 2009-07-23 Micronas Gmbh Schaltung und Verfahren zur Generierung einer echten, schaltungsspezifischen und zeitinvarianten Zufallszahl
US7761714B2 (en) * 2008-10-02 2010-07-20 Infineon Technologies Ag Integrated circuit and method for preventing an unauthorized access to a digital value
TWI498827B (zh) * 2008-11-21 2015-09-01 Verayo Inc 非連網射頻辨識裝置物理不可複製功能之鑑認技術
FR2948793B1 (fr) * 2009-07-28 2014-10-31 Thales Sa Procede securise de reconstruction d'une mesure de reference d'une donnee confidentielle a partir d'une mesure bruitee de cette donne, notamment pour la generation de cles cryptographiques
US8387071B2 (en) * 2009-08-28 2013-02-26 Empire Technology Development, Llc Controlling integrated circuits including remote activation or deactivation
WO2011088074A2 (en) * 2010-01-12 2011-07-21 Stc. Unm System and methods for generating unclonable security keys in integrated circuits
FR2955394B1 (fr) * 2010-01-18 2012-01-06 Inst Telecom Telecom Paristech Circuit integre en silicium comportant une fonction physiquement non copiable, procede et systeme de test d'un tel circuit
US20120137137A1 (en) * 2010-11-30 2012-05-31 Brickell Ernest F Method and apparatus for key provisioning of hardware devices
US8418006B1 (en) * 2010-12-07 2013-04-09 Xilinx, Inc. Protecting a design for an integrated circuit using a unique identifier
WO2012122994A1 (en) * 2011-03-11 2012-09-20 Kreft Heinz Off-line transfer of electronic tokens between peer-devices
JP5839659B2 (ja) * 2011-06-20 2016-01-06 ルネサスエレクトロニクス株式会社 半導体装置
JP5770026B2 (ja) * 2011-06-20 2015-08-26 ルネサスエレクトロニクス株式会社 半導体装置
US8581618B1 (en) * 2012-02-14 2013-11-12 Social Silicon, Inc. Apparatus for controlling the usability of intellectual property within a programmable device and method of using
US8750502B2 (en) * 2012-03-22 2014-06-10 Purdue Research Foundation System on chip and method for cryptography using a physically unclonable function
US8885819B2 (en) * 2012-12-27 2014-11-11 Intel Corporation Fuse attestation to secure the provisioning of secret keys during integrated circuit manufacturing
US9716708B2 (en) * 2013-09-13 2017-07-25 Microsoft Technology Licensing, Llc Security certificates for system-on-chip security
US9590636B1 (en) * 2013-12-03 2017-03-07 Marvell International Ltd. Method and apparatus for validating a system-on-chip based on a silicon fingerprint and a unique response code
US11329833B2 (en) * 2017-09-28 2022-05-10 Intel Corporation Programmable device key provisioning

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2268605A (en) * 1992-07-08 1994-01-12 Mitel Corp Option selection and control.
US5530749A (en) * 1994-08-15 1996-06-25 International Business Machines Corporation Methods and apparatus for secure hardware configuration
WO2008125999A2 (en) * 2007-04-12 2008-10-23 Intrinsic Id Bv Controlled activation of function
WO2009024913A2 (en) * 2007-08-22 2009-02-26 Intrinsic Id Bv Identification of devices using physically unclonable functions
US20110113392A1 (en) * 2009-11-09 2011-05-12 Rajat Subhra Chakraborty Protection of intellectual property (ip) cores through a design flow
US8427193B1 (en) * 2010-12-07 2013-04-23 Xilinx, Inc. Intellectual property core protection for integrated circuits

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2017125144A1 (en) * 2016-01-20 2017-07-27 Renesas Electronics Europe Gmbh Integrated circuit with anti-counterfeiting capabilities
JP2019507538A (ja) * 2016-01-20 2019-03-14 ルネサス・エレクトロニクス・ヨーロッパ・ゲゼルシャフト・ミット・ベシュレンクテル・ハフツングRenesas Electronics Europe Gmbh 偽造防止機能を備えた集積回路
US11283632B2 (en) 2017-12-28 2022-03-22 Mitsubishi Heavy Industries, Ltd. Integrated circuit, control device, information distribution method, and information distribution system

Also Published As

Publication number Publication date
CN106164918B (zh) 2020-01-31
EP2973198B1 (en) 2018-04-04
US10833878B2 (en) 2020-11-10
JP2017512337A (ja) 2017-05-18
CN106164918A (zh) 2016-11-23
EP2973198A1 (en) 2016-01-20
JP6695805B2 (ja) 2020-05-20
EP2911086A1 (en) 2015-08-26
US20170078105A1 (en) 2017-03-16

Similar Documents

Publication Publication Date Title
EP2973198B1 (en) Integrated circuit with parts activated based on intrinsic features
CN104252881B (zh) 半导体集成电路及系统
CN104734854B (zh) 密钥的安全提供
EP2506488B1 (en) Secure dynamic on-chip key programming
US9680643B2 (en) System and method for the secure transmission of data
US11874928B2 (en) Security device, electronic device, secure boot management system, method for generating boot image, and method for executing boot chain
US11582033B2 (en) Cryptographic management of lifecycle states
EP3709201A1 (en) Method for verifying an execution environment used for execution of at least one hardware-application provided by a configurable hardware module
EP3214613B1 (en) Protecting the content of different ip cores in a system on chip using pufs
US11977666B2 (en) Flexible cryptographic device
US12271512B2 (en) Method and device for authenticating an FPGA configuration
CN115694805B (zh) 电子装置、集成电路的设计与制造方法及产品的操作方法
CN119519932B (zh) 密码芯片及其加扰方法
CN102236754B (zh) 数据保密方法以及使用此数据保密方法的电子装置
SDencrypter FIPS 140-2 Level-3 Non-propriety Security Policy

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15705989

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2015705989

Country of ref document: EP

ENP Entry into the national phase

Ref document number: 2016552915

Country of ref document: JP

Kind code of ref document: A

NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 15120207

Country of ref document: US