WO2017052505A1 - Protection matérielle basée sur des caractéristiques de fabrication - Google Patents

Protection matérielle basée sur des caractéristiques de fabrication Download PDF

Info

Publication number
WO2017052505A1
WO2017052505A1 PCT/US2015/051345 US2015051345W WO2017052505A1 WO 2017052505 A1 WO2017052505 A1 WO 2017052505A1 US 2015051345 W US2015051345 W US 2015051345W WO 2017052505 A1 WO2017052505 A1 WO 2017052505A1
Authority
WO
WIPO (PCT)
Prior art keywords
circuitry
fingerprint
voltage
interpreter
string
Prior art date
Application number
PCT/US2015/051345
Other languages
English (en)
Inventor
Kinyip PHOA
Jui-Yen Lin
Nidhi NIDHI
Yi Wei Chen
Kun-Huan Shih
Xiaodong Yang
Walid M. Hafez
Curtis Tsai
Original Assignee
Intel Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Intel Corporation filed Critical Intel Corporation
Priority to PCT/US2015/051345 priority Critical patent/WO2017052505A1/fr
Priority to TW105124632A priority patent/TW201721506A/zh
Publication of WO2017052505A1 publication Critical patent/WO2017052505A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication

Definitions

  • the present disclosure relates to semiconductor fabrication, and more particularly, to a system to generate a device- specific authentication data based on fabrication characteristics.
  • malicious code e.g., malware
  • existing software-based protection e.g., anti- virus protection, software firewalls, etc.
  • FIG. 1 illustrates an example integrated circuit device comprising at least hardware protection based on fabrication characteristics in accordance with at least one embodiment of the present disclosure
  • FIG. 2 illustrates example hardware protection circuitry in accordance with at least one embodiment of the present disclosure
  • FIG. 3 illustrates an example of fabrication characteristic unit structure and interpreter circuitry operation in accordance with at least one embodiment of the present disclosure
  • FIG. 4 illustrates an alternative example of fabrication characteristic unit structure and interpreter circuitry operation in accordance with at least one embodiment of the present disclosure
  • FIG. 5 illustrates example hardware protection circuitry including legacy interface circuitry in accordance with at least one embodiment of the present disclosure
  • FIG. 6 illustrates example operations for fingerprint determination in accordance with at least one embodiment of the present disclosure
  • FIG. 7 illustrates an example system that may employ a device such as illustrated in FIG. 1 in accordance with at least one embodiment of the present disclosure.
  • FIG. 8 illustrates example operations for integrated circuit device authentication in accordance with at least one embodiment of the present disclosure.
  • an integrated circuit (IC) device may be configured to determine a string of logical values or "fingerprint" based at least on fabrication characteristics of the device.
  • An example device may comprise at least functional circuitry corresponding to the functional purpose of the device and hardware protection circuitry (HPC).
  • Example HPC may include interpreter circuitry and fingerprint circuitry.
  • the interpreter circuitry may measure at least one parameter (e.g., voltage) of at least one electronic component in the fingerprint circuitry, and in at least one embodiment, may compare voltages measured from different components in the fingerprint circuitry and then assign a logical one or zero to the fingerprint string based on the results of each component comparison.
  • Example electronic components may include transistors, resistors, etc.
  • the resulting fingerprint string may be used by a system including the device to authenticate the device.
  • a failure to authenticate the device may result in the execution of at least one security operation to protect the system from being compromised by the device.
  • an example IC device may comprise at least a substrate, functional circuitry and HPC.
  • the functional circuitry may be fabricated on the substrate.
  • the HPC may also be fabricated on the substrate and may include, for example, at least fingerprint circuitry and interpreter circuitry to determine a fingerprint for the device based on fabrication characteristics of the fingerprint circuitry.
  • the interpreter circuitry may be to measure at least one voltage corresponding to at least one fabrication characteristic unit (FCU) in the fingerprint circuitry.
  • the at least one FCU may comprise at least one electronic component dedicated only to fingerprint determination in the device.
  • the interpreter circuitry may be to compare voltages measured from at least two electronic components in the fingerprint circuitry.
  • a fingerprint string in the device may comprise logical values corresponding to each voltage comparison, and the interpreter circuitry may then be to assign a logical one to the fingerprint string if the two voltages satisfy a certain relationship and to assign a logical zero to the fingerprint string if the two voltages do not satisfy the certain relationship.
  • the certain relationship may be, for example, that a first voltage of the two voltages is one of greater than or less than a second voltage of the two voltages.
  • the certain relationship may be that an absolute value of a difference between the two voltages is one of greater than or less than a criteria value.
  • the at least two electronic components may be transistors or resistors.
  • the at least two electronic components may comprise groups of components each including at least a transistor coupled to a resistor.
  • One of the at least two electronic components may be designated as a reference and each subsequent electronic component may be compared to the reference.
  • the interpreter circuitry may comprise at least comparison circuitry and fingerprint forming circuitry.
  • the interpreter circuitry may also comprise at least one of multiplexer circuitry, decoder circuitry or secure storage circuitry.
  • the interpreter circuitry may also comprise legacy interface circuitry to cause the fingerprint to be written to fuse circuitry within the device.
  • a method for formulating a fingerprint for an IC device may comprise, for example, initializing an IC device, initializing fingerprint determination in the device and determining a fingerprint for the device based on fabrication characteristics of the device.
  • FIG. 1 illustrates an example integrated circuit device comprising at least hardware protection based on fabrication characteristics in accordance with at least one embodiment of the present disclosure.
  • various semiconductor assemblies and/or structures such as a transistors, resistors, comparators, multiplexors, decoders, storage structures, etc.
  • These example assemblies and/or structures have been referenced to provide a readily comprehensible perspective from which to understand the various embodiments disclosed herein, and are not intended to limit actual implementations to only these particular assemblies or structures.
  • the inclusion of an apostrophe after an item number in a drawing figure e.g., 100'
  • Device 100 is illustrated in FIG. 1.
  • Device 100 may be an IC device comprising, for example, one or more layers deposited via a series of semiconductor fabrication operations.
  • Example technologies for depositing layers of semiconductor material may include, but are not limited to, molecular beam epitaxy (MBE), physical vapor deposition (PVD), chemical vapor deposition (CVD), electrochemical deposition (ECD), atomic layer deposition (ALD), etc. Junctions falling between layers may be modified to incorporate various features using photolithography.
  • Device 100 may comprise, for example functional circuitry 102 and HPC 104.
  • Functional circuitry 102 may perform at least one operation associated with the primary functionality of device 100.
  • functional circuitry 102 may include data storage areas for a read-only memory (ROM), data processing circuitry for a microprocessor, etc.
  • ROM read-only memory
  • the configuration, content, etc. of functional circuitry 102 may vary depending on device type, configuration, packaging, technology, power constraints (e.g., for mobile devices), etc.
  • HPC 104 may comprise at least interpreter circuitry 106 and fingerprint circuitry 108.
  • Interpreter circuitry may determine at least one fabrication characteristic of fingerprint circuitry 108, which it may then use to formulate a fingerprint for device 100.
  • a "fabrication characteristic" may include parameters of operation of at least one electronic component in fingerprint circuitry 108 that may vary based on how device 100 is fabricated. For example, random dopant fluctuation (RDF) may differentiate every single transistor during fabrication, and thus, the performance of every single transistor may deviate from each other.
  • RDF random dopant fluctuation
  • the voltage, current, resistance, etc. may vary in each electronic component (e.g., transistor, resistor, etc.) fabricated in device 100 just based on the various nuances of the semiconductor fabrication process.
  • these performance deviations may be utilized to encode a bit string or "fingerprint' unique to each device 100 without the need to explicitly program the bit string. Instead, the electronic components are inherently “programmed” to be different based on the fabrication process in a manner that is both unique to device 100 and cannot be duplicated.
  • the inability to replicate the fingerprint of device 100 in another device is an important benefit of HPC 104. This may be accomplished by requiring that the fingerprint bit string for device 100 be generated based on measurements taken directly from electronic components in fingerprint circuitry 108. The measurement and generation of the fingerprint bit string may take place when, for example, device 100 is initialized, when a system in which device 100 is embedded is initialized, in response to a demand received from the system to device 100, etc. The measurements taken directly from fingerprint circuitry 108 may then be used to generate the fingerprint bit string, and thus, may not be replicated since they are based on characteristics that are specific to the manufacture of device 100.
  • example device 100 comprises fingerprint circuitry 108 dedicated only to fingerprint generation
  • fingerprint circuitry 108 may be omitted from device 100 and interpreter circuitry 106 may instead measure characteristics of electronic components within functional circuitry 102.
  • functional circuitry 102 may serve a dual purpose: to both perform the primary functionality associated with device 100 and also to provide one or more electronic components that may be measured for determining a fingerprint corresponding to device 100.
  • FIG. 2 illustrates example HPC in accordance with at least one embodiment of the present disclosure.
  • circuitry shown with a dotted line in FIG. 2 may be optional in that the inclusion of the optional circuitry may be implementation dependent (e.g., based on device size, technology, packaging, constraints, the size of fingerprint circuitry 108', etc.).
  • HPC 104' may comprise at least interpreter circuitry 106' and fingerprint circuitry 108'.
  • Fingerprint circuitry 108' may include, for example, FCU 200A, FCU 200B, FCU 200C, FCU 200D...FCU 200n (collectively, FCU 200A...n).
  • FCU 200A...n may each include at least one electronic component (e.g., a transistor, resistor or combinations thereof).
  • interpreter circuitry 104' may measure a characteristic of at least one component in each of FCU 200 A...n, and may use the measurements to generate a fingerprint bit string.
  • Interpreter circuitry 106' may comprise, for example, multiplexer and/or decoder circuitry 202, comparison circuitry 204, fingerprint forming circuitry 206 and secure storage circuitry 208.
  • Multiplexer and/or decoder circuitry 202 may include circuitry to select one or more FCU 200A...n (e.g., FCU 200A alone, FCU 200A and FCU200B, etc.) for processing by comparison circuitry 204.
  • Comparison circuitry 204 may measure (and/or determine) a characteristic (e.g., voltage, current, resistance, capacitance, inductance, etc.) from each FCU 200 A...n and may perform a comparison between characteristics taken from the same FCU 200A...n, between characteristics taken from different FCUs 200A...n, etc. Consistent with the present disclosure, the results of the comparison may be translated into a logical value (e.g., a one "1" or a zero "0") that may then be provided to fingerprint forming circuitry 206. Fingerprint forming circuitry 206 may concatenate the logical values into a bit string that forms the fingerprint for device 100. In at least one embodiment, the resulting bit string may be stored in secure storage circuitry 208.
  • a characteristic e.g., voltage, current, resistance, capacitance, inductance, etc.
  • Secure storage circuitry 208 may be an encrypted storage area or memory within HPC 104' for storing the fingerprint string for later access by, for example, a system into which device 100 is incorporated.
  • secure storage circuitry 208 may be encrypted in a manner that allows the system to decrypt and read the fingerprint string.
  • the system may authenticate device 100 based on the fingerprint.
  • secure storage circuitry 208 may be omitted, and a system including device 100 may receive the fingerprint string directly from fingerprint forming circuitry 206.
  • FIG. 3 illustrates an example of fabrication characteristic unit structure and interpreter circuitry operation in accordance with at least one embodiment of the present disclosure.
  • FCU 200A', 200B' ...200n' may each comprise circuitry to generate voltages that may be compared in comparison circuitry 204' .
  • the circuitry in FCU 200A' ...n' may generally comprise at least one electronic component from which a voltage may be derived such as, for example, transistors, resistors or combinations thereof.
  • a logical value (1 or 0) may be determined based on the results of each voltage comparison.
  • Each of the logical values may be added to a bit string that may form a fingerprint for device 100.
  • FCU 200A' may comprise at least transistor Ql and transistor Q2.
  • a left-side voltage for FCU 200A' (VLA) and a right side voltage for RCU 200A' (VRA) may be generated based on a supply voltage (Vs) supplied to both transistors.
  • Transistors Ql and Q2 may be switched "on" in that their gates may also be coupled to Vs.
  • transistors Ql and Q2 may be coupled to at least resistor Rl and resistor R2, respectively.
  • the resistance values of resistors Rl and R2 may be selected to be just large enough to stabilize the operational characteristics of transistors Ql and Q2 from being affected by random variation.
  • FCU 200B' may generate a left-side voltage (VLB) and a right-side voltage (VRB) based on transistor Q3, transistor Q4, resistor R3 and R4, and FCU 200n' may generate a left-side voltage (VLn) and a right-side voltage (VRn) based on transistor Q5, transistor Q6, resistor R5 and R6. While only three FCUs 200A' ...n' are illustrated, the actual number of FCUs may be implementation dependent.
  • circuitry in device 100 may cause multiplexer or decoder circuitry 202' to select each of FCU 200A' ...n' in succession.
  • the selection of FCU 200A' may cause VLA and VLB to be provided to comparison circuitry 204', which may include example logic 300 for comparing the voltages received from FCU 200A'.
  • comparison circuitry 204' may compare the received left-side voltage (VL) to the received right-side voltage (VR). If, for example, VL is determined to be greater than VR (e.g., VL > VR), then a logical value of "1" may be passed to fingerprint forming circuitry 206' for assignment to the fingerprint bit string.
  • a logical value of "0" may be passed to fingerprint forming circuitry 206' .
  • Alternative logic is shown at 304 wherein an absolute value of a difference between VL and VR (e.g., IVL-VRI), may be compared to a predetermined criteria value. If the absolute value is determined to be greater than the predetermined criteria value then a "1" may be passed to fingerprint forming circuitry. . Otherwise a logical value of "0" may be passed to fingerprint forming circuitry 206'.
  • the logic shown at 302 and 304 are merely examples. Other logical relationships are possible consistent with the present disclosure.
  • Comparison circuitry 204' may then cause multiplexer or decoder circuitry 202' to traverse through FCU 200B' to compare VLB to VRB, and finally through FCU 200n' to compare VLn to VRn.
  • Example results of these comparisons are illustrated in regard to fingerprint forming circuitry 206'.
  • a bit corresponding to FCU 200A' may be a "1" since VLA was determined to be greater than VRA
  • a bit corresponding to FCU 200B ' may be a "1" since VLB was determined to be greater than VRB
  • a bit corresponding to FCU 200n' may be a "0" since VLn was determined to be less than VRn.
  • the fingerprint string may include 11...0 depending on the total number of FCUs 200A' ...n' .
  • FIG. 4 illustrates an alternative example of fabrication characteristic unit structure and interpreter circuitry operation in accordance with at least one embodiment of the present disclosure.
  • each of FCU 200A' ...n' may be configured with circuitry that may only provide one characteristic (e.g., voltage).
  • FCU 200A' may provide a voltage VI that correspond to a voltage drop over transistor Q7
  • FCU 200B' may provide a voltage V2 that correspond to a voltage drop over transistor Q8
  • FCU 200C may provide a voltage VI that correspond to a voltage drop over transistor Q9.
  • comparison circuitry 204 may compare FCUs 200A' ...n' to each other (e.g., VI may be compared to V2), another example implementation is presented in FIG. 2.
  • each FCU 200A' ...n' may each be compared to a reference transistor Qref.
  • Example logic 400 includes two logical relationships involving Vref (e.g., the voltage drop across Qref) and VI ... (e.g., the second value "VI" changes based on the FCU 200A' ...n' selected).
  • Logical relationship 402 simply determines whether Vref > VI. If Vref is determined to be greater than VI, than a "1" may be passed to fingerprint forming circuitry 206' for assignment to a fingerprint bit string corresponding to device 100. Otherwise a "0" may be passed.
  • a "1" may be passed to fingerprint forming circuitry 206'. Otherwise, a "0" may be passed to fingerprint forming circuitry 206'. Fingerprint forming circuitry 206' may then concatenate the bits corresponding the comparisons between transistor Qref and FCUs 200A' ...n' to form a fingerprint bit string corresponding to device 100 (e.g., 10....0).
  • FIG. 5 illustrates example hardware protection circuitry including legacy interface circuitry in accordance with at least one embodiment of the present disclosure.
  • FIG. 5 is substantially similar to the example configuration for HPC 104' that was disclosed in FIG. 2, but further incorporates at least legacy interface circuitry 500.
  • Programmable fuse circuitry 502 may be used to protect the integrity of existing IC devices.
  • Programmable fuses circuitry 502 may include, for example, programmable bits in an IC device (e.g., a bit array) that may be configured in a manner analogous to setting mechanical switches in a dual inline package (DIP) switch.
  • DIP dual inline package
  • Existing systems may be able to interact with programmable fuse circuitry 502 in authenticating an IC device, determining whether an IC device has been compromised, etc.
  • legacy interface circuitry 500 may be capable of programming programmable fuse circuitry 502 utilizing the fingerprint bit string of device 100.
  • the fingerprint determination circuitry, structures, methodologies, data, etc. described herein may be interact with legacy systems compatible with programmable fuse circuitry 502.
  • Example legacy interface circuitry 500 may comprise at least an analog- to-digital converter (ADC) to convert analog data generated by the fingerprint determination circuitry into digital data. The resulting digital data may then be provided to, for example, programming circuitry within the programmable fuse circuitry for programming the fuses.
  • FIG. 6 illustrates example operations for fingerprint determination in accordance with at least one embodiment of the present disclosure.
  • Operations shown with dotted lines may be optional based on, for example, a configuration of a device for which a fingerprint is being determined, a configuration of a system that incorporates the device, etc.
  • a device may be initialized, which may include powering on, rebooting, etc. the device itself, a system in which the device is incorporated, etc.
  • Fingerprint determination may be initialized in operation 602. As part of fingerprint determination, a fingerprint bit may be determined for the next FCU in operation 604.
  • Fingerprint bit determination may include, for example, comparing a characteristic for an FCU (e.g., a voltage measured from the FCU) to another characteristic measured from the FCU (e.g., another voltage), to a characteristic measured from another FCU (e.g., a voltage measured from another FCU), to a characteristic measured from a reference (e.g., a voltage measured from the reference), etc. While measuring voltage is utilized as an example herein, other characteristics may be measured consistent with the present disclosure.
  • a logical value (e.g., a "1" or "0”) may then be determined based on the comparison, and in operation 606 the logical value may be added to a fingerprint bit string.
  • FIG. 7 illustrates an example system that may employ a device such as illustrated in
  • System 700 is an example of a platform in which one or more devices such as device 100 may be installed, and is not intended to limit the present disclosure to any particular manner of implementation.
  • Examples of system 700 may include, but are not limited to, a mobile communication device such as a cellular handset or a smartphone based on the Android® OS from the Google Corporation, iOS® or Mac OS® from the Apple Corporation, Windows® OS from the Microsoft Corporation, Tizen® OS from the Linux Foundation, Firefox® OS from the Mozilla Project, Blackberry® OS from the Blackberry Corporation, Palm® OS from the Hewlett-Packard Corporation, Symbian® OS from the Symbian Foundation, etc., a mobile computing device such as a tablet computer like an iPad® from the Apple Corporation, Surface® from the Microsoft Corporation, Galaxy Tab® from the Samsung Corporation, Kindle® from the Amazon Corporation, etc., an Ultrabook® including a low-power chipset from the Intel Corporation, a netbook, a notebook, a laptop, a palmtop, etc.
  • System circuitry 702 may manage the operation of system 700.
  • System circuitry 702 may include, for example, processing circuitry 704, memory circuitry 706, power circuitry 708, user interface circuitry 710 and communication interface circuitry 712.
  • System 700 may further include communication module 714. While communication module 714 is illustrated as separate from system circuitry 702, the example configuration shown in FIG. 7 is provided merely for the sake of explanation. For example, some or all of the functionality associated with communication module 714 may also be incorporated into system circuitry 702.
  • processing circuitry 704 may comprise one or more processors situated in separate components, or alternatively one or more cores in a single component (e.g., in a System-on-a-Chip (SoC) configuration), along with processor-related support circuitry (e.g., bridging interfaces, etc.).
  • Example processors may include, but are not limited to, various x76-based microprocessors available from the Intel Corporation including those in the Pentium, Xeon, Itanium, Celeron, Atom, Quark, Core i-series, Core M-series product families, Advanced RISC (e.g., Reduced Instruction Set Computing) Machine or "ARM" processors, etc.
  • support circuitry may include chipsets (e.g., Northbridge, Southbridge, etc. available from the Intel Corporation) configured to provide an interface through which processing circuitry 704 may interact with other system components that may be operating at different speeds, on different buses, etc. in system 700 .
  • chipsets e.g., Northbridge, Southbridge, etc. available from the Intel Corporation
  • processing circuitry 704 may interact with other system components that may be operating at different speeds, on different buses, etc. in system 700 .
  • some or all of the functionality commonly associated with the support circuitry may also be included in the same physical package as the processor (e.g., such as in the Sandy Bridge family of processors available from the Intel Corporation).
  • Processing circuitry 704 may be configured to execute various instructions in system 700. Instructions may include program code configured to cause processing circuitry 704 to perform activities related to reading data, writing data, processing data, formulating data, converting data, transforming data, etc. Information (e.g., instructions, data, etc.) may be stored in memory circuitry 706.
  • Memory circuitry 706 may comprise random access memory (RAM) and/or read-only memory (ROM) in a fixed or removable format.
  • RAM may include volatile memory configured to hold information during the operation of system 700 such as, for example, static RAM (SRAM) or Dynamic RAM (DRAM).
  • ROM may include nonvolatile (NV) memory modules configured based on BIOS, UEFI, etc.
  • programmable memories such as electronic programmable ROMs (EPROMS), Flash, etc.
  • Other fixed/removable memory may include, but are not limited to, magnetic memories such as, for example, floppy disks, hard drives, etc., electronic memories such as solid state flash memory (e.g., embedded multimedia card (eMMC), etc.), removable memory cards or sticks (e.g., micro storage device (uSD), USB, etc.), optical memories such as compact disc-based ROM (CD-ROM), Digital Video Disks (DVD), Blu- Ray Disks, etc.
  • solid state flash memory e.g., embedded multimedia card (eMMC), etc.
  • uSD embedded multimedia card
  • uSD micro storage device
  • USB etc.
  • optical memories such as compact disc-based ROM (CD-ROM), Digital Video Disks (DVD), Blu- Ray Disks, etc.
  • Power circuitry 708 may include internal power sources (e.g., a battery, fuel cell, etc.) and/or external power sources (e.g., electromechanical or solar generator, power grid, external fuel cell, etc.), and related circuitry configured to supply system 700 with the power needed to operate.
  • User interface circuitry 710 may include hardware and/or software to allow users to interact with system 700 such as, for example, various input mechanisms (e.g., microphones, switches, buttons, knobs, keyboards, speakers, touch- sensitive surfaces, one or more sensors configured to capture images and/or sense proximity, distance, motion, gestures, orientation, biometric data, etc.) and various output mechanisms (e.g., speakers, displays, lighted/flashing indicators, electromechanical components for vibration, motion, etc.).
  • various input mechanisms e.g., microphones, switches, buttons, knobs, keyboards, speakers, touch- sensitive surfaces, one or more sensors configured to capture images and/or sense proximity, distance, motion, gestures, orientation, biometric data, etc.
  • the hardware in user interface circuitry 710 may be incorporated within system 700 and/or may be coupled to system 700 via a wired or wireless communication medium.
  • User interface circuitry 710 may be optional in certain circumstances such as, for example, a situation wherein system 700 is a server (e.g., rack server, blade server, etc.) that does not include user interface circuitry 710, and instead relies on another device (e.g., a management terminal) for user interface functionality.
  • a server e.g., rack server, blade server, etc.
  • another device e.g., a management terminal
  • Communication interface circuitry 712 may be configured to manage packet routing and other control functions for communication module 714, which may include resources configured to support wired and/or wireless communications.
  • system 700 may comprise more than one communication module 714 (e.g., including separate physical interface modules for wired protocols and/or wireless radios) managed by a centralized communication interface circuitry 712.
  • Wired communications may include serial and parallel wired mediums such as, for example, Ethernet, USB, Firewire, Thunderbolt, Digital Video Interface (DVI), High-Definition Multimedia Interface (HDMI), etc.
  • Wireless communications may include, for example, close-proximity wireless mediums (e.g., radio frequency (RF) such as based on the RF Identification (RFID)or Near Field Communications (NFC) standards, infrared (IR), etc.), short-range wireless mediums (e.g., Bluetooth, WLAN, Wi-Fi, etc.), long range wireless mediums (e.g., cellular wide-area radio communication technology, satellite -based communications, etc.), electronic communications via sound waves, etc.
  • RF radio frequency
  • RFID RF Identification
  • NFC Near Field Communications
  • IR infrared
  • communication interface circuitry 712 may be configured to prevent wireless communications that are active in communication module 714 from interfering with each other. In performing this function, communication interface circuitry 712 may schedule activities for communication module 714 based on, for example, the relative priority of messages awaiting transmission. While the embodiment disclosed in FIG. 7 illustrates communication interface circuitry 712 being separate from communication module 714, it may also be possible for the functionality of communication interface circuitry 712 and communication
  • FIG. 8 illustrates example operations for integrated circuit device authentication in accordance with at least one embodiment of the present disclosure.
  • the fingerprint bit string may be utilized to authenticate device 100, to determine the integrity of device 100 (e.g., which may indicate if the security of device 100 has been comprised), etc.
  • a "known- good" fingerprint may be recorded and stored for device 100 prior to integration in system 700 such as disclosed in FIG. 7.
  • a fingerprint may be determined for device 100 and stored by the manufacturer. This information may then be made available later via, for example, a cloud-based architecture (e.g., at least one server accessible via a network such as the Internet).
  • a cloud-based architecture e.g., at least one server accessible via a network such as the Internet.
  • System 700 may be able to retrieve stored fingerprint data from the cloud-based architecture during startup, and may use the retrieved fingerprint data to authenticate device 100.
  • the fingerprint may be stored within each device itself (e.g., within secure storage circuitry 208).
  • the fingerprint data may be temporarily accessible when device 100 is first powered up.
  • System 800 may record the fingerprint information from device 100 during the initial power up, and then the fingerprint may be purged from security storage circuitry 208.
  • device 100 may generate a fingerprint based on fabrication characteristics, and the authenticity of device 100 may be determined by comparing the fingerprint generated during startup to the fingerprint data originally retrieved from secure storage circuitry 208.
  • the fingerprint data may be permanently stored in secure storage circuitry 208, and only systems 100 that comprise a certain configuration (e.g., including certain IC devices, chipsets, programs, etc.) may be able to access the stored fingerprint data.
  • System 700 may use the stored fingerprint data to authenticate device 100 based on a fingerprint bit string generated by device 100 (e.g., such as described above).
  • a system may authenticate at least one device.
  • the system may be initialized.
  • the system may then receive a fingerprint from a device in operation 802.
  • the fingerprint received from the device may be generated employing operations such as disclosed in FIG. 6.
  • the system may verify the fingerprint received from the device against a known-good fingerprint for the device.
  • the known-good fingerprint may be obtained by the system in a manner such as described above.
  • a determination may then be made in operation 806 as to whether the fingerprints matched. If in operation 806 it is determined that the fingerprints match, then the system may continue with initialization in operation 808. If in operation 806 it is determined that the fingerprints do not match, then in operation 810 a security exception may occur.
  • An example security exception may interrupt the initialization of the device and/or the system, may trigger security safeguards in the system (e.g., lockouts, data encryption, etc.), may generate a notification to a user of the system, a manufacturer of the device/system, a reseller of the device/system regarding the failure to authenticate the device, etc.
  • operation 810 may be followed by operation 808 so that the system may continue with initialization despite the security exception. This may occur in instances where, for example, the security exception in operation 810 was able to protect the integrity of the system (e.g., to isolate any devices that could not be authenticated) without having to deactivate the entire system.
  • FIG. 6 and 8 illustrate operations according to different embodiments, it is to be understood that not all of the operations depicted in FIG. 6 and 8 are necessary for other embodiments. Indeed, it is fully contemplated herein that in other embodiments of the present disclosure, the operations depicted in FIG. 6 and 8, and/or other operations described herein, may be combined in a manner not specifically shown in any of the drawings, but still fully consistent with the present disclosure. Thus, claims directed to features and/or operations that are not exactly shown in one drawing are deemed within the scope and content of the present disclosure.
  • the phrase "A, B and/or C” can mean A; B; C; A and B; A and C; B and C; or A, B and C.
  • a list of items joined by the term "at least one of can mean any combination of the listed terms.
  • the phrases "at least one of A, B or C” can mean A; B; C; A and B; A and C; B and C; or A, B and C.
  • the terms “system” may refer to, for example, software, firmware and/or circuitry configured to perform any of the aforementioned operations.
  • Circuitry may comprise, for example, singly or in any combination, hardwired circuitry, programmable circuitry such as computer processors comprising one or more individual instruction processing cores, state machine circuitry, and/or firmware that stores instructions executed by programmable circuitry.
  • the modules may, collectively or individually, be embodied as circuitry that forms part of a larger system, for example, an integrated circuit (IC), system on- chip (SoC), desktop computers, laptop computers, tablet computers, servers, smartphones, etc.
  • IC integrated circuit
  • SoC system on- chip
  • any of the operations described herein may be implemented in a system that includes one or more storage mediums (e.g., non-transitory storage mediums) having stored thereon, individually or in combination, instructions that when executed by one or more processors perform the methods.
  • the processor may include, for example, a server CPU, a mobile device CPU, and/or other programmable circuitry. Also, it is intended that operations described herein may be distributed across a plurality of physical devices, such as processing structures at more than one different physical location.
  • the storage medium may include any type of tangible medium, for example, any type of disk including hard disks, floppy disks, optical disks, compact disk read-only memories (CD-ROMs), compact disk rewritables (CD- RWs), and magneto-optical disks, semiconductor devices such as read-only memories (ROMs), random access memories (RAMs) such as dynamic and static RAMs, erasable programmable read-only memories (EPROMs), electrically erasable programmable read-only memories (EEPROMs), flash memories, Solid State Disks (SSDs), embedded multimedia cards (eMMCs), secure digital input/output (SDIO) cards, magnetic or optical cards, or any type of media suitable for storing electronic instructions.
  • ROMs read-only memories
  • RAMs random access memories
  • EPROMs erasable programmable read-only memories
  • EEPROMs electrically erasable programmable read-only memories
  • flash memories Solid State Disks (SSDs), embedded multimedia cards (eMMC
  • this disclosure is directed hardware protection based on fabrication
  • an integrated circuit (IC) device may be configured to determine a string of logical values or "fingerprint" based at least on fabrication characteristics of the device.
  • An example device may comprise at least functional circuitry corresponding to the functional purpose of the device and hardware protection circuitry (HPC).
  • Example HPC may include interpreter circuitry and fingerprint circuitry.
  • the interpreter circuitry may measure at least one parameter (e.g., voltage) of at least one electronic component in the fingerprint circuitry, and in at least one embodiment, may compare voltages measured from different components in the fingerprint circuitry and then assign a logical one or zero to the fingerprint string based on the results of each component comparison.
  • Example electronic components may include transistors, resistors, etc. whose performance, may depend on the fabrication characteristics of the device.
  • the following examples pertain to further embodiments.
  • the following examples of the present disclosure may comprise subject material such as a device, a method, at least one machine -readable medium for storing instructions that when executed cause a machine to perform acts based on the method, means for performing acts based on the method and/or a system for hardware protection based on fabrication characteristics.
  • an integrated circuit device may comprise a substrate, functional circuitry fabricated on the substrate and hardware protection circuitry fabricated on the substrate, the hardware protection circuitry including at least fingerprint circuitry and interpreter circuitry to determine a fingerprint for the device based on fabrication characteristics of the fingerprint circuitry.
  • Example 2 may include the elements of example 1 , wherein the interpreter circuitry is to measure at least one voltage corresponding to at least one fabrication characteristic unit in the fingerprint circuitry.
  • Example 3 may include the elements of example 2, wherein the at least one fabrication characteristic unit comprises at least one electronic component dedicated only to fingerprint determination in the device.
  • Example 4 may include the elements of any of examples 1 to 3, wherein the interpreter circuitry is to compare voltages measured from at least two electronic components in the fingerprint circuitry.
  • Example 5 may include the elements of example 4, wherein a fingerprint string in the device comprises logical values corresponding to each voltage comparison and the interpreter circuitry is to assign a logical one to the fingerprint string if the two voltages satisfy a certain relationship, and to assign a logical zero to the fingerprint string if the two voltages do not satisfy the certain relationship.
  • Example 6 may include the elements of any of examples 4 to 5, wherein the certain relationship is that a first voltage of the two voltages is one of greater than or less than a second voltage of the two voltages.
  • Example 7 may include the elements of any of examples 4 to 6, wherein the certain relationship is that an absolute value of a difference between the two voltages is one of greater than or less than a criteria value.
  • Example 8 may include the elements of any of examples 4 to 7, wherein the at least two electronic components are transistors or resistors.
  • Example 9 may include the elements of any of examples 4 to 8, wherein the at least two electronic components include at least one of transistors or resistors.
  • Example 10 may include the elements of any of examples 4 to 9, wherein the at least two electronic components comprise groups of components each including at least a transistor coupled to a resistor.
  • Example 11 may include the elements of any of examples 4 to 10, where one of the at least two electronic components is designated as a reference, and each subsequent electronic component is compared to the reference.
  • Example 12 may include the elements of any of examples 1 to 11, wherein the interpreter circuitry comprises at least comparison circuitry and fingerprint forming circuitry.
  • Example 13 may include the elements of any of examples 1 to 12, wherein the interpreter circuitry comprises at least one of multiplexer circuitry, decoder circuitry or secure storage circuitry.
  • Example 14 may include the elements of any of examples 1 to 13, wherein the interpreter circuitry comprises legacy interface circuitry to cause the fingerprint to be written to fuse circuitry within the device.
  • Example 15 may include the elements of any of examples 1 to 14, wherein the hardware protection circuitry is to provide the fingerprint to an external tracking system during manufacture of the integrated circuitry device.
  • Example 16 may include the elements of example 15, wherein a system including the integrated circuit device is to obtain the fingerprint from the external tracking system to authenticate the integrated circuit device.
  • a method for formulating a fingerprint for an integrated circuit device may comprise initializing an integrated circuit device, initializing fingerprint determination in the device and determining a fingerprint for the device based on fabrication characteristics of the device.
  • Example 18 may include the elements of example 17, wherein determining a fingerprint based on fabrication characteristics comprises measuring a voltage for at least one electronic component in fingerprint circuitry in the device.
  • Example 19 may include the elements of example 18, wherein determining a fingerprint based on fabrication characteristics comprises assigning a logical one to a fingerprint string in the device if a first voltage and a second voltage measured from the fingerprint circuitry satisfy a certain relationship, the fingerprint string including logical values corresponding to each voltage comparison and assigning a logical zero to the fingerprint string if the first voltage and the second voltage do not satisfy the certain relationship.
  • Example 20 may include the elements of example 19, wherein the certain relationship is that the first voltage is one of greater than or less than the second voltage.
  • Example 21 may include the elements of any of examples 19 to 20, wherein the certain relationship is that an absolute value of a difference between the first voltage and the second voltage is one of greater than or less than a certain criteria value.
  • Example 22 may include the elements of any of examples 19 to 21, and may further comprise storing the fingerprint string.
  • Example 23 may include the elements of any of examples 17 to 22, and may further comprise attempting, in a system including at least the device, to authenticate the device based on the fingerprint, performing at least one security operation in the system based on authentication failing and allowing the system to continue within initialization based on authentication succeeding.
  • Example 24 may include the elements of example 23, and may further comprise performing at least one activity associated with a security exception based on the authentication failing.
  • Example 25 may include the elements of any of examples 17 to 24, and may further comprise providing the fingerprint to an external system during manufacture of the integrated circuit device.
  • example 26 there is provided a system including at least a device, the system being arranged to perform the method of any of the above examples 17 to 25.
  • example 27 there is provided a chipset arranged to perform the method of any of the above examples 17 to 25.
  • At least one machine readable medium comprising a plurality of instructions that, in response to be being executed on a computing device, cause the computing device to carry out the method according to any of the above examples 17 to 25.
  • at least one device configured for formulating a fingerprint, the at least one device being arranged to perform the method of any of the above examples 17 to 25.
  • a system for formulating a fingerprint for an integrated circuit device may comprise means for initializing an integrated circuit device, means for initializing fingerprint determination in the device and means for determining a fingerprint for the device based on fabrication characteristics of the device.
  • Example 31 may include the elements of example 30, wherein the means for determining a fingerprint based on fabrication characteristics comprise means for measuring a voltage for at least one electronic component in fingerprint circuitry in the device.
  • Example 32 may include the elements of example 31 , wherein the means for determining a fingerprint based on fabrication characteristics comprise means for assigning a logical one to a fingerprint string in the device if a first voltage and a second voltage measured from the fingerprint circuitry satisfy a certain relationship, the fingerprint string including logical values corresponding to each voltage comparison and means for assigning a logical zero to the fingerprint string if the first voltage and the second voltage do not satisfy the certain relationship.
  • the means for determining a fingerprint based on fabrication characteristics comprise means for assigning a logical one to a fingerprint string in the device if a first voltage and a second voltage measured from the fingerprint circuitry satisfy a certain relationship, the fingerprint string including logical values corresponding to each voltage comparison and means for assigning a logical zero to the fingerprint string if the first voltage and the second voltage do not satisfy the certain relationship.
  • Example 33 may include the elements of example 32, wherein the certain relationship is that the first voltage is one of greater than or less than the second voltage.
  • Example 34 may include the elements of any of examples 32 to 33, wherein the certain relationship is that an absolute value of a difference between the first voltage and the second voltage is one of greater than or less than a certain criteria value.
  • Example 35 may include the elements of any of examples 32 to 34, and may further comprise means for storing the fingerprint string.
  • Example 36 may include the elements of any of examples 30 to 35, and may further comprise means for attempting, in a system including at least the device, to authenticate the device based on the fingerprint, means for performing at least one security operation in the system based on authentication failing and means for allowing the system to continue within initialization based on authentication succeeding.
  • Example 37 may include the elements of example 36, and may further comprise means for performing at least one activity associated with a security exception based on the authentication failing.
  • Example 38 may include the elements of any of examples 30 to 36, and may further comprise means for providing the fingerprint to an external system during manufacture of the integrated circuit device.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Semiconductor Integrated Circuits (AREA)

Abstract

La présente invention concerne une protection matérielle basée sur des caractéristiques de fabrication. D'une manière générale, un dispositif à circuits intégrés (IC) peut être configuré pour déterminer une chaîne de valeurs logiques ou « d'empreinte digitale » sur la base au moins de caractéristiques de fabrication du dispositif. Un dispositif à titre d'exemple peut comprendre au moins une circuiterie fonctionnelle correspondant à l'objectif fonctionnel du dispositif et une circuiterie de protection matérielle (HPC). Une HPC à titre d'exemple peut comprendre une circuiterie d'interprétation et une circuiterie d'empreinte digitale. Par exemple, la circuiterie d'interprétation peut mesurer au moins un paramètre (par exemple, tension) d'au moins un composant électronique dans la circuiterie d'empreinte digitale, et dans au moins un mode de réalisation, peut comparer des tensions mesurées provenant de différents composants dans la circuiterie d'empreinte digitale, puis affecter un 1 ou 0 logique à la chaîne d'empreinte digitale sur la base des résultats de chaque comparaison de composants. Des composants électroniques à titre d'exemple peuvent comprendre des transistors, des résistances, etc. dont les performances peuvent dépendre des caractéristiques de fabrication du dispositif.
PCT/US2015/051345 2015-09-22 2015-09-22 Protection matérielle basée sur des caractéristiques de fabrication WO2017052505A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/US2015/051345 WO2017052505A1 (fr) 2015-09-22 2015-09-22 Protection matérielle basée sur des caractéristiques de fabrication
TW105124632A TW201721506A (zh) 2015-09-22 2016-08-03 基於生產特性之硬體保護

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/US2015/051345 WO2017052505A1 (fr) 2015-09-22 2015-09-22 Protection matérielle basée sur des caractéristiques de fabrication

Publications (1)

Publication Number Publication Date
WO2017052505A1 true WO2017052505A1 (fr) 2017-03-30

Family

ID=58386814

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2015/051345 WO2017052505A1 (fr) 2015-09-22 2015-09-22 Protection matérielle basée sur des caractéristiques de fabrication

Country Status (2)

Country Link
TW (1) TW201721506A (fr)
WO (1) WO2017052505A1 (fr)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8160244B2 (en) * 2004-10-01 2012-04-17 Broadcom Corporation Stateless hardware security module
WO2013173729A1 (fr) * 2012-05-18 2013-11-21 Cornell University Procédés et systèmes permettant de fournir des fonctions de sécurité de matériel au moyen de mémoires flash
US8868923B1 (en) * 2010-07-28 2014-10-21 Sandia Corporation Multi-factor authentication
US20150154421A1 (en) * 2013-12-04 2015-06-04 International Business Machines Corporation On-chip structure for security application
US20150161415A1 (en) * 2011-03-11 2015-06-11 Emsycon Gmbh Tamper-protected hardware and method for using same

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8160244B2 (en) * 2004-10-01 2012-04-17 Broadcom Corporation Stateless hardware security module
US8868923B1 (en) * 2010-07-28 2014-10-21 Sandia Corporation Multi-factor authentication
US20150161415A1 (en) * 2011-03-11 2015-06-11 Emsycon Gmbh Tamper-protected hardware and method for using same
WO2013173729A1 (fr) * 2012-05-18 2013-11-21 Cornell University Procédés et systèmes permettant de fournir des fonctions de sécurité de matériel au moyen de mémoires flash
US20150154421A1 (en) * 2013-12-04 2015-06-04 International Business Machines Corporation On-chip structure for security application

Also Published As

Publication number Publication date
TW201721506A (zh) 2017-06-16

Similar Documents

Publication Publication Date Title
US10432627B2 (en) Secure sensor data transport and processing
US9998488B2 (en) Protection system including machine learning snapshot evaluation
US11334502B2 (en) Memory protection based on system state
EP3036621B1 (fr) Application de fonctions physiquement inclonables (puf) basées sur un temps de transmission pour masquer le fonctionnement de puf basées sur une mémoire afin de résister à des attaques invasives et par clones
EP3646223B1 (fr) Attestation à distance pour processeur multicoeur
US20170357829A1 (en) Integrated circuit, mobile device having the same, and hacking preventing method thereof
US20160283748A1 (en) Flexible counter system for memory protection
US10185633B2 (en) Processor state integrity protection using hash verification
CN107077560B (zh) 用于建立安全工作空间的所有权的系统
EP3314416B1 (fr) Répartition de bloc de micrologiciel fondé sur des plombs
TW201833764A (zh) 安全影像之選擇性修復及鑑認
EP3292501B1 (fr) Détection d'attaque par surveillance de retard de signal
EP4307149A2 (fr) Système sur puce et dispositif électronique le comprenant
US20160300051A1 (en) Content protection system using biometric authentication
US20200235917A1 (en) Shared secret generation
WO2017052505A1 (fr) Protection matérielle basée sur des caractéristiques de fabrication
US11520662B2 (en) Recovery from corruption

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15904852

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15904852

Country of ref document: EP

Kind code of ref document: A1