laser fault injection at the cmos 28 nm …conferenze.dei.polimi.it/fdtc18/shared/fdtc...
TRANSCRIPT
![Page 1: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/1.jpg)
Laser Fault Injection at the CMOS 28 nm Technology Node: an Analysis of the Fault Model
FDTC 2018
J.M. Dutertre1, V. Beroulle2, P. Candelier3, S. De Castro1,4, L.B. Faber3, M.L. Flottes4, P. Gendrier3, D. Hély2, R. Leveugle5, P. Maistri5, G. Di Natale4, A. Papadimitriou2, B. Rouzeyre4
Amsterdam, The Netherlands — Thursday, September 13, 2018
(1) (2) (3) (4) (5)
![Page 2: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/2.jpg)
Position of the problem
! A brief history of laser fault injection
1997 Boneh et al. introduced fault attacks Hardware attack of crypto./secure devices
2002 Skorobogatov et al. introduced laser fault inject. Secure devices: CMOS 350 nm One single transistor under a laser beam (1 µm)
2018 Continuous scale down of CMOS technology Secure devices: CMOS 40 nm SoC: CMOS 14 nm
1965 Habing introduced laser emulation of SEE Emulation of radiation induced Single Event Effects
Several logic gates under a laser beam (1 µm) 2
![Page 3: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/3.jpg)
SRAM
0.35 µm
130 nm
90 nm
65 nm
1 µm
MOS transistor Technology
Laser spot
28 nm
! LFI accuracy vs. CMOS scale down
Position of the problem
3
![Page 4: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/4.jpg)
SRAM
0.35 µm
130 nm
90 nm
65 nm
1 µm
MOS transistor Technology
Laser spot
28 nm
Simultaneous flip of several SRAMs?
Position of the problem
! LFI accuracy vs. CMOS scale down
4
![Page 5: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/5.jpg)
Position of the problem
! Importance of the fault model LFI considered as an accurate fault injection technique:
• physical location (gates under/close to the laser spot),
• injection time (regarding the course of an algorithm),
• nb. of faulted bits/bytes,
• additional information leakage (data dependence).
Makes it possible to meet the (sometimes strong) requirements of FA and DFA schemes.
Does CMOS technology scale down reduce the accuracy of the laser fault injection fault model?
5
![Page 6: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/6.jpg)
This talk
! Fault model of LFI at the CMOS 28 nm tech. node
On an experimental basis (custom test chip)
" Single-bit/single-byte fault model
" Data dependence: bit-flip vs bit-set/reset fault model
" Static LFI on D flip-flops
" Dynamic LFI on an AES encryption unit
6
![Page 7: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/7.jpg)
Agenda
I. Introduction II. Theory of laser fault injection
Physics and basics of laser fault injection
Fault models of LFI
V. Conclusion
III. Static LFI experimental results Setup, results, analysis
IV. Dynamic LFI experimental results Setup, results, analysis
7
![Page 8: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/8.jpg)
Agenda
I. Introduction II. Theory of laser fault injection
Physics and basics of laser fault injection
Fault models of LFI
V. Conclusion
III. Static LFI experimental results Setup, results, analysis
IV. Dynamic LFI experimental results Setup, results, analysis
8
![Page 9: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/9.jpg)
! Physics of laser fault injection
II. Theory of laser fault injection
" Photoelectric effect: from a laser pulse to transient current generation (in reverse biased PN junction)
Current (mA)
Current peak
Drift current
Time (ns)
Transient current
Drain ( VDD )
N+ diffusion
Laser
- + + +
+ + + + +
- +
- - -
- -
-
Depletion region E
P substrate (Gnd)
9
![Page 10: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/10.jpg)
laser beam
P substrate
N well
P+
Cout ‘1’
to Vdd
P+ N+ N+ N+ P+
to Gnd
in ‘0’
NMOS PMOS
Metal 1 MOS gate
OFF ON
" Fault injection mechanism (the inverter case)
II. Theory of laser fault injection
from a transient current to a voltage transient (a.k.a. SET, single event transient)
10
![Page 11: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/11.jpg)
laser beam
P substrate
N well
P+
Cout ‘1’
to Vdd
P+ N+ N+ N+ P+
to Gnd
in ‘0’
NMOS PMOS
Metal 1 MOS gate
OFF ON
" Fault injection mechanism (the inverter case)
II. Theory of laser fault injection
=> ‘0’
from a transient current to a voltage transient (a.k.a. SET, single event transient)
11
![Page 12: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/12.jpg)
P substrate
N well
P+
Cout ‘1’
to Vdd
P+ N+ N+ N+ P+
to Gnd
in ‘0’
NMOS PMOS
Metal 1 MOS gate
OFF ON
" Fault injection mechanism (the inverter case)
II. Theory of laser fault injection
=> ‘0’
from a transient current to a voltage transient (a.k.a. SET, single event transient)
12
![Page 13: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/13.jpg)
P substrate
N well
P+
Cout ‘1’
to Vdd
P+ N+ N+ N+ P+
to Gnd
in ‘0’
NMOS PMOS
Metal 1 MOS gate
Laser sensitive areas: OFF transistors’ drains (reversed biased PN junctions)
OFF ON
" Fault injection mechanism (the inverter case)
II. Theory of laser fault injection
from a transient current to a voltage transient (a.k.a. SET, single event transient)
13
![Page 14: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/14.jpg)
" Fault injection mechanism
II. Theory of laser fault injection
from a voltage transient to an actual fault
1. logic,
2. memory element (D flip-flop, SRAM)
Two mechanisms depending on the voltage transient location:
14
![Page 15: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/15.jpg)
" Fault injection mechanism – target: combinatorial logic
II. Theory of laser fault injection
from voltage transient to fault
IN
Laser illumination
15
![Page 16: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/16.jpg)
Voltage transient
" Fault injection mechanism – target: combinatorial logic
II. Theory of laser fault injection
from voltage transient to fault
IN
Laser illumination
16
![Page 17: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/17.jpg)
The fault injection process depends both on: • the injection time,
• the voltage transient duration.
Voltage transient
" Fault injection mechanism – target: combinatorial logic
II. Theory of laser fault injection
from voltage transient to fault
FAULT
IN
Laser illumination
17
![Page 18: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/18.jpg)
Mn2
ENb EN
Mpt1
Mn1
Mp1
Mp2
ENbEN
gnd
Vdd
gnd
Vdd
Qb
LATCH_OUT
Mnt2
Q
LATCH_IN
Mnt1
Mpt2
II. Theory of laser fault injection
from voltage transient to fault (SEU: single event upset)
0
= 1 (state 1)
SEU sensitive for Q = 0
0
" Fault injection mechanism – target: D latch
18
![Page 19: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/19.jpg)
Mn2
ENb EN
Mpt1
Mn1
Mp1
Mp2
ENbEN
gnd
Vdd
gnd
Vdd
Qb
LATCH_OUT
Mnt2
Q
LATCH_IN
Mnt1
Mpt2
II. Theory of laser fault injection
from voltage transient to fault (SEU: single event upset)
0
= 1 => 0
SEU sensitive for Q = 0
0
" Fault injection mechanism – target: D latch
19
![Page 20: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/20.jpg)
Mn2
ENb EN
Mpt1
Mn1
Mp1
Mp2
ENbEN
gnd
Vdd
gnd
Vdd
Qb
LATCH_OUT
Mnt2
Q
LATCH_IN
Mnt1
Mpt2
" Fault injection mechanism – target: D latch
II. Theory of laser fault injection
from voltage transient to fault (SEU: single event upset)
0 => 1
= 1 => 0
SEU sensitive for Q = 0
0 => 1
20
![Page 21: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/21.jpg)
Mn2
ENb EN
Mpt1
Mn1
Mp1
Mp2
ENbEN
gnd
Vdd
gnd
Vdd
Qb
LATCH_OUT
Mnt2
Q
LATCH_IN
Mnt1
Mpt2
II. Theory of laser fault injection
from voltage transient to fault (SEU: single event upset)
1
= 0 (state 0)
SEU sensitive for Q = 0
1
SEU sensitive for Q = 1
" Fault injection mechanism – target: D latch
Note the data dependence of the laser sensitive areas. 21
![Page 22: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/22.jpg)
Agenda
I. Introduction II. Theory of laser fault injection
Physics and basics of laser fault injection
Fault models of LFI
V. Conclusion
III. Static LFI experimental results Setup, results, analysis
IV. Dynamic LFI experimental results Setup, results, analysis
22
![Page 23: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/23.jpg)
! Fault model: mathematical expression at bit level
II. Theory of laser fault injection
" bit-flip (usual fault model, data independent)
€
b → not(b)
23
![Page 24: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/24.jpg)
" bit-set/reset fault model (data dependent)
€
if b = 0 → b = 1if b = 1→ b = 1
! Fault model: mathematical expression at bit level
II. Theory of laser fault injection
bit-set
€
if b = 0 → b = 0if b = 1→ b = 0
bit-reset
Provide additional information on the original bit value
Safe error attack (e.g. retrieveing memory bits)
24
![Page 25: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/25.jpg)
Vdd
Gnd
LATC
H_I
N
Mp1
Mn1 Mn2
Mp2 Mpt2
Mnt2
Mpt1
Mnt1
QQb
Laser spot size/effect area: 1µm
" bit-set/reset fault model: D latch layout vs. laser effect area
II. Theory of laser fault injection
One laser sensitive area exposed
bit-set/reset fault model
Laser sensitive areas: SEU sensitive for Q = 1 SEU sensitive for Q = 0
Metal 1 MOS gate Diffusion 25
![Page 26: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/26.jpg)
Vdd
Gnd
Q
LATC
H_I
N
Mp1
Mn1 Mn2
Mp2 Mpt2
Mnt2
Mpt1
Mnt1
Qb
Laser spot size/effect area:
3 µm
II. Theory of laser fault injection
Overlaps of laser sensitive areas
bit-flip fault model
" bit-set/reset fault model: Dff layout vs. laser effect area
Laser sensitive areas: SEU sensitive for Q = 1 SEU sensitive for Q = 0
Overlaps
Metal 1 MOS gate Diffusion 26
![Page 27: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/27.jpg)
" 2015, B. Selmke et al.: 45 nm SRAM (FPGA)
" 2015, C. Champeix et al.: 40 nm D flip-flop
" Both consistent with single-bit and bit-set/reset fault models
II. Theory of laser fault injection
! Experimental state of the art
Bit Reset Bit Set
Missing fault area
Master Slave
Illustration for D flip-flop:
- 4 SEU sensitive areas of master latch (clk = 1),
- 3 SEU sensitive areas of slave latch (clk = 0).
B. Selmke et al., “Precise laser fault injections into 90 nm and 45 nm sram-cells,” CARDIS 2015. C. Champeix et al., “SEU sensitivity and modeling using pico-second pulsed laser stimulation of a D Flip-Flop in 40 nm CMOS technology,” DFTS 2015.
27
![Page 28: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/28.jpg)
Agenda
I. Introduction II. Theory of laser fault injection
Physics and basics of laser fault injection
Fault models of LFI
V. Conclusion
III. Static LFI experimental results Setup, results, analysis
IV. Dynamic LFI experimental results Setup, results, analysis
28
![Page 29: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/29.jpg)
III. Static LFI experimental results
! Experimental setup
29
![Page 30: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/30.jpg)
! Experimental setup
• Backside injection
• Pulse width: 30 ps – up to 100 nJ
• Wavelength: 1,030 nm
• Pulse width: ns – 5-50 ns, max. power 1 W – 50 ns – 1 s, max. power 3 W
• Wavelength: 1,064 nm
• Spot size: 1µm or 5 µm
III. Static LFI experimental results
30
![Page 31: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/31.jpg)
x y
Laser head
! Experiments description
Laser fault sensitivity maps drawing (colors according to the fault model)
III. Static LFI experimental results
31
![Page 32: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/32.jpg)
! Custom D flip-flop registers, CMOS 28 nm
III. Static LFI experimental results
32
![Page 33: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/33.jpg)
! Custom D flip-flop registers, CMOS 28 nm
" Matrix shaped shift register with 64 D flip-flops
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#Q#
Dff#
vdd#
gnd#
clk# D#
Q#
Dff#
vdd#
gnd#
clk# D#
Q#
Dff#
vdd#
gnd#
clk# D#
Q#
Inpu
t&Outpu
t&
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#Q#
Dff#
vdd#
gnd#
clk# D#
Q#
Dff#
vdd#
gnd#
clk# D#
Q#
Dff#
vdd#
gnd#
clk# D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#Q#
Dff#
vdd#
gnd#
clk# D#
Q#
Dff#
vdd#
gnd#
clk# D#
Q#
Dff#
vdd#
gnd#
clk# D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#Q#
Dff#
vdd#
gnd#
clk# D#
Q#
Dff#
vdd#
gnd#
clk# D#
Q#
Dff#
vdd#
gnd#
clk# D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#Q#
Dff#
vdd#
gnd#
clk# D#
Q#
Dff#
vdd#
gnd#
clk# D#
Q#
Dff#
vdd#
gnd#
clk# D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#Q#
Dff#
vdd#
gnd#
clk# D#
Q#
Dff#
vdd#
gnd#
clk# D#
Q#
Dff#
vdd#
gnd#
clk# D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#Q#
Dff#
vdd#
gnd#
clk# D#
Q#
Dff#
vdd#
gnd#
clk# D#
Q#
Dff#
vdd#
gnd#
clk# D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#Q#
Dff#
vdd#
gnd#
clk# D#
Q#
Dff#
vdd#
gnd#
clk# D#
Q#
Dff#
vdd#
gnd#
clk# D#
Q#
Dff
vdd
gnd
clk
D Q
~ 4.3 µm
~ 1.
2 µm
- DFF: ~ 40 transistors,
- large output buffer
III. Static LFI experimental results
33
![Page 34: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/34.jpg)
! Custom D flip-flop registers, CMOS 28 nm
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Input&
Output&
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
bit reset (1 # 0)
slave latch (clk = 0)
" spot 1 µm / 30 ps / 0.5 nJ / ∆xy = 1 µm / backside
III. Static LFI experimental results
[µm] 34
![Page 35: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/35.jpg)
[µm]
! Custom D flip-flop registers, CMOS 28 nm Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Input&
Output&
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd#
clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
Dff#
vdd#
gnd# clk#
D#
Q#
" 3D view at 1 nJ # faulted bits
rank
# in
shi
ft re
gist
er
III. Static LFI experimental results
[µm]
35
![Page 36: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/36.jpg)
! Custom D flip-flop registers, CMOS 28 nm
" in-line shift register with 10 D flip-flops
Dff
vdd
gnd
clk
D Q Dff
vdd
gnd
clk
D Q Dff
vdd
gnd
clk
D Q Dff
vdd
gnd
clk
D Q Dff
vdd
gnd
clk
D Q Dff
vdd
gnd
clk
D Q Dff
vdd
gnd
clk
D Q Dff
vdd
gnd
clk
D Q Dff
vdd
gnd
clk
D Q Dff
vdd
gnd
clk
D Q
III. Static LFI experimental results
36
![Page 37: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/37.jpg)
! Custom D flip-flop registers, CMOS 28 nm
clk = 0 (slave latch) clk = 1 (master latch)
" spot 1 µm / 30 ps / 0.5 nJ / ∆xy = 0.2 µm / backside
III. Static LFI experimental results
[µm] [µm]
[µm
]
37
![Page 38: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/38.jpg)
! Memory elements, static test – Conclusion Bit-set/reset fault model = relevant
Single-bit fault model experimentally assessed with a laser at the CMOS 28 nm node for 1 µm and 5 µm (see table below) laser spots.
III. Static LFI experimental results
![Page 39: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/39.jpg)
Agenda
I. Introduction II. Theory of laser fault injection
Physics and basics of laser fault injection
Fault models of LFI
V. Conclusion
III. Static LFI experimental results Setup, results, analysis
IV. Dynamic LFI experimental results Setup, results, analysis
39
![Page 40: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/40.jpg)
! Test chips CMOS 28 nm " Target: AES implementation (with parity-based CM, 100 MHz)
• IR microphotography (rear side), obj. x20
IV. Dynamic LFI experimental results
40
![Page 41: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/41.jpg)
! Experimental setup
• Backside injection
• Pulse width: 30 ps – up to 100 nJ
• Wavelength: 1,030 nm
• Pulse width: ns – 5-50 ns, max. power 1 W – 50 ns – 1 s, max. power 3 W
• Wavelength: 1,064 nm
• Spot size: 1µm or 5 µm
IV. Dynamic LFI experimental results
41
![Page 42: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/42.jpg)
" Hardware AES-128, CMOS 28nm, Vdd = 1.2V, 100MHz Exp.: 5 µm spot, 10 ns, 0.6-1.0 W, ∆xy = 1µm
26,380 faulted cipher texts
Unidentified faults: 6,574 (24.9 %) mainly 5 – 8 faulty bytes (up to12)
Identified faults: 19,806 single-byte faults
IV. Dynamic LFI experimental results
[µm] 42
![Page 43: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/43.jpg)
" Hardware AES-128, CMOS 28nm, Vdd = 1.2V, 100MHz
# faulted bits Occurrence
1 19,413
2 278
3 27
4 48
5 38
6 1
Single-byte faults analysis
IV. Dynamic LFI experimental results
Exp.: 5 µm spot, 10 ns, 0.6-1.0 W, ∆xy = 1µm
[µm] # faulted bits
Exp. single-bit LFI rate: 73.6 %
43
![Page 44: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/44.jpg)
Agenda
I. Introduction II. Theory of laser fault injection
Physics and basics of laser fault injection
Fault models of LFI
V. Conclusion
III. Static LFI experimental results Setup, results, analysis
IV. Dynamic LFI experimental results Setup, results, analysis
44
![Page 45: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/45.jpg)
Conclusion
! Exp. LFI fault model analysis at CMOS 28 nm
! Single-bit: static & dynamic tests (~ 70% success rate)
1 µm & 5 µm laser spot size
ps & ns laser pulse duration
! Data dependence: bit-set/reset on D flip-flops
well defined sensitive areas
Single-bit & Bit-set/reset are still actual and practical fault models at advanced CMOS technology nodes (28 nm).
Q? Does it still holds at the CMOS 14 nm node? 45
![Page 46: Laser Fault Injection at the CMOS 28 nm …conferenze.dei.polimi.it/FDTC18/shared/FDTC 2018...Position of the problem ! A brief history of laser fault injection 1997 Boneh et al. introduced](https://reader033.vdocuments.net/reader033/viewer/2022050304/5f6d09a61230c21e0165348e/html5/thumbnails/46.jpg)
Thank you for your attention
J.M. Dutertre1, V. Beroulle2, P. Candelier3, S. De Castro1,4, L.B. Faber3, M.L. Flottes4, P. Gendrier3, D. Hély2, R. Leveugle5, P. Maistri5, G. Di Natale4, A. Papadimitriou2, B. Rouzeyre4
(1) (2) (3) (4) (5)
Work funded by the ANR: LIESSE project ANR-12-INS-0008-01