May_EDFA_Digital

edfas.org 31 ELECTRONIC DEVICE FAILURE ANALYSIS | VOLUME 21 NO. 2 control over ion-energy distribution, thereby improving selection and automation in delayering. Further, the introduction of non-destructive x-ray tomography and ptychography in recent years can eliminate the process of delayering and therefore speed up imaging time for the upper metal layers of an IC. New scanning electronic microscopes (SEMs), such as the Zeiss multi-beam system, were recently introduced to significantly speed up imaging of nanoscale samples. However, they are not widely available and are consider- ably more expensive than standard SEMs. In addition, because such tools could yield petabytes of data in just one day, research on automated and intelligent image analysis algorithms is urgently needed to reduce the time and cost of electronic systems RE. This article systemati- cally reviews the current challenges for image analysis in RE and introduces a framework for how image analysis andmachine learning can help address these challenges. ADDRESSING TRUST AND ASSURANCE THROUGH RE Counterfeit and tampered ICs pose serious threats to hardware-based trust and assurance. In particular, cloned chips and hardware Trojans can violate security requirements of root-of-trust by altering physical integ- rity and electronic component confidentiality. Cloning is the process of copying and unauthorized production of a design without legal IP. An adversary can RE a COTS chip and produce a cloned device. Anymaliciousmodification of the structure, functionality, or parameters of the chip that causes the device to operate outside of its specifica- tion can be identified as a hardware Trojan. As an example, in October 2018 it was claimed that unauthorizedmicrochips were found in amanufacturer’s products that provided Apple, Amazon, and even the U.S. government with specialized servers. [13] This illustrates the need for verification of the physical, hardware-based roots-of-trust. As reported in an IEEE Spectrum article, [13] security experts suspected that the assembly facility ownedby Supermicromight have inserted the chip, which could be a backdoor for spying on information exchanged over networks equipped with the altered servers. Such an attack, i.e., adding an extra chip maliciously, severely affects the confidentiality of a system, and more impor- tantly its survivability, due to the high degree of com- plexity and the obstacles typically involved in revealing the existence of such threats and recovering the system from them. Advances in RE automation can help security experts identify this type of threat more quickly, as well as detect cloned ICs or hardware Trojans. [14] As shown in Fig. 1, applications of RE in addressing trust and assurance-related issues are twofold, namely detection and avoidance. In the detection process, incom- ing electronic components undergoaphysical or electrical inspection to examine authenticity. As RE is an interior, physical inspection-based approach, to decide whether a chip is cloned or to detect a Trojan, one should rely on the availability of golden data. Golden data can be a chip or layout whose functionality and structural and electrical parametric signature is available for comparison. A layout is determined to be “golden” if the IP holder and SoC designer are authorized and trusted. [4] A golden layout can provide a benchmark for assessing the functionality of the chip or analyzing its physical structure. However, it does not provide any reference for side-channel parametric pro- files, e.g., power, path timing, electromagnetic signature, and photonic emission, which can only be characterized by using a fabricated chip. Therefore, variousmethodolo- gies for detecting hardware Trojans and cloned chips rely on the availability of a golden chip. A chip is considered goldenwhen it is either fabricated from a golden layout in a trusted facility or its function- ally and physical characteristics are verified through full-blown RE. [4] The primary concern regarding fabricat- ing a golden chip in a trusted facility is the prohibitive cost. Additionally, the parametric profile of the golden chip differs from the same parametric profile of devices produced in another facility for the same technology node, even within the same fabrication facility. Under this scenario, automated RE can be a promising alterna- tive to identify a chip as golden. In the presence of data derived froma golden chip, differentmethodologies, such as a structural test comparison between a suspected chip and golden chip/layout test, can be deployed to identify Fig. 1 Taxonomy of approaches for addressing trust and assurance issues based on RE.

RkJQdWJsaXNoZXIy MjA4MTAy