August_EDFA_Digital
edfas.org 19 ELECTRONIC DEVICE FAILURE ANALYSIS | VOLUME 21 NO. 3 debugging port elimination can make firmware extrac- tion more difficult. Challenges involved with reverse engineering are twofold and involve opposing goals: 1) the need to develop reverse engineering as an effective tool for trust verification and failure analysis, and 2) how to implement countermeasures that protect the chip/PCB/software/bit- stream from reverse engineering. Each has its own issues and complications. The most prevalent challenge involves automation at the various stages of complete chip reverse engineer- ing. Although delayering and imaging tools have been developed to capture submicron-level features, human operator involvement is required for tool function due to the wide range of fabrication processes, layer thick- nesses, materials, and device structures. Considering recent advancements in the automation of imaging and delayering tools, [9] the concept of intelligent microscopy is of interest to many in this community. An intelligent microscope candelayer and image ICs automatically, store the images, and collect themwith low resolution without spending a lot of time on regions where the features are larger. These microscopes can save significant imaging anddelayering time for reverse engineering. Imaging time can be reduced with compressed sensing—the process of reconstructing an image from a series of random sampling. [10] In addition, post-processing such as image compression, stitching, and annotation has not been fully automated yet, although progress is beingmade. Efficient and reliable decapsulation and delayering are also nec- essary for subsequent imaging steps. The challenge of exposing a die or PCB evenly at each layer is required to mitigate imaging and feature extraction challenges. To achieve this, research groups and companies are combin- ing chemical and physical polishing/etching techniques according to the different properties of materials in the devices. FIB is also used as an alternative technique for delayering. Compared to traditional polishing/etching, FIB delayering is generally slower but allows in situ SEM examination, making it convenient for removing a small material volume. Netlist and circuit extraction methods still require operator involvement at different stages of gate identification. Obfuscation techniques such as logic locking and camouflaging have been proposed as an anti-reverse engineering technology. However, the literature does not suggest any benchmark or matrix for analyzing the strength and applicability of existing countermeasures for reverse engineering. ELECTRICAL PROBING AND CIRCUIT EDIT Electrical probing inspection/attack directly probes a signal wire for extracting information, e.g., plaintext or encryption keys from a chip/PCB/FPGA using micro or nano probes. The circuit edit can permanentlymodify the connection in the chip layout using an FIB for producing a site for probing. (a) (b) (c) Fig. 3 (a) Front side milling at normal angles—milling from back end of line through covering wires (purple and green) to reach target wires (blue); (b) electrical probing of a single PMOS transistor; [12] and (c) schematic of the EBIC characterization principle.
Made with FlippingBook
RkJQdWJsaXNoZXIy NzM5NjA4