edfas.org 25 ELECTRONIC DEV ICE FA I LURE ANALYSIS | VOLUME 24 NO . 4 an array of top and bottom electrodes. Polymer memory stores data based on high or lowconductivity, while corresponding to an applied voltage. Most polymers are organic materials consisting of long chains of singlemolecules.[4]. The conductivityof anorganic layer is changedby applying a voltage across the memory cell, allowing bits of data to be stored in the polymer. Mott memory uses materials that have properties of both a metal and an insulator. The electronic structural phase change in thin oxide films determines the behavior of the memory, which is dependent on a thermodynamic driving force.[5] With external stimulation, kinetic energy is less than the thermodynamic driving force. This allows a transition in resistivity from insulating tometallic levels. The nonvolatile behavior of thememory is determined by the higher kinetic energy barrier. Lastly, nano-RAM (NRAM) is a memory based on car- bon nanotubes (CNTs) that work on a nanomechanical concept, rather than a change in material characteristics. When CNTs act as freestanding, no conduction channel exists between the bottom and top electrodes. This represents a cell “OFF” state.[4] When a high voltage is applied across the cell, the nanotubes are attracted by van der Waals forces and connect to the bottomelectrode, forcing the cell to an “ON” state. EXAMPLE ATTACKS ON MEMORY DEVICES Data remanence attack: It is also noteworthy that in terms of volatile memory, engineers previously established the fundamental concept that memory contents are no longer retained when the chip loses power. In reality, due to the property of data remanence, the chip gradually loses itsmemory contents over a period of time at normal operating temperature, even when the chip is powered off. Since data retention characteristics are a functionof temperature, data canpersist formanyminutes or even hours. Temperatures below -20° are considered to be data-frozen, which increases data retention time.[9] With availability of chip devices, retained data can be recoveredby nondestructive techniques, threatening data confidentiality even for volatile memories when the chip is powered off. Floating gate cells sensitive to UV light: As discussed, EEPROM and Flash memories store data by employing floating gate (FG) technology, as the bit value is determined by the presence or absence of electrons in the gate. EEPROMmemory cells aremodifiedbyexposing toUV light for several tens of minutes. By providing sufficient energy from UV light to trap electrons in FG, the cell can be discharged, and the value of the bit changed from “1” to “0” (going from ”0” to “1” is not possible with UV radiation). This signifies that floating gatememories such as EEPROM and flash cells are vulnerable to UV light,[10] violating the data integrity of floating gate technology based memory. SECURITY VULNERABILITIES OF NVM TO PHYSICAL ATTACKS THREAT MODEL As discussed earlier, nonvolatile memory can store security sensitive data in a system-on-chip (SoC) or an embedded system. An attacker’s goal is to extract the asset stored inside the NVM cells. The adversary can be any entity who has possession of the chip containing the secret data. With access to advanced failure analysis tools, which can be rented for a few hundred dollars an hour, the attacker has enormous capabilities to either read the data in the NVM or inject a fault into storage. Having knowledge about the functionality of the target NVM device is an important factor, since this helps the attacker identify which physical modality would be the most effective for the specific target. Additionally, it should be noted that for a successful reverse engineering of data from the target device, it must be assumed that the data is stored in plain text. Otherwise, the adversary will be left with the encrypted cipher of the asset rather than the asset itself. This paper considers that the attack surface is specific to only NVMs and that the device under attack (DUA) must not be tamper-proof. Some of the discussed physical modalities require tampering of the device under test (DUT) package as part of sample preparation. If the DUT is tamperproof, it can erase the stored asset Table 1 Possible attacking scenario on NVM Adversary Assets Attack vectors Threats End user Configuration bitstream Laser stimulation Data confidentiality and integrity violation Logic locking key Cryptographic key Firmware Secret data MOCI, QDM Integrity violation and denial of services (DOS) sMIM, SCM Confidentiality violation SEM/STEM (EDS) Confidentiality violation
RkJQdWJsaXNoZXIy MTMyMzg5NA==