Simulation for Reliability, Hardware Security, and Ising Computing in VLSI Chip Design

The continued scaling of VLSI circuits has provided a wealth of opportunities andchallenges to the VLSI circuit design area. Both these challenges and opportunities, however,require new simulation tools that can enable their solution or exploitation as classicalmethods typically dealt with problem domains with smaller scales or less complexity. Inthis dissertation, simulation methods are presented to address the emerging VLSI designtopics of Electromigration induced aging and Ising computing and are then applied to theapplication areas of hardware security and graph partitioning respectively.The Electromigration aging effect in VLSI circuits is a long-term reliability issueaffecting current carrying metal wires leading to IR drop degradation. Typically, simpleanalytical equations can determine a wire’s effective age or if it will be affected by the EMaging effect at all. However, these classical methods are overly conservative and can lead toover design or unnecessary design iterations. Furthermore, it is expected that the EM agingeffect will become more severe in future Integrated Cirucits (ICs) due to increasing currentdensities and the prevalance of polycrystaline copper atom structures seen at small wiredimensions. For this reason, more comprehensive simulation techniques that can efficientlysimulate the EM effect with less conservative results can help mitigate overdesign andincrease design margins while reducing design iterations.The area of Hardware Security is becoming increasingly important as the chipsupply chain becomes more globalized and the integrity of chips becomes more diffiuclt toverify. Utilizing the accurate simulation techniques for EM, we can utilize this reliabilityeffect to demonstrate how a reliability based attack could be perpatrated. Furthermore, wecan utilize this aging effect as a defense mechanism to help us validate the integrity of anIC and detect counterfeit chips in the component supply chain market.Ising computing is an emerging method of solving combinatorial optimization problemsby simulating the interactions of so-called spin glasses and their interactions. Borrowingconcepts from quantum computing, this methods mimics the quantum interaction betweenspin glasses in such a way that finding a ground state of these spin glass models leadsto the solution of a particular problem. In this dissertation, effective methods of simulatingthe spin glass interactions using General Purpose Graphics Processing Units (GPGPUs)and finding their ground state are developed.In addition to the GPU based Ising model simulations, important combinatorialproblems can be mapped to the Ising model. In this dissertation the Ising solver is appliedto graph partitioning which can be utilized in VLSI design and many other domains as well.Specifically, solvers for the maxcut problem and the balanced min-cut partitioning problemare developed

A Non-invasive Technique to Detect Authentic/Counterfeit SRAM Chips

Many commercially available memory chips are fabricated worldwide in untrusted facilities. Therefore, a counterfeit memory chip can easily enter into the supply chain in different formats. Deploying these counterfeit memory chips into an electronic system can severely affect security and reliability domains because of their sub-standard quality, poor performance, and shorter lifespan. Therefore, a proper solution is required to identify counterfeit memory chips before deploying them in mission-, safety-, and security-critical systems. However, a single solution to prevent counterfeiting is challenging due to the diversity of counterfeit types, sources, and refinement techniques. Besides, the chips can pass initial testing and still fail while being used in the system. Furthermore, existing solutions focus on detecting a single counterfeit type (e.g., detecting recycled memory chips). This work proposes a framework that detects major counterfeit static random-access memory (SRAM) types by attesting/identifying the origin of the manufacturer. The proposed technique generates a single signature for a manufacturer and does not require any exhaustive registration/authentication process. We validate our proposed technique using 345 SRAM chips produced by major manufacturers. The silicon results show that the test scores ($F_{1}$ score) of our proposed technique of identifying memory manufacturer and part-number are 93% and 71%, respectively.Comment: This manuscript has been submitted for possible publication. Copyright may be transferred without notice, after which this version may no longer be accessibl

Towards the Avoidance of Counterfeit Memory: Identifying the DRAM Origin

Due to the globalization in the semiconductor supply chain, counterfeit dynamic random-access memory (DRAM) chips/modules have been spreading worldwide at an alarming rate. Deploying counterfeit DRAM modules into an electronic system can have severe consequences on security and reliability domains because of their sub-standard quality, poor performance, and shorter life span. Besides, studies suggest that a counterfeit DRAM can be more vulnerable to sophisticated attacks. However, detecting counterfeit DRAMs is very challenging because of their nature and ability to pass the initial testing. In this paper, we propose a technique to identify the DRAM origin (i.e., the origin of the manufacturer and the specification of individual DRAM) to detect and prevent counterfeit DRAM modules. A silicon evaluation shows that the proposed method reliably identifies off-the-shelf DRAM modules from three major manufacturers

Flash-based security primitives: Evolution, challenges and future directions

Over the last two decades, hardware security has gained increasing attention in academia and industry. Flash memory has been given a spotlight in recent years, with the question of whether or not it can prove useful in a security role. Because of inherent process variation in the characteristics of flash memory modules, they can provide a unique fingerprint for a device and have thus been proposed as locations for hardware security primitives. These primitives include physical unclonable functions (PUFs), true random number generators (TRNGs), and integrated circuit (IC) counterfeit detection. In this paper, we evaluate the efficacy of flash memory-based security primitives and categorize them based on the process variations they exploit, as well as other features. We also compare and evaluate flash-based security primitives in order to identify drawbacks and essential design considerations. Finally, we describe new directions, challenges of research, and possible security vulnerabilities for flash-based security primitives that we believe would benefit from further exploration

Ingress of threshold voltage-triggered hardware trojan in the modern FPGA fabric–detection methodology and mitigation

The ageing phenomenon of negative bias temperature instability (NBTI) continues to challenge the dynamic thermal management of modern FPGAs. Increased transistor density leads to thermal accumulation and propagates higher and non-uniform temperature variations across the FPGA. This aggravates the impact of NBTI on key PMOS transistor parameters such as threshold voltage and drain current. Where it ages the transistors, with a successive reduction in FPGA lifetime and reliability, it also challenges its security. The ingress of threshold voltage-triggered hardware Trojan, a stealthy and malicious electronic circuit, in the modern FPGA, is one such potential threat that could exploit NBTI and severely affect its performance. The development of an effective and efficient countermeasure against it is, therefore, highly critical. Accordingly, we present a comprehensive FPGA security scheme, comprising novel elements of hardware Trojan infection, detection, and mitigation, to protect FPGA applications against the hardware Trojan. Built around the threat model of a naval warship’s integrated self-protection system (ISPS), we propose a threshold voltage-triggered hardware Trojan that operates in a threshold voltage region of 0.45V to 0.998V, consuming ultra-low power (10.5nW), and remaining stealthy with an area overhead as low as 1.5% for a 28 nm technology node. The hardware Trojan detection sub-scheme provides a unique lightweight threshold voltage-aware sensor with a detection sensitivity of 0.251mV/nA. With fixed and dynamic ring oscillator-based sensor segments, the precise measurement of frequency and delay variations in response to shifts in the threshold voltage of a PMOS transistor is also proposed. Finally, the FPGA security scheme is reinforced with an online transistor dynamic scaling (OTDS) to mitigate the impact of hardware Trojan through run-time tolerant circuitry capable of identifying critical gates with worst-case drain current degradation

EMI measurement and modeling techniques for complex electronic circuits and modules

This dissertation consists of four papers. In the first paper, a combined model for predicting the most critical radiated emissions and total radiated power due to the display signals in a TV by incorporating the main processing board using the Huygens Equivalence theorem and the radiation due to the flex cable based on active probe measurements was developed. In the second paper, a frequency-tunable resonant magnetic field probe was designed in the frequency range 900-2260 MHz for near-field scanning applications for the radio frequency interference studies by using a varactor diode providing the required capacitance and the parasitic inductance of a magnetic field loop (i.e., a parallel LC circuit). Measurement results showed good agreement with the simulated results. In the third paper, a wideband microwave method was developed as a means for rapid detection of slight dissimilarities (including counterfeit) and aging effects in integrated circuits (ICs) based on measuring the complex reflection coefficient of an IC when illuminated with an open-ended rectangular waveguide probe, at K-band (18-26.5 GHz) and Ka-band (26.5-40 GHz) microwave frequencies. In the fourth paper, a method to predict radiated emissions from DC-DC converters with cables attached on the input side to a LISN and on the output side to a DC brushless motor as load based on linear terminal equivalent circuit modeling was demonstrated. The linear terminal equivalent model was extracted using measured input and output side common mode currents for various characterization impedances connected at the input and output terminals of the converter --Abstract, page iv

Effects of Temperature, Humidity, and Supply Voltage on MSP430 Behaviors

As the demand for microchips to control a more technologically connected world increases, so does the outsourcing of manufacturing these microchips, which poses risks of old microchips being refurbished as new and new microchips being tampered with Hardware Trojans (HT). The purpose of this research is to develop a systematic testing approach to analyze various microchips for abnormal behaviors. The Design of Experiments (DOE) technique was used to investigate the effects of temperature, humidity, and supply voltage (VCC) on microchip response parameters of VOL, VOH, VIL, VIH, and power consumption values. All these parameters were also individually examined against supply voltage under various temperature and humidity conditions on ten different MSP430FG6626s in 2 separate tests to determine Chip to Chip (C-2-C) variation, microchip defects and potential failures. A sealed enclosure was created to achieve various needed testing conditions and to allow for multiple chips to be tested simultaneously. Corresponding devices were equipped to the enclosure for in-situ input variation and output recording. DOE analysis concluded that supply voltage is the most statistically significant factor affecting key microchip response parameters of VIL, VIH and VOH within the limits of the input factors. The high repeatability and consistency of the response data to supply voltage ramping among the tested chips confirm that the testing setup and method used in this research are valid for screening microchips for defects and irregularities

Hardware Trojan Detection on a PCB Through Differential Power Monitoring

There is a general consensus that contemporary electronics are at risk of cyber-attacks or malicious modifications, such as Hardware Trojans (HT). This makes it crucial to develop reliable countermeasures at both Integrated Circuit (IC) and Printed Circuit Board (PCB) levels. While HT detection at IC level has been widely studied in the past several years, there is still very limited research carried out to tackle HTs on PCBs. We propose a power analysis method for detecting HT components implanted on PCBs. An experimental setup, using a hardware prototype, is built and tested for verification of the methodology, taking process and temperature variations into account. The results confirm the ability to detect alien components on a PCB and provide directions for further research. The performance degradation of the original PCB due to the implementation of the proposed approach is negligible. The area overhead of the proposed method is small, related to the original PCB design, and consists of Sub Power Monitors of individual ICs on the PCB and Main Power Monitor for the overall power measurement of the PCB. To the best of our knowledge this research is the first to develop a PCB HT detection methodology using power analysis