feedback
Rate this webpage

Need
Support?


Improving ASIC Security with Anti-tampering Architecture from ON Semiconductor

by  Billie Johnson  - 10-30-2019 

Is your information secure? Is your IP protected? Is your Application Specific Integrated Circuit (ASIC) safe from counterfeiters?

Exposing information, stealing IP and full-scale counterfeiting are some of the motives around an ASIC tampering attack.  ASIC tampering refers to intentionally changing the functionality of a device or working to uncover proprietary secrets in the design or operation of the ASIC. The increase in counterfeiting of integrated circuit (ICs) is threatening the operation, safety and security of many electronic systems.

Behind the Scenes

Not long ago, I was called into the office of one of our system architects. Our Defense and Aerospace group at ON Semiconductor wanted to enhance our current portfolio, which includes ITAR and trusted development with an anti-tamper offering.

I was thrilled. The system architect had already developed an algorithm in Matlab to build an anti-tamper mesh network in a completely unique, random and unrepeatable fashion. I just had to figure out a way to convert the output to a format my layout tools could read, or I could use his basic idea, develop the algorithm in another code and then convert that output for my layout tools. Easy enough, or so I thought.

After about an hour of going over the meeting notes, I realized I was in over my head. I actually had two completely different choices in front of me: I could flounder for months or I could tell management that I wasn’t the right person for the job. Both options seemed like a career-limiting move, but really, I wasn’t the right person. I suggested they pull in my colleague John Davis.

I’ve worked with John for almost 20 years. He was a wrestler in high school and one day during an ill-fated takedown drill, John landed on the mat with such force that he developed tinnitus (ringing in his ears).  The condition has become more severe with time, and a few years ago John got hearing aids to help with the condition. When the doctor’s office and staff couldn’t solve the programing and configuration issues, John ordered the software himself. He programmed his own hearing aids and continues to troubleshoot and configure them himself – “because it was just easier.” 

In only a couple months, while managing two to three other critical customer projects at the same time, John developed code in various tools to design, simulate, build, instantiate and test what is now the company’s anti-tamper active shield.

Anti-Tamper Elements

ON Semiconductor’s anti-tamper active shield focuses on three aspects of anti-tampering protection. The complexity of the mesh network provides tamper resistance and makes an ASIC more immune to tamper attacks. The specialized features of the mesh network provide tamper detection when a tamper attack has occurred or is ongoing, and when a mesh network is incorporated into an ASIC, visible and electrical tamper evidence are present during or after a tampering event.

Attack Methods Addressed

ON Semiconductor’s anti-tamper active shield addresses two specific ASIC tampering attack methods. 

An attacker will be unable to easily microprobe the chip’s surface to directly observe, manipulate or interfere with the internal workings of the IC and any attempt to reverse engineer an ASIC or portions of an ASIC are complicated due to the presence of the active mesh network.

How It Works

The mesh network is a continuous, randomly-generated wire segment of top-level metal. One or multiple lines can be applied over desired IP or sensitive areas of the die and each functions as a powered and active shield rather than mere blockage.

Fig.1 Anti-tamper Mesh Schematic

As shown in Figure 1, a relatively basic state machine is connected to the mesh. A transmitter is at one end while a receiver is attached to the other.  The transmitter will send out a pseudo-random sequence, and the receiver will compare the sequence upon receipt.  If the mesh network is compromised, the receiver will detect an incorrect sequence and signal a tamper event. The initial data can be hardwired to a fixed value, supplied from a true random number generator (TRNG), or applied from another source. 

Fig. 2 Example of Mesh Network

The complexity of the ON Semiconductor mesh network resides in building the comprehensive, unique route in an automated manner.  An example of how a mesh might look when drawn in metal is shown in Figure 2.

Top-level metal is typically the thickest and most often used for power routing, so tradeoffs of mesh size and power grid requirements are analyzed to determine optimal sizes and placements of mesh architectures.

Mesh operation is verified through test and simulation throughout the ASIC development.

Past, present and future

Aerospace and defense applications have long called for anti-tamper strategies, but the accelerated use of personal electronics and IoT devices is compelling other markets to examine anti-tampering capabilities today. To learn more, download the Anti-tamper Active Shield white paper.

For inquiries about ON Semiconductor’s anti-tamper active shield, contact: Matt Shreve, Global Product Market Manager Digital, Aerospace and Defense at ON Semiconductor

Tags:Aerospace, ASIC, Defense, Military & Aerospace, Military & Aerospace
What's your reaction?
0 0 0 0 0

Post a Comment

Your email address will not be published. Required fields are marked *

Name*

Email*

Comment

Rules for Commenting
Download Agreement

IMPORTANT - READ BEFORE DOWNLOADING, COPYING, INSTALLING, OR USING.

DO NOT DOWNLOAD, COPY, INSTALL, OR USE THIS CONTENT UNTIL YOU (THE "LICENSEE") HAVE CAREFULLY READ THE FOLLOWING TERMS AND CONDITIONS. BY DOWNLOADING, COPYING, INSTALLING, OR USING THE CONTENT, YOU AGREE TO THE TERMS OF THIS AGREEMENT. IF YOU DO NOT WISH TO SO AGREE, DO NOT DOWNLOAD, COPY, INSTALL, OR USE THE CONTENT.

If you agree to this Agreement on behalf of a company, you represent and warrant that you have authority to bind such company to this Agreement, and your agreement to these terms will be regarded as the agreement of such company. In that event, "Licensee" herein refers to such company. This Agreement is a legal contract between Licensee and Semiconductor Components Industries, LLC a Delaware limited liability company (d/b/a ON Semiconductor) having its principal place of business at 5005 E. McDowell Road, Phoenix, Arizona 85008, U.S.A., ("ON SEMICONDUCTOR") and its affiliates and subsidiaries ("ON Semiconductor").

1. Delivery of Content. Licensee agrees that it has received a copy of the Content, including Software (i.e. human-readable and editable code ("source code"), executable code ("object code")), data sheets, BOMs, schematics, application notes, design & development tools, evaluation board material (i.e. BOM, Gerber, user manual, schematic, test procedures, etc.), design models, reference designs, reference manuals, and other related material (collectively the "Content") for the purpose of enabling Licensee to use the Content and then incorporate the functionality of such Content for use only with ON Semiconductor Products. Licensee agrees that the delivery of any Software does not constitute a sale and the Software is only licensed.

2. License.

2.1 License Grant.

a) ON Semiconductor hereby grants to Licensee a fully paid-up, royalty-free, non-exclusive, non-transferable and non-sublicensable license to modify the Software as necessary to enable Licensee’s products ("Licensee Products") utilizing the Software to operate, or interface with only products sold to Licensee by or on behalf of ON Semiconductor ("ON Semiconductor Products").
b) In addition, ON Semiconductor hereby grants to Licensee a fully paid-up, royalty-free, non-exclusive, non-transferable license to: (i) use the Content, including as modified by Licensee, with Licensee Products solely for the purpose of enabling such Licensee Products to operate or interface with only ON Semiconductor Products; (ii) copy the Content as necessary for such use; and (iii) distribute only the Software and modified Software in a format which is executable by a machine and not human-readable, to Licensee's third party end-user customers ("Customer(s)") for use by such Customers strictly in conjunction with Licensee Products and solely for the purpose of enabling such Licensee Products to operate or interface with ON Semiconductor Products.
c) Notwithstanding anything herein to the contrary, no license or right of any kind is granted herein by ON Semiconductor (or its licensors/suppliers) to Licensee to disclose, distribute or otherwise provide the Content, Software or Modifications (defined below) in a format which is customarily read and edited by humans to Licensee's customers or to any third party, with the sole exception of Licensee's consultants and subcontractors (i) that have a need to have access to such source code for purposes of the license grant of this Agreement, and (ii) that have entered into a written confidentiality agreement ("NDA") with Licensee specifying that such source code is ON Semiconductor confidential information and preventing unauthorized use or disclosure of such source code.
d) Licensee agrees that it shall not take any actions whatsoever that could or would cause the Content, Software, or Modifications or any portion thereof to become subject to the GNU General Public License (GPL), GNU Lesser General Public License (LGPL), Mozilla Public License (MPL), Artistic License, Apache License, Q Public License, IBM Public License, or any other open source license requiring the distribution of the Software or Modifications or any part thereof in any code format.
e) In the event Licensee makes modifications to the Software made by or on behalf of Licensee (each a "Modification"); Licensee shall notify ON Semiconductor of any Modifications and provide ON Semiconductor with a source code formatted copy of each such Modification within thirty (30) days of making such Modifications. ON Semiconductor shall own any Modifications to the Software.
f) Licensee shall retain, and shall require each Customer to retain, all copyright and other notices within the Content, Software and Modifications developed by Licensee hereunder.
g) Licensee may only distribute the Software or Modifications to its Customers pursuant to a written license agreement. At a minimum such license agreement shall safeguard ON Semiconductor's ownership rights to the Software. Such license agreement may be a "break-the-seal" or "click-to-accept" license agreement.
h) The Content is licensed for use only with the ON Semiconductor Products. Use of the Content with non-ON Semiconductor Products is not licensed hereunder.

2.2 Ownership; No Implied Licenses. Subject to the licenses expressly granted herein by ON Semiconductor to Licensee, ON Semiconductor (and/or its licensors/suppliers) retains all rights, title and interest in and to the Content and all patents, copyrights, trademarks, trade secrets, and all other proprietary or intellectual rights therein. ON Semiconductor (and/or its licensors/suppliers) reserves all rights not expressly granted hereunder, and there are no implied licenses granted by ON Semiconductor hereunder. Certain elements of the Content may be provided in files/data formatted for use with or by certain third party software/tools/products. No licenses or rights to any such third party software/tools/products are granted to Licensee by ON Semiconductor. Licensee shall ensure that it has obtained all necessary licenses and rights to use any such third party software/tools/products which are necessary in order to utilize the Content.

2.3 Restrictions. Except as expressly permitted in this Agreement, Licensee shall not use, modify, copy or distribute the Content or Modifications. The Content is the confidential information of ON Semiconductor (and/or its licensors/suppliers). Except as expressly permitted in this Agreement, Licensee shall not disclose, or allow access to, the Content or Modifications to any third party. Except as expressly permitted in this Agreement, Licensee shall not itself and shall restrict Customers from: copying, modifying, creating derivative work of, decompiling, disassembling or reverse-engineering the Content (or any part thereof).

2.4 Licensee acknowledges and agrees that Licensee is solely and wholly responsible and liable for any and all Modifications, Licensee Products, and any and all other products and/or services of Licensee, including without limitation, with respect to the installation, manufacturing, testing, distribution, use, support and/or maintenance of any of the foregoing.

3. Warranty Disclaimer. THE CONTENT IS PROVIDED BY ON SEMICONDUCTOR TO LICENSEE HEREUNDER "AS IS" AND WITHOUT ANY REPRESENTATIONS OR WARRANTIES WHATSOEVER. WITHOUT LIMITING THE FOREGOING, ON SEMICONDUCTOR (AND ITS LICENSORS/SUPPLIERS) HEREBY DISCLAIMS ANY AND ALL REPRESENTATIONS AND WARRANTIES IN RELATION TO THE CONTENT, ANY MODIFICATIONS, OR THIS AGREEMENT, WHETHER EXPRESS, IMPLIED, STATUTORY OR OTHERWISE,INCLUDING WITHOUT LIMITATION ANY AND ALL REPRESENTATIONS AND WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, NON-INFRINGEMENT, AND THOSE ARISING FROM A COURSE OF DEALING, TRADE USAGE, TRADE CUSTOM OR TRADE PRACTICE.

4. No Support Obligation. Licensee acknowledges and agrees that ON Semiconductor (and its licensors/suppliers) has no and shall have no obligation or responsibility whatsoever under this Agreement to provide to Licensee, Customers, or any third party, any maintenance, support or assistance ("Support"), including without limitation in relation to the Content, Software, Modifications or Licensee Products, and ON Semiconductor (and its licensors/suppliers) cannot and shall not be held liable or responsible to Licensee, Customers, or any third party for the failure to provide any such Support. However, during the term of this Agreement ON Semiconductor may from time-to-time in its sole discretion provide such Support to Licensee, and provision of same shall not create nor impose any future obligation on ON Semiconductor to provide any such Support. Such Support may include provision by ON Semiconductor to Licensee of updates and/or upgrades to the Content, which may include bug fixes and/or error corrections, and any such updates and/or upgrades to the Software provided by ON Semiconductor to Licensee shall be deemed and considered to be the Software hereunder and shall be governed by the terms and conditions of this Agreement. Licensee is and shall be solely responsible and liable for any Modifications and for any Licensee Products, and for testing the Software, Modifications and Licensee Products, and for testing and implementation of the functionality of the Software and Modifications with the Licensee Products.

5. Term and Termination.

5.1 Term. The term of this agreement is perpetual unless terminated by ON Semiconductor as set forth herein.

5.2 Termination by ON Semiconductor. ON Semiconductor shall have the right to terminate this Agreement upon written notice to Licensee if: (i) Licensee commits a material breach of this Agreement and does not cure or remedy such breach within thirty (30) days after receipt of written notice of such breach from ON Semiconductor; or (ii) Licensee uses the Software outside of the scope of the Agreement; or iii) Licensee becomes the subject of a voluntary or involuntary petition in bankruptcy or any proceeding relating to insolvency, receivership, liquidation, or composition for the benefit of creditors if such petition or proceeding is not dismissed with prejudice within sixty (60) days after filing.

5.3 Effect of Termination/Expiration. The following Sections of this Agreement shall survive the termination or expiration of this Agreement for any reason: 2.1(e), 2.2, 2.3, 2.4, 3, 4, 5, 7, 8, 9 and 10 (excluding only the record retention obligations and audit rights set forth in Section 11.6, which obligations and rights shall terminate upon termination of the Agreement). Any Content or Modifications distributed by Licensee to Customers pursuant to Section 2.1(b)(iii) of this Agreement prior to the effective date of such termination or expiration of this Agreement, shall not be effected solely by reason of such termination or expiration of this Agreement. Upon the effective date of termination of this Agreement, all licenses granted to Licensee hereunder shall terminate and Licensee shall cease all use, copying, modification and distribution of the Content and shall promptly either destroy or return to ON Semiconductor all copies of the Content in Licensee's possession or under Licensee's control. Within 30 days after the termination of the Agreement, Licensee shall furnish a statement certifying that all Content and related documentation have been destroyed or returned to ON Semiconductor.

6. Export. Licensee agrees that it shall comply fully with all relevant and applicable export laws and regulations of the United States or foreign governments ("Export Laws") to ensure that neither the Content, nor any direct product thereof is: (i) exported directly or indirectly, in violation of Export Laws; or (ii) intended to be used for any purposes prohibited by the Export Laws, including without limitation nuclear, chemical or biological weapons proliferation.

7. Limitation of Liability. ON SEMICONDUCTOR (AND ITS LICENSORS/SUPPLIERS) SHALL NOT BE RESPONSIBLE OR LIABLE UNDER ANY CIRCUMSTANCES OR ANY LEGAL THEORY, WHETHER IN CONTRACT, TORT (INCLUDING NEGLIGENCE), STRICT LIABILITY OR OTHERWISE, FOR ANY LOST REVENUE OR PROFITS OR ANY OTHER COMMERCIAL OR ECONOMIC LOSS, OR FOR ANY DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, EXEMPLARY, PUNITIVE OR SPECIAL DAMAGES WHATSOEVER ARISING OUT OF OR RELATING TO THE SOFTWARE, MODIFICATIONS, OR THIS AGREEMENT, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES, AND NOTWITHSTANDING ANY FAILURE OF ESSENTIAL PURPOSE OF ANY LIMITED REMEDY, TO THE FULL EXTENT SUCH MAY BE DISCLAIMED BY LAW. ON SEMICONDUCTOR'S TOTAL LIABILITY FOR ANY AND ALL COSTS, DAMAGES, CLAIMS, INDEMNIFICABLE CLAIMS, OR LOSSES WHATSOEVER ARISING OUT OF OR IN CONNECTION WITH THIS AGREEMENT OR PRODUCTS SUPPLIED BY THIS AGREEMENT IS LIMITED TO THE AGGREGATE AMOUNT PAID BY LICENSEE TO ON SEMICONDUCTOR FOR THE CONTENT TO WHICH LOSSES OR DAMAGES ARE CLAIMED.

8. Indemnification. Licensee acknowledges and agrees that Licensee is solely and wholly responsible and liable for any and all Modifications, Licensee Products, and any and all of Licensee's Products other products and/or services, including without limitation, with respect to the installation, manufacturing, testing, distribution, use, support and/or maintenance of any of the foregoing. Licensee shall, at Licensee's sole expense, defend, indemnify and hold harmless ON Semiconductor and its subsidiaries and affiliates from and against any and all claims, demands, suits, actions, and proceedings ("Claim(s)"), and all related damages, costs, and expenses (including reasonable attorneys fees), arising from, related to or in connection with Modifications, Licensee Products, and the Content in combination with Modifications and/or Licensee Products, including without limitation, in relation to product liability or infringement of third party rights. ON Semiconductor shall: (a) notify Licensee promptly upon learning of such a Claim; (b) give Licensee reasonable information and assistance regarding such Claim; and (c) tender to Licensee authority to direct the defense of such Claim, including negotiation of any settlement in relation thereto, provided however that Licensee shall not enter into any such settlement without ON Semiconductor's express prior written consent, which consent shall not be unreasonably withheld.

9. Publicity. Licensee agrees that it shall not issue any press releases containing, nor advertise, reference, reproduce, use or display, ON Semiconductor's name or any ON Semiconductor trademark without ON Semiconductor's express prior written consent in each instance; provided, however, that Licensee may indicate that the Licensee Product is interoperable with ON Semiconductor Products in product documentation and collateral material for the Licensee Product.

10. Performance Comparisons. Licensee shall not distribute externally or disclose to any Customer or to any third party any reports or statements that directly compare the speed, functionality or other performance results or characteristics of the Software with any similar third party products without the express prior written consent of ON Semiconductor in each instance; provided, however, that Licensee may disclose such reports or statements to Licensee's consultants (i) that have a need to have access to such reports or statements for purposes of the license grant of this Agreement, and (ii) that have entered into a written confidentiality agreement with Licensee no less restrictive than that certain NDA.

11. Miscellaneous.

11.1 Governing Law. This Agreement shall be governed by the laws of the State of New York, and applicable U.S. federal law, without giving effect to conflict of law or to choice of law principles, and excluding the 1980 United Nations Convention on Contracts for the International Sale of Goods, if applicable.

11.2 Assignment. Neither this Agreement, nor any of the rights or obligations herein, may be assigned or transferred by Licensee without the express prior written consent of ON Semiconductor, and any attempt to do so in violation of the foregoing shall be null and void. Subject to the foregoing, this Agreement shall be binding upon and inure to the benefit of the parties, their successors and assigns.

11.3 Limitations on Use. The Software is not designed, developed, licensed or provided for use in connection with any nuclear facility, or in connection with the flight, navigation or communication of aircraft or ground support equipment, or in connection with military or medical equipment/applications or activities, or any other inherently dangerous or high risk equipment/applications or activities ("High Risk Use"). Licensee agrees that ON Semiconductor (and its licensors/suppliers) shall not be liable or responsible for any claims, losses, demands, costs, expenses or liabilities whatsoever arising from or in relation to any such High Risk Use of the Content, Software, Modifications or Licensee Products by Licensee or Customers.

11.4 Severability; Waiver. Any provision of this Agreement which is held to be invalid or unenforceable by a court in any jurisdiction shall, as to such jurisdiction, be severed from this Agreement and ineffective to the extent of such invalidity or unenforceability without invalidating the remaining portions hereof or affecting the validity or enforceability of such provision in any other jurisdiction. Failure by either party hereto to enforce any term of this Agreement shall not be held a waiver of such term nor prevent enforcement of such term thereafter, unless and to the extent expressly set forth in a writing signed by the party charged with such waiver.

11.5 Remedies Not Exclusive. The remedies herein are not exclusive, but rather are cumulative and in addition to all other remedies available to ON Semiconductor.

11.6 Records; Audit. Licensee agrees that it shall maintain accurate and complete records relating to its activities under Section 2.1(b)(iii) of this Agreement during the term of this Agreement. Upon reasonable advance written notice, ON Semiconductor shall have the right no more frequently than once in any 12 month period during the term of the Agreement, through an independent third party approved by Licensee in writing (such approval not to be unreasonably withheld), to examine and audit such records and Licensee's compliance with the terms of Section 2.1(b)(iii) of this Agreement. Any such audit shall not interfere with the ordinary business operations of Licensee and shall be conducted at the expense of ON Semiconductor. All reports, documents, materials and other information collected or prepared during an audit shall be deemed to be the confidential information of Licensee ("Licensee Confidential Information"), and ON Semiconductor shall protect the confidentiality of all Licensee Confidential Information; provided that, such Licensee Confidential Information shall not be disclosed to any third parties with the sole exception of the independent third party auditor approved by Licensee in writing, and its permitted use shall be restricted to the purposes of the audit rights described in this Section 11.6.

11.7 No Joint Venture, Agency, etc. Nothing in this Agreement shall be construed as creating a joint venture, agency, partnership, trust or other similar association of any kind between the parties hereto. The parties hereto are for all purposes of this Agreement independent contractors, and neither shall hold itself out as having any authority to act as an agent or partner of the other party, or in any way bind or commit the other party to any obligations.

11.8 Interpretation. In this Agreement, words importing a singular number only shall include the plural and vice versa, and section numbers and headings are for convenience of reference only and shall not affect the construction or interpretation hereof.

11.9 Entire Agreement; Amendment; Counterparts; Facsimile Copies. This Agreement, including the Exhibits attached hereto, constitutes the entire agreement and understanding between the parties hereto regarding the subject matter hereof and supersedes all other agreements, understandings, promises, representations or discussions, written or oral, between the parties regarding the subject matter hereof. This Agreement may not be amended except in writing signed by an authorized representative of each of the parties hereto. This Agreement may be executed in counterparts, each of which shall be deemed to be an original, and which together shall constitute one and the same agreement. Each party hereto may deliver an executed copy of this Agreement to the other party via facsimile or other electronic means, and such executed copy(ies) sent/received via facsimile or other electronic means shall be deemed an original and binding copy.

12. Confidentiality. Notwithstanding any terms to the contrary in any non-disclosure agreements between the Parties, Licensee shall treat this Agreement and the Content as ON Semiconductor's "Confidential Information" including: not using the Confidential Information except as expressly set forth herein or otherwise authorized in writing; implementing reasonable procedures to prohibit the disclosure, unauthorized duplication, misuse or removal of the Confidential Information; and not disclosing the Confidential Information to any third party except as may be necessary and required in connection with the rights and obligations under this Agreement and subject to confidentiality obligations at least as protective as those set forth herein, or as otherwise required by law. It is expressly understood that all Confidential Information transferred hereunder, and all copies, modifications, and derivatives thereof, will remain the property of ON Semiconductor, and the Licensee is authorized to use those materials only in accordance with the terms and conditions of this Agreement. Upon termination of this Agreement or upon written request, License shall either return all Confidential Information to ON Semiconductor along with all copies and/or derivatives made, including that on computer databases and copies of portions of the Confidential Information, or destroy all such Confidential Information and certify by written memorandum that all such Confidential Information has been destroyed.

Nothing contained in this Agreement limits a party from filing a truthful complaint, or the party's ability to communicate directly to, or otherwise participate in either: (i) any investigation or proceeding with a United States government agency alleging a securities law violation, waste, fraud, or abuse; or (ii) an investigation or proceeding that is protected under a whistleblower provision of a U.S. federal law or regulation.

Your request has been submitted for approval.
Please allow 2-5 business days for a response.
You will receive an email when your request is approved.
Request for this document already exists and is waiting for approval.