Franck Courbon |
Date of the talk: 2 December 2016, 11h30-12h30, salle Petri/Turing
Scanning Electron Microscopy: a standard failure analysis tool for Hardware Trojan detection, localized fault attacks and memory contents extraction
In a more and more connected world, attacks target different payment, identification and transportation systems leading to various economic, social and societal impacts. Some of those attacks are directly based on embedded systems hardware structure. Thus, among others, attacks can profit from transistors' behavior or can aim to modify some part of an integrated circuit. Problematics behind Hardware Trojan detection, fault attacks and memory cell content extraction are addressed. Based on a 3 steps methodology, Sample preparation - Scanning Electron Microscopy (SEM) - Image processing, we depict how interesting Scanning Electron Microscopy intrinsic features are for hardware security. On one hand, after a frontside preparation down to transistors' active region, the methodology allows detecting malicious hardware modification, extracting memory contents from a type of ROM or locating individual transistors prior to a fault attack in a chip's synthesized logic. On the other hand, after a backside preparation down to transistors' tunnel oxides, the methodology allows retrieving Flash/EEPROM memory contents. The methodology is depicted with the help of practical experiments. We will particularly point out the cost, speed and efficiency advantages for such SEM based approaches.