Shielding against physical attack
Anti-tampering design denotes all the techniques to prevent, detect, or respond to physical attacks on a chip. It is a crucial Anti-tamper design denotes all the techniques to prevent, detect, or respond to malicious attacks on a chip. It is a crucial aspect of chip security that is implemented in physical layout, digital RTL, or a combination of both. Anti-tamper designs typically form a shell to counter various types of attack, such as scrambling the data when it is being written or detecting a glitch in the circuitry. Therefore, anti-tampering design is critical to protect sensitive information from the three main types of tampering attacks: invasive, semi-invasive, and non-invasive.
Invasive Attacks begin with the destruction of the chip packaging and removal of the passivation layer. Hackers can then take the physical circuitry designs and security know-how by physical inspection. Alternatively, they can apply signals to the exposed chip to make it behave incorrectly or affect normal operations.
Semi-invasive Attacks relate to inducing electrical failures within a chip and further monitoring the effects.
Non-invasive are passive attacks where hackers monitor the normal operation of a chip without modifying or directly affecting anything.
Accordingly, anti-tampering design covers all the methodologies to fight against these various types of tampering attacks.
- Tamper Resistance relies on restricting physical access to a chip, making tampering more difficult and time-consuming. Common tamper-resistance mechanisms include physical packaging technologies, metal shielding, intrinsic physical security, post-masking, and access management against unauthorized access. In addition, the security function “random dummy read” can avoid repeated reads to the same address, with address and data bus scrambling techniques to further confuse hackers.
- Tamper detection refers to the ability to detect and sense tampering attacks. Anti-tamper circuitry to perform health checking and to detect abnormal power supply variations and fault injection are important to include in any secure design.
- Tamper response means the taken actions upon the detection of tampering. For example, possible tamper responses include raising alarm signals (interrupts), shutting off or disabling a device, and destroying or erasing critical memory space.
- Tamper evidence indicates the creation of visible evidence left behind when tampering occurs, so that authorized personnel can identify whether tampering has occurred or not.