[go: up one dir, main page]

CN106326053B - Chip safety testing method and system based on fault injection - Google Patents

Chip safety testing method and system based on fault injection Download PDF

Info

Publication number
CN106326053B
CN106326053B CN201610719853.XA CN201610719853A CN106326053B CN 106326053 B CN106326053 B CN 106326053B CN 201610719853 A CN201610719853 A CN 201610719853A CN 106326053 B CN106326053 B CN 106326053B
Authority
CN
China
Prior art keywords
chip
tested
femtosecond laser
fault injection
control unit
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201610719853.XA
Other languages
Chinese (zh)
Other versions
CN106326053A (en
Inventor
邵翠萍
李慧云
唐烨
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Institute of Advanced Technology of CAS
Original Assignee
Shenzhen Institute of Advanced Technology of CAS
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Institute of Advanced Technology of CAS filed Critical Shenzhen Institute of Advanced Technology of CAS
Priority to CN201610719853.XA priority Critical patent/CN106326053B/en
Publication of CN106326053A publication Critical patent/CN106326053A/en
Application granted granted Critical
Publication of CN106326053B publication Critical patent/CN106326053B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/22Detection or location of defective computer hardware by testing during standby operation or during idle time, e.g. start-up testing
    • G06F11/2268Logging of test results

Landscapes

  • Engineering & Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Quality & Reliability (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Tests Of Electronic Circuits (AREA)

Abstract

本发明实施例提供了一种基于故障注入的芯片安全测试方法及系统,其中,该方法包括:通过同步控制单元依次将飞秒激光聚焦在待测芯片表面的不同位置上,对待测芯片的不同位置进行故障注入,其中,飞秒激光在所述待测芯片中发生双光子吸收,使得待测芯片中的逻辑单元翻转;在待测芯片被所述飞秒激光辐照不同位置的情况下,分别采集待测芯片输出的运算结果;将采集的运算结果分别与待测芯片的预设正确运算结果进行比较分析,确定待测芯片被所述飞秒激光辐照过的位置是否发生有效故障,发生有效故障的位置数量是判断待测芯片安全程度的依据。该方案可以提高故障注入的精度,有利于提升基于故障注入的芯片安全测试的成功率。

Figure 201610719853

Embodiments of the present invention provide a chip safety testing method and system based on fault injection, wherein the method includes: sequentially focusing a femtosecond laser on different positions on the surface of the chip to be tested through a synchronous control unit, and the different positions of the chip to be tested are In this case, the femtosecond laser causes two-photon absorption in the chip to be tested, so that the logic unit in the chip to be tested is turned over; when the chip to be tested is irradiated by the femtosecond laser in different positions, Collect the operation results output by the chip under test respectively; compare and analyze the collected operation results with the preset correct operation results of the chip under test, to determine whether an effective fault occurs at the position where the chip under test is irradiated by the femtosecond laser, The number of locations where valid faults occur is the basis for judging the security level of the chip to be tested. This solution can improve the accuracy of fault injection, which is beneficial to improve the success rate of chip security testing based on fault injection.

Figure 201610719853

Description

Chip safety testing method and system based on fault injection
Technical Field
The invention relates to the technical field of chip testing, in particular to a chip safety testing method and system based on fault injection.
Background
With the development of space technology and nuclear technology, semiconductor ionizing radiation effect (also called Single event effect) is further classified and studied, such as Single event latch-up (SEL), Single Event Upset (SEU), Single Event Functional Interrupt (SEFI), Single Event Burnout (SEB), and the like. The single event effect can be divided into unrecoverable errors and recoverable errors according to whether the influence of the single event effect on the electronic components can be recovered or not. "unrecoverable error" or "hard error" refers to an error that, once it occurs, can cause fatal permanent damage to a device or system, such as SEB; "recoverable error" or "soft error" refers to a normal error that can be recovered by restarting a device or rewriting data, such as an SEU, a SET, an SED, etc. The single event latch SEL and the single event upset SEU are two single event effects with high occurrence frequency.
On the other hand, the failure caused by the single event effect has become an important threat of the crypto security chip. The cryptographic chip may perform complex encryption and decryption algorithms, such as symmetric algorithms or public key algorithms. The cipher chip has cipher key protecting mechanism to store the cipher key in special memory area without transmission via communication interface. Cryptographic chips are abundantly present in electronic products such as credit cards, mobile phone SIM cards, wireless network cards, RFID, USB keys, TPM (trusted platform module), etc. Therefore, cryptographic chips have become one of the reliable ways to secure information.
The attacker performs illegal reading, analysis, dissection and other measures on the password chip so as to obtain useful information and illegal benefits. Laser Fault Injection attack (LFI for short) discovered by the british scholars Sergei skorocogatov in 2002 becomes a very threatening Fault Injection attack method. An attacker only needs a small amount of error results, and the error results are compared with the correct results for analysis, so that part of or even all of the key bit information can be obtained.
Laser fault implantation, ion beam fault implantation and the like are fault implantation means capable of accurately focusing the target position of the chip, so that an attacker can obtain ideal error output conveniently. Such high-precision (radius of radiation ionization is in deep submicron level) fault injection attack method is not easy to defend, and is an important means for fault injection attackers at present. Currently, the detection specifications of international cryptography security modules, such as FIPS Publication140-3 draft issued by NIST in 2012 by the national standards and technology office, have explicitly written the defense against fault injection attacks into the security requirements of the cryptography security modules. In the detection criteria of the cryptographic circuit published by the national crypto-administration in 2012, a commercial cryptographic chip with high security level is also required to have the defense capability against fault injection attack.
The irradiation research using high-energy ion beams requires expensive special equipment, which generally includes a particle accelerator, a terminal beam machine, an oscilloscope, and the like. Such experiments are currently only performed by a few colleges and research institutions. Scientists have found that pulsed lasers can be used to simulate the single event effects of heavy cosmic ray ions in microelectronics and integrated circuits. J.S.Melinger et al studied the test and the basic mechanism of the laser single event effect in 1994, analyzed the interaction process of the laser and the electronic device material in more detail, and thought that although there is a great difference between the electron-hole pair plasma structure generated by the laser and the electron-hole pair plasma track structure generated by the heavy ion, it can still be used as an important laboratory evaluation means in the single event effect test. And in engineering design application, the laser single event effect test means is more practical than a gravity particle accelerator.
Modern semiconductor manufacturing has adopted 45nm node technology on a large scale, and 22nm node and 16nm node technologies are also referred to as "datchinson". Under such deep submicron process conditions, variations in process parameters in fabrication necessarily result in reduced reliability of the radiation effect. It is necessary to perform accurate and comprehensive fault injection on the chip and perform a test of system analysis on the response.
Research results show that picosecond pulse laser can focus the size of a laser beam spot to a micron-sized size, and single-particle upset sensitivity of a single transistor in an integrated circuit can be inspected in the early development stage of a semiconductor process. However, when the semiconductor manufacturing process is developed from micron to deep submicron, even nano node, the focusing requirement can not be met by using the conventional nano and picosecond laser. The development of high-precision irradiation by using a new laser technology has become an urgent need for studying the single event effect.
Disclosure of Invention
The embodiment of the invention provides a chip safety test method based on fault injection, which aims to solve the technical problem that high-precision fault injection test cannot be carried out when a semiconductor manufacturing process is developed from micron to deep submicron or even nano nodes in the prior art. The method comprises the following steps: sequentially focusing femtosecond laser on different positions on the surface of a chip to be detected through a synchronous control unit, and performing fault injection on the different positions of the chip to be detected, wherein the femtosecond laser generates two-photon absorption in the chip to be detected so as to overturn a logic unit in the chip to be detected; under the condition that the chip to be tested is irradiated at different positions by the femtosecond laser, respectively collecting operation results output by the chip to be tested; and respectively comparing and analyzing the acquired operation results with preset correct operation results of the chip to be detected, and determining whether effective faults occur at the positions of the chip to be detected irradiated by the femtosecond laser, wherein the number of the positions with the effective faults is a basis for judging the safety degree of the chip to be detected, and the effective faults refer to a type of errors of the secret key which can be analyzed by comparing and operating error operation results generated when the effective faults occur with the preset correct operation results.
In one embodiment, the safety degree of the chip to be tested is inversely proportional to the proportion of the number of positions with effective faults in all the positions irradiated by the femtosecond laser.
In one embodiment, the photon energy of the femtosecond laser is larger than the energy gap bandwidth of the chip to be tested.
In one embodiment, the femtosecond laser has a wavelength that meets the penetration depth requirement of the femtosecond laser focused on the logic unit in the chip to be tested and meets the energy requirement of the occurrence of energy level transition.
In one embodiment, a chip to be tested is placed on a stage below a confocal microscope in a femtosecond laser, and the femtosecond laser is sequentially focused on different positions on the surface of the chip to be tested through a synchronous control unit, including: when the chip to be tested sends a starting signal to the synchronous control unit and the chip to be tested starts functional operation, the synchronous control unit controls a femtosecond laser to focus the femtosecond laser on one position of the surface of the chip to be tested, when the chip to be tested sends a pause signal to the synchronous control unit and the chip to be tested completes one functional operation, the synchronous control unit controls the femtosecond laser to stop fault injection on the one position of the surface of the chip to be tested, and an operation result of the chip to be tested for completing the current functional operation is collected; when the chip to be tested sends a next starting signal to the synchronous control unit and the chip to be tested starts functional operation, the synchronous control unit controls the confocal microscope to move the objective table by a preset step length, the femtosecond laser is focused on the next position on the surface of the chip to be tested, when the chip to be tested sends a next pause signal to the synchronous control unit and the chip to be tested completes one-time functional operation, the synchronous control unit controls the femtosecond laser to stop fault injection on the next position on the surface of the chip to be tested, and the operation result of the chip to be tested for completing the current functional operation is collected; and sequentially circulating until the whole surface of the chip to be tested is traversed, and sending a completion signal to the chip to be tested through the synchronous control unit to finish fault injection.
The embodiment of the invention also provides a chip safety test system based on fault injection, which aims to solve the technical problem that the high-precision fault injection test cannot be carried out when the semiconductor manufacturing process is developed from micron to deep submicron or even nano node in the prior art. The system comprises: the femtosecond laser device is used for emitting femtosecond laser, and a chip to be tested is placed on an objective table below the common focusing microscope in the femtosecond laser device; the synchronous control unit is used for controlling the femtosecond laser to focus the femtosecond laser on different positions on the surface of a chip to be tested in sequence and injecting faults into the different positions of the chip to be tested, wherein the femtosecond laser generates two-photon absorption in the chip to be tested so that a logic unit in the chip to be tested is turned over; the data acquisition equipment is used for respectively acquiring operation results output by the chip to be detected under the condition that the chip to be detected is irradiated by the femtosecond laser at different positions; and the data analysis equipment is used for respectively comparing and analyzing the acquired operation results with preset correct operation results of the chip to be detected, and determining whether effective faults occur at the positions of the chip to be detected irradiated by the femtosecond laser, wherein the number of the positions with the effective faults is a basis for judging the safety degree of the chip to be detected, and the effective faults refer to a type of errors of the secret key, which can be analyzed by comparing and operating error operation results generated when the effective faults occur with the preset correct operation results.
In one embodiment, the safety degree of the chip to be tested is inversely proportional to the proportion of the number of positions with effective faults in all the positions irradiated by the femtosecond laser.
In one embodiment, the photon energy of the femtosecond laser is larger than the energy gap bandwidth of the chip to be tested.
In one embodiment, the femtosecond laser has a wavelength that meets the penetration depth requirement of the femtosecond laser focused on the logic unit in the chip to be tested and meets the energy requirement of the occurrence of energy level transition.
In an embodiment, the synchronous control unit is specifically configured to control the femtosecond laser to focus femtosecond laser on a position on the surface of the chip to be tested when a start signal is received from the chip to be tested and the chip to be tested starts functional operation, control the femtosecond laser to stop fault injection on the position on the surface of the chip to be tested when a pause signal is received from the chip to be tested and the chip to be tested completes one functional operation, and control the data acquisition device to acquire an operation result of the chip to be tested completing the functional operation; when a next starting signal sent by the chip to be tested is received and the chip to be tested starts functional operation, controlling the confocal microscope to move the objective table by a preset step length, focusing the femtosecond laser on the next position on the surface of the chip to be tested, controlling the femtosecond laser to stop fault injection on the next position on the surface of the chip to be tested when a next pause signal sent by the chip to be tested is received and the chip to be tested completes one functional operation, and controlling the data acquisition equipment to acquire an operation result of the chip to be tested to complete the current functional operation; and sequentially circulating until the whole surface of the chip to be tested is traversed, and sending a completion signal to the chip to be tested to finish fault injection.
In the embodiment of the invention, femtosecond laser is focused on different positions on the surface of a chip to be detected through a synchronous control unit to perform fault injection on different positions of the chip to be detected, operation results output by the chip to be detected are respectively collected under the condition that the chip to be detected is irradiated by the femtosecond laser at different positions, and finally the collected operation results are compared and analyzed with a preset correct operation result of the chip to be detected, so that whether effective faults occur at the positions of the chip to be detected, which are irradiated by the femtosecond laser, can be determined, and the safety degree of the chip to be detected can be further judged according to the number of the positions with the effective faults. Due to the fact that femtosecond laser generates two-photon absorption in a chip to be tested, error (namely fault) injection attack in a very small range can be achieved, the problem that a fault injection area cannot be accurately controlled due to the fact that the diameter of a conventional laser focusing beam is too large after an integrated circuit manufacturing process enters a nano node in the prior art can be solved, the accuracy of fault injection can be further improved, and the accuracy of a chip safety test result based on fault injection can be improved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the invention and together with the description serve to explain the principles of the invention. In the drawings:
fig. 1 is a flowchart of a chip security testing method based on fault injection according to an embodiment of the present invention;
fig. 2 is a schematic flowchart of a fault injection process performed on a chip to be tested according to an embodiment of the present invention;
fig. 3 is a schematic diagram illustrating a positioning process of a fault injection sensitive point according to an embodiment of the present invention;
fig. 4 is a block diagram of a chip security testing system based on fault injection according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in further detail with reference to the following embodiments and accompanying drawings. The exemplary embodiments and descriptions of the present invention are provided to explain the present invention, but not to limit the present invention.
In an embodiment of the present invention, a chip security testing method based on fault injection is provided, as shown in fig. 1, the method includes:
step 101: sequentially focusing femtosecond laser on different positions on the surface of a chip to be detected through a synchronous control unit, and performing fault injection on the different positions of the chip to be detected, wherein the femtosecond laser generates two-photon absorption in the chip to be detected so as to overturn a logic unit in the chip to be detected;
step 102: under the condition that the chip to be tested is irradiated at different positions by the femtosecond laser, respectively collecting operation results output by the chip to be tested;
step 103: and comparing and analyzing the acquired operation result with a preset correct operation result of the chip to be detected, and determining whether effective faults occur at the positions of the chip to be detected irradiated by the femtosecond laser, wherein the number of the positions with the effective faults is a basis for judging the safety degree of the chip to be detected, and the effective faults refer to a type of errors of the secret key which can be analyzed by comparing and operating an error operation result generated when the effective faults occur with the preset correct operation result.
As can be seen from the process shown in fig. 1, in the embodiment of the present invention, the femtosecond laser is focused on different positions on the surface of the chip to be detected by the synchronous control unit to perform fault injection on different positions of the chip to be detected, and under the condition that the chip to be detected is irradiated by the femtosecond laser at different positions, the operation results output by the chip to be detected are respectively collected, and finally, the collected operation results are compared with the preset correct operation results of the chip to be detected, so that whether an effective fault occurs at the position of the chip to be detected irradiated by the femtosecond laser can be determined, and the safety degree of the chip to be detected can be determined according to the number of the positions where the effective fault occurs. Due to the fact that femtosecond laser generates two-photon absorption in a chip to be tested, error (namely fault) injection attack in a very small range can be achieved, the problem that a fault injection area cannot be accurately controlled due to the fact that the diameter of a conventional laser focusing beam is too large after an integrated circuit manufacturing process enters a nano node in the prior art can be solved, the accuracy of fault injection can be further improved, and the accuracy of a chip safety test result based on fault injection can be improved.
In specific implementation, the inventor finds that the laser focusing system used in the current research has a transverse spot size larger than the laser wavelength due to the limitation of diffraction rules. And Femtosecond (10-15s) pulse Laser (femto second Laser) has the characteristics of narrow pulse width and high peak power, and is not a single-photon process but a two-photon or multi-photon process when interacting with a substance. Therefore, the femtosecond laser beam with Gaussian lateral distribution interacts with the substance not in the whole focal spot range but far smaller than the light spot, and the focusing scale can reach 1/20 wavelengths, theoretically tens of nanometers. The femtosecond laser pulse is firstly obtained by utilizing the principle of collision pulse mode locking (CPM) in a dye laser, with the development of the crystal growth technology in 80 years, a series of solid lasers with excellent performance are appeared, represented by titanium-doped Sapphire crystals (Ti: Sapphire) which are published in 1982, and compared with the dye laser, the laser which takes titanium Sapphire as a gain medium has a wider tuning range, which is equivalent to a waveband covered by four-five dye combinations. The micro-nano processing of the femtosecond laser is widely applied to various fields such as ultra-precise laser processing, a multi-photon microscope, nonlinear spectroscopy and the like, and research on micro-nano processing of the femtosecond laser is carried out in Chengyi of Shanghai optical mechanical institute of Chinese academy of sciences in 2014, Qinhua of Jilin university and the like. The mechanism of two-photon absorption in the composite material was studied in 2015 by shanghai optical engine wang jun, etc.
The peak power of femtosecond laser is hundreds kilowatts, and the laser pulse width is less than 100fs (1fs is 10--15s). The focused femtosecond laser has extremely high field intensity, and many media present remarkable nonlinear properties when the intensity of an optical field in the media is comparable to the intensity of an electric field in a molecule. Two-photon absorption is a typical third-order nonlinear optical effect, with the probability of generation proportional to the square of the photon flux density. The two-photon absorption can only occur under strong light intensity, and the two-photon absorption is only limited to the space volume of the focal point of the objective lens, which is about lambda3(λ is the wavelength of the incident light). The incident light can only obtain a higher power density at this point, and multiphoton absorption and ionization occur, thereby turning over the logic unit inside the security chip. In addition, the femtosecond laser is used for realizing two-photon absorption, long-wavelength laser is adopted, the penetrating power is strong, and the laser can directly act inside the material. Namely, the femtosecond laser can be used as a high-precision chip fault injection tool. Therefore, the inventor proposes the chip safety test method based on femtosecond laser fault injection by utilizing the principle that the femtosecond laser generates two-photon absorption in the chip to be tested so as to overturn the logic unit in the chip to be tested, so as to improve the accuracy of fault injection and ensure the precision of the chip safety test result.
In specific implementation, in order to ensure that the femtosecond laser can be focused on the logic unit in the chip to be tested and then two-photon absorption can occur in the chip to be tested so as to turn over the logic unit in the chip to be tested, in this embodiment, the wavelength of the femtosecond laser meets the penetration depth requirement of the femtosecond laser focused on the logic unit in the chip to be tested and the energy requirement of energy level transition.
Specifically, the laser wavelength is selected according to the material of the semiconductor (i.e., the chip to be tested), and the semiconductor generally adopts a silicon material, so that the premise that the femtosecond laser generates two-photon absorption and ionization is that the photon energy of the femtosecond laser exceeds the energy gap bandwidth (>1.1eV) of the semiconductor, and for example, the femtosecond laser wavelength is below 1064 nm. However, the smaller the wavelength is, the shallower the penetration depth is, however, the mechanism of two-photon absorption indicates that when the ultrashort pulse laser propagates in the molecular medium, the processes of generation of higher harmonics, Stimulated Raman Scattering (SRS), spontaneous emission Amplification (ASE), and superfluorescence emission (SF) are always accompanied, so that when selecting the wavelength, we need to expand the wavelength, and try to use a band above 900nm, which has a relatively deeper penetration depth and a smaller ionization rate, that is, the wavelength of the femtosecond laser meets both the penetration depth requirement that the femtosecond laser can focus on a logic unit in a chip to be tested and the energy requirement that energy level transition can occur, for example, the wavelength of the femtosecond laser may be smaller than 1064nm and larger than 900nm, so as to ensure that the femtosecond laser generates two-photon absorption in a semiconductor, and the logic unit is turned over.
During specific implementation, before the femtosecond laser is sequentially focused on different positions on the surface of the chip to be tested through the synchronous control unit, the incident parameter of the femtosecond laser can be determined according to the process and the test requirement of the chip to be tested, and the femtosecond laser emitted by the femtosecond laser under the incident parameter can overturn the logic unit in the chip to be tested. Specifically, the incident parameter may be photon energy and wavelength of the femtosecond laser.
In specific implementation, the output power of the femtosecond laser can be adjusted in an incremental manner by 1% to find appropriate power approximately at about 1.4W according to the existing laser fault injection attack experiment.
During specific implementation, in the fault injection process, in order to realize that the femtosecond laser is focused on different positions of the surface of the chip to be tested through the synchronous control unit in sequence, in this embodiment, the chip to be tested is placed on the objective table below the common focusing microscope in the femtosecond laser, and the femtosecond laser is focused on different positions of the surface of the chip to be tested through the synchronous control unit in sequence, including: when the chip to be tested sends a starting signal to the synchronous control unit and the chip to be tested starts functional operation, the synchronous control unit controls a femtosecond laser to focus the femtosecond laser on one position of the surface of the chip to be tested, when the chip to be tested sends a pause signal to the synchronous control unit and the chip to be tested completes one functional operation, the synchronous control unit controls the femtosecond laser to stop fault injection on the one position of the surface of the chip to be tested, and an operation result of the chip to be tested for completing the current functional operation is collected; when the chip to be tested sends a next starting signal to the synchronous control unit and the chip to be tested starts functional operation, the synchronous control unit controls the confocal microscope to move the objective table by a preset step length, the femtosecond laser is focused on the next position on the surface of the chip to be tested, when the chip to be tested sends a next pause signal to the synchronous control unit and the chip to be tested completes one-time functional operation, the synchronous control unit controls the femtosecond laser to stop fault injection on the next position on the surface of the chip to be tested, and the operation result of the chip to be tested for completing the current functional operation is collected; and sequentially circulating until the whole surface of the chip to be tested is traversed, and sending a completion signal to the chip to be tested through the synchronous control unit to finish fault injection.
Specifically, in the fault injection process, in order to realize that the femtosecond laser is focused on different positions on the surface of the chip to be detected through the synchronous control unit in sequence, secondary development is carried out by utilizing the matching software of the laser and the confocal microscope, the laser light intensity and the synchronous strategy are controlled, the two-dimensional movement of the chip to be detected is realized by utilizing the two-dimensional objective table of the microscope, the femtosecond laser and the confocal microscope are controlled through the synchronous control unit, and the irradiation start/finish of the femtosecond laser is finished under the cooperative control of the synchronous control unit and the chip to be detected. For example, fig. 2 shows a handshake protocol between the synchronization control unit and the chip under test. We define three handshake signals: start signal, Stop signal and Done signal. The Start signal is a Start signal sent to the synchronous control unit after the chip to be tested is ready, the stop signal is a pause signal of femtosecond laser fault injection, and the Done signal is a completion signal.
The specific fault injection process is as follows: when the chip to be tested is ready, a Start signal Start is sent to the synchronous control unit, the chip to be tested starts logic operation, the synchronous control unit controls the femtosecond laser to focus the femtosecond laser on one position on the surface of the chip to be tested, when the chip to be tested finishes one function operation, a pause signal stop of femtosecond laser fault injection is sent to inform the synchronous control unit to pause fault injection, the chip to be tested performs self-reset at the same time, the influence of the last soft error is eliminated, the next round of fault injection test is prepared, the synchronous control unit controls the femtosecond laser to stop injecting faults on the one position of the chip to be tested, and simultaneously the data acquisition equipment is controlled to acquire the operation result of the chip to be tested to finish the function operation, and the operation result of the function operation is used for comparing and analyzing with the preset correct operation result, to determine whether the one position of the chip under test is faulty. After the femtosecond laser is suspended, the synchronous control unit controls the confocal microscope to move the two-dimensional objective table by a pre-designed step length, the femtosecond laser is focused on the next position on the surface of the chip to be detected, when the next Start signal Start sent by the chip to be detected to the synchronous control unit is received, simultaneously, the chip to be tested starts logic operation work, the synchronous control unit controls the femtosecond laser to focus the femtosecond laser on the next position on the surface of the chip to be tested for fault injection, when the chip to be tested finishes one function operation, a pause signal stop of next femtosecond laser fault injection is sent to inform the synchronous control unit to pause the fault injection, and simultaneously, the chip to be tested is subjected to self-reset, the influence of the last soft error is eliminated, the next round of fault injection test is prepared, and the synchronous control unit controls the data acquisition equipment to acquire the operation result of the chip to be tested to complete the function operation. And circulating the fault injection process in sequence, when the synchronous control unit finishes traversing test on the whole surface of the chip to be tested, sending a completion signal Done to the chip to be tested, finishing fault injection, sending all the operation results collected before to an irradiation effect reliability/safety analyzer, in the irradiation effect reliability/safety analyzer, respectively comparing and analyzing all the operation results collected with preset correct operation results of the chip to be tested, determining whether effective faults occur at the positions of the chip to be tested irradiated by the femtosecond laser, and determining the positions where the effective faults occur.
In the radiation effect reliability/safety analyzer, only the sensitive logic circuits may be concerned about the injection error, and the circuits irrelevant to the safety may not be concerned about, so that the fault injection theory of the cryptographic algorithm needs to be combined to judge whether the scanning point is a sensitive point (i.e. the position where the effective fault occurs). Due to the two-photon absorption of the femtosecond laser, fault injection attack in a very small range can be realized, so that whether the output result is matched with the candidate fault types or not can be analyzed according to the attack theory of fewer bit faults of 1 bit or 2 bits, and whether the scanning point is a sensitive point or not can be further determined. And comparing the operation output result of each irradiation with the correct operation result, if the operation output result is different from the correct operation result, indicating that an error is injected into the logic circuit at the irradiation part in the operation process of the chip to be detected, and marking the corresponding position as a fault injection sensitive point. If the operation output result is the same as the correct operation result, the fault is not injected into the logic circuit at the irradiation position. After the operation output results of all irradiation positions are sequentially analyzed, a fault injection sensitive point positioning diagram shown in fig. 3 can be obtained, and black crosses in fig. 3 represent fault injection sensitive points.
Specifically, the safety degree of the chip to be tested is inversely proportional to the proportion of the number of the positions with faults in all the positions irradiated by the femtosecond laser, for example, as shown in fig. 3, the fault injection sensitive point can be regarded as the position with effective fault injection in the chip to be tested, and the more the positions with effective fault injection are, that is, the greater the proportion of the positions with effective fault injection in all the positions irradiated by the femtosecond laser is, the lower the safety degree of the chip to be tested is.
In specific implementation, when a femtosecond laser fault injection test experiment platform is built, a Mai Tai deep femtosecond laser of the American Spectra-Physics company and an A1MP + series confocal microscope of the Nikon company can be adopted. The former can provide irradiation with adjustable power in the range of 680nm-1040nm, and adopts the ultra-stable regeneration mold technology, the wavelength adjustment and excitation configuration is simple and easy to adjust, the light beam pointing is stable, the power fluctuation is small, and the wavelength drift is eliminated. The latter directly embeds a femtosecond laser and carries out light path design, and can focus the femtosecond laser in a space range of 1 μm, and can focus the femtosecond laser beam in a smaller space range if a proper objective lens is adopted. The chip to be tested can adopt an RSA encryption circuit of an FPGA based on ALTERA DE 2-115. The confocal microscope is provided with a two-dimensional electric objective table, so that two-dimensional movement of a sample can be realized, and fault injection attack of the whole surface range of the electronic chip can be realized. Preliminary results can be obtained on an experimental platform, for example, taking an FPGA chip as an example, irradiating a circuit from the front with a wavelength of 900nm, the diameter of a focused light spot being 0.6um, the stage moving with a step size of 0.1um, and generating a stable error when the power is 2.5W. Table 1 shows the decryption parameters of binary RSA based on FPGA, and table 2 shows the decryption results of errors generated in the decryption operation by the RSA cryptographic circuit under the irradiation of femtosecond laser.
Figure BDA0001091178370000101
TABLE 1
Figure BDA0001091178370000102
Figure BDA0001091178370000111
TABLE 2
Based on the same inventive concept, the embodiment of the present invention further provides a chip safety test system based on fault injection, as described in the following embodiments. Because the principle of solving the problems of the chip safety test system based on fault injection is similar to the chip safety test method based on fault injection, the implementation of the chip safety test system based on fault injection can refer to the implementation of the chip safety test method based on fault injection, and repeated parts are not described again. As used hereinafter, the term "unit" or "module" may be a combination of software and/or hardware that implements a predetermined function. Although the means described in the embodiments below are preferably implemented in software, an implementation in hardware, or a combination of software and hardware is also possible and contemplated.
Fig. 4 is a block diagram of a structure of a chip security testing system based on fault injection according to an embodiment of the present invention, as shown in fig. 4, including:
a femtosecond laser 401 for emitting femtosecond laser, wherein a chip to be tested is placed on an objective table below a common focusing microscope in the femtosecond laser;
the synchronous control unit 402 is used for controlling the femtosecond laser to sequentially focus the femtosecond laser on different positions on the surface of a chip to be tested and perform fault injection on the different positions of the chip to be tested, wherein the femtosecond laser generates two-photon absorption in the chip to be tested so as to overturn a logic unit in the chip to be tested;
the data acquisition equipment 403 is used for respectively acquiring operation results output by the chip to be detected under the condition that the chip to be detected is irradiated by the femtosecond laser at different positions;
and the data analysis device 404 is configured to compare and analyze the acquired operation results with preset correct operation results of the chip to be tested, and determine whether effective faults occur at positions of the chip to be tested irradiated by the femtosecond laser, where the number of the positions where the effective faults occur is a basis for determining a safety degree of the chip to be tested, where the effective faults refer to a type of errors that can be analyzed by performing a comparison operation on an erroneous operation result generated when the effective faults occur and the preset correct operation result.
In one embodiment, the safety degree of the chip to be tested is inversely proportional to the proportion of the number of positions with effective faults in all the positions irradiated by the femtosecond laser.
In one embodiment, the photon energy of the femtosecond laser is larger than the energy gap bandwidth of the chip to be tested.
In one embodiment, the femtosecond laser has a wavelength that meets the penetration depth requirement of the femtosecond laser focused on the logic unit in the chip to be tested and meets the energy requirement of the occurrence of energy level transition.
In an embodiment, the synchronous control unit is specifically configured to control the femtosecond laser to focus femtosecond laser on a position on the surface of the chip to be tested when a start signal is received from the chip to be tested and the chip to be tested starts functional operation, control the femtosecond laser to stop fault injection on the position on the surface of the chip to be tested when a pause signal is received from the chip to be tested and the chip to be tested completes one functional operation, and control the data acquisition device to acquire an operation result of the chip to be tested completing the functional operation; when a next starting signal sent by the chip to be tested is received and the chip to be tested starts functional operation, controlling the confocal microscope to move the objective table by a preset step length, focusing femtosecond laser on the next position on the surface of the chip to be tested, controlling the femtosecond laser to stop fault injection on the next position on the surface of the chip to be tested when a next pause signal sent by the chip to be tested is received and the chip to be tested completes one functional operation, and controlling the data acquisition equipment to acquire an operation result of the chip to be tested to complete the current functional operation; and sequentially circulating until the whole surface of the chip to be tested is traversed, and sending a completion signal to the chip to be tested to finish fault injection.
In the embodiment of the invention, femtosecond laser is focused on different positions on the surface of a chip to be detected through a synchronous control unit to perform fault injection on different positions of the chip to be detected, operation results output by the chip to be detected are respectively collected under the condition that the chip to be detected is irradiated by the femtosecond laser at different positions, and finally the collected operation results are compared and analyzed with a preset correct operation result of the chip to be detected, so that whether effective faults occur at the positions of the chip to be detected, which are irradiated by the femtosecond laser, can be determined, and the safety degree of the chip to be detected can be further judged according to the number of the positions with the effective faults. Due to the fact that femtosecond laser generates two-photon absorption in a chip to be tested, error (namely fault) injection attack in a very small range can be achieved, the problem that a fault injection area cannot be accurately controlled due to the fact that the diameter of a conventional laser focusing beam is too large after an integrated circuit manufacturing process enters a nano node in the prior art can be solved, the accuracy of fault injection can be further improved, and the accuracy of a chip safety test result based on fault injection can be improved.
It will be apparent to those skilled in the art that the modules or steps of the embodiments of the invention described above may be implemented by a general purpose computing device, they may be centralized on a single computing device or distributed across a network of multiple computing devices, and alternatively, they may be implemented by program code executable by a computing device, such that they may be stored in a storage device and executed by a computing device, and in some cases, the steps shown or described may be performed in an order different than that described herein, or they may be separately fabricated into individual integrated circuit modules, or multiple ones of them may be fabricated into a single integrated circuit module. Thus, embodiments of the invention are not limited to any specific combination of hardware and software.
The above description is only a preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes may be made to the embodiment of the present invention by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (10)

1. A chip safety test method based on fault injection is characterized by comprising the following steps:
sequentially focusing femtosecond laser on different positions of the surface of a chip to be detected through a synchronous control unit, and performing fault injection on the different positions of the chip to be detected, wherein the femtosecond laser generates two-photon absorption in the chip to be detected so as to overturn a logic unit in the chip to be detected, the wavelength of the femtosecond laser is less than 1064 nanometers and more than 900 nanometers, and the output power of the femtosecond laser when the femtosecond laser is emitted by a femtosecond laser is 1.4 watts;
under the condition that the chip to be tested is irradiated at different positions by the femtosecond laser, respectively collecting operation results output by the chip to be tested;
and respectively comparing and analyzing the acquired operation results with preset correct operation results of the chip to be detected, and determining whether effective faults occur at the positions of the chip to be detected irradiated by the femtosecond laser, wherein the number of the positions with the effective faults is a basis for judging the safety degree of the chip to be detected, and the effective faults refer to a type of errors of the secret key which can be analyzed by comparing and operating error operation results generated when the effective faults occur with the preset correct operation results.
2. The fault injection-based chip safety testing method as claimed in claim 1, wherein the safety degree of the chip to be tested is inversely proportional to the proportion of the number of positions where effective faults occur in all the positions irradiated by the femtosecond laser.
3. The fault injection based chip safety test method as claimed in claim 1, wherein photon energy of the femtosecond laser is greater than energy gap bandwidth of the chip to be tested.
4. The fault injection-based chip safety testing method according to claim 1, wherein the femtosecond laser has a wavelength that meets a penetration depth requirement of the femtosecond laser focused on a logic unit in the chip to be tested and meets an energy requirement of energy level transition.
5. The fault injection-based chip safety testing method according to any one of claims 1 to 4, wherein the chip to be tested is placed on a stage below a confocal microscope in the femtosecond laser, and the femtosecond laser is sequentially focused on different positions on the surface of the chip to be tested through a synchronous control unit, and the method comprises the following steps:
when the chip to be tested sends a starting signal to the synchronous control unit and the chip to be tested starts functional operation, the synchronous control unit controls a femtosecond laser to focus the femtosecond laser on one position of the surface of the chip to be tested, when the chip to be tested sends a pause signal to the synchronous control unit and the chip to be tested completes one functional operation, the synchronous control unit controls the femtosecond laser to stop fault injection on the one position of the surface of the chip to be tested, and an operation result of the chip to be tested for completing the current functional operation is collected; when the chip to be tested sends a next starting signal to the synchronous control unit and the chip to be tested starts functional operation, the synchronous control unit controls the confocal microscope to move the objective table by a preset step length, the femtosecond laser is focused on the next position on the surface of the chip to be tested, when the chip to be tested sends a next pause signal to the synchronous control unit and the chip to be tested completes one-time functional operation, the synchronous control unit controls the femtosecond laser to stop fault injection on the next position on the surface of the chip to be tested, and the operation result of the chip to be tested for completing the current functional operation is collected; and sequentially circulating until the whole surface of the chip to be tested is traversed, and sending a completion signal to the chip to be tested through the synchronous control unit to finish fault injection.
6. A chip safety test system based on fault injection is characterized by comprising:
the device comprises a femtosecond laser device and a chip to be tested, wherein the femtosecond laser device is used for emitting femtosecond laser, the chip to be tested is placed on an objective table below a common focusing microscope in the femtosecond laser device, the wavelength of the femtosecond laser is less than 1064 nanometers and more than 900 nanometers, and the output power of the femtosecond laser device when emitting the femtosecond laser is 1.4 watts;
the synchronous control unit is used for controlling the femtosecond laser to focus the femtosecond laser on different positions on the surface of a chip to be tested in sequence and injecting faults into the different positions of the chip to be tested, wherein the femtosecond laser generates two-photon absorption in the chip to be tested so that a logic unit in the chip to be tested is turned over;
the data acquisition equipment is used for respectively acquiring operation results output by the chip to be detected under the condition that the chip to be detected is irradiated by the femtosecond laser at different positions;
and the data analysis equipment is used for respectively comparing and analyzing the acquired operation results with preset correct operation results of the chip to be detected, and determining whether effective faults occur at the positions of the chip to be detected irradiated by the femtosecond laser, wherein the number of the positions with the effective faults is a basis for judging the safety degree of the chip to be detected, and the effective faults refer to a type of errors of the secret key, which can be analyzed by comparing and operating error operation results generated when the effective faults occur with the preset correct operation results.
7. The fault injection-based chip safety test system according to claim 6, wherein the safety degree of the chip to be tested is inversely proportional to the proportion of the number of positions where effective faults occur in all the positions irradiated by the femtosecond laser.
8. The fault injection based chip safety test system according to claim 6, wherein photon energy of the femtosecond laser is larger than energy gap bandwidth of the chip to be tested.
9. The fault injection based chip safety test system according to claim 6, wherein the femtosecond laser has a wavelength that meets a penetration depth requirement that the femtosecond laser focuses on a logic unit in the chip to be tested and meets an energy requirement that an energy level transition occurs.
10. The chip safety test system based on fault injection according to any one of claims 6 to 9, wherein the synchronous control unit is specifically configured to control the femtosecond laser to focus the femtosecond laser on one position on the surface of the chip to be tested when a start signal is received from the chip to be tested and the chip to be tested starts a functional operation, control the femtosecond laser to stop fault injection on the one position on the surface of the chip to be tested when a pause signal is received from the chip to be tested and the chip to be tested completes a functional operation, and control the data acquisition device to acquire an operation result of the chip to be tested completing the functional operation; when a next starting signal sent by the chip to be tested is received and the chip to be tested starts functional operation, controlling the confocal microscope to move the objective table by a preset step length, focusing the femtosecond laser on the next position on the surface of the chip to be tested, controlling the femtosecond laser to stop fault injection on the next position on the surface of the chip to be tested when a next pause signal sent by the chip to be tested is received and the chip to be tested completes one functional operation, and controlling the data acquisition equipment to acquire an operation result of the chip to be tested to complete the current functional operation; and sequentially circulating until the whole surface of the chip to be tested is traversed, and sending a completion signal to the chip to be tested to finish fault injection.
CN201610719853.XA 2016-08-25 2016-08-25 Chip safety testing method and system based on fault injection Active CN106326053B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610719853.XA CN106326053B (en) 2016-08-25 2016-08-25 Chip safety testing method and system based on fault injection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610719853.XA CN106326053B (en) 2016-08-25 2016-08-25 Chip safety testing method and system based on fault injection

Publications (2)

Publication Number Publication Date
CN106326053A CN106326053A (en) 2017-01-11
CN106326053B true CN106326053B (en) 2022-02-01

Family

ID=57790772

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610719853.XA Active CN106326053B (en) 2016-08-25 2016-08-25 Chip safety testing method and system based on fault injection

Country Status (1)

Country Link
CN (1) CN106326053B (en)

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107144776B (en) * 2017-04-17 2019-10-08 深圳先进技术研究院 A kind of detection method and device of total dose effect
CN108173645B (en) * 2017-12-27 2021-02-02 中国科学院国家空间科学中心 A security detection method and device of a cryptographic chip
WO2021022566A1 (en) 2019-08-08 2021-02-11 深圳市汇顶科技股份有限公司 Security chip, preparation method for security chip, and electronic device
CN110598398B (en) * 2019-08-26 2021-03-19 浙江大学 Chip security evaluation method based on steady-state fault
CN111123062A (en) * 2019-12-26 2020-05-08 兰州空间技术物理研究所 Test method for simulating single particle effect test based on femtosecond pulse laser
US12265613B2 (en) * 2021-06-04 2025-04-01 SDG Logic Inc. System and methods for fault injection attack protection
CN116719685A (en) * 2023-04-21 2023-09-08 深圳先进技术研究院 Functional safety testing methods, devices and equipment under chip transient faults
CN117539215B (en) * 2023-04-25 2024-11-12 北京芯思维科技有限公司 Single instantaneous fault injection method and device for control chip
CN116681015B (en) * 2023-08-03 2023-12-22 苏州国芯科技股份有限公司 Chip design method, device, equipment and storage medium

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP6366595B2 (en) * 2012-11-12 2018-08-01 クリプトグラフィ リサーチ, インコーポレイテッド Method and system for anti-glitch cryptographic discrete log-based signature
CN105095002A (en) * 2014-05-09 2015-11-25 国民技术股份有限公司 Security test method and system based on chip
CN104391784B (en) * 2014-08-27 2017-05-17 北京中电华大电子设计有限责任公司 Method and device for fault injection attack based on simulation
CN104484627B (en) * 2014-12-31 2017-04-26 清华大学无锡应用技术研究院 Design method of randomized anti-fault-attack measures for reconfigurable array architecture
CN105227296B (en) * 2015-10-29 2019-01-25 深圳先进技术研究院 Method and device for manufacturing a 3D cryptographic chip resistant to error injection attacks
CN105467295A (en) * 2015-11-23 2016-04-06 硅谷数模半导体(北京)有限公司 Test system of electronic chip, method and apparatus thereof

Also Published As

Publication number Publication date
CN106326053A (en) 2017-01-11

Similar Documents

Publication Publication Date Title
CN106326053B (en) Chip safety testing method and system based on fault injection
Bugge et al. Laser damage helps the eavesdropper in quantum cryptography
Rahman et al. Physical inspection & attacks: New frontier in hardware security
Chaloupka et al. Dynamics of strong-field double ionization in two-color counterrotating fields
Dutertre et al. Laser fault injection at the CMOS 28 nm technology node: an analysis of the fault model
Tong et al. Empirical formula for static field ionization rates of atoms and molecules by lasers in the barrier-suppression regime
Ohmura et al. Molecular tunneling ionization of the carbonyl sulfide molecule by double-frequency phase-controlled laser fields
Kaluza et al. Measurement of magnetic-field structures in a laser-wakefield accelerator
Li et al. Contribution of nitrogen atoms and ions to the luminescence emission during femotosecond filamentation in air
CN108173645B (en) A security detection method and device of a cryptographic chip
KR20180026530A (en) How to trap attacker points within the crystal lattice
Breier et al. Testing feasibility of back-side laser fault injection on a microcontroller
Colgan et al. Two-photon double ionization of the hydrogen molecule
Hussain et al. Ultraviolet laser pulses with multigigahertz repetition rate and multiwatt average power for fast trapped-ion entanglement operations
Zhang et al. Channel-resolved multiorbital double ionization of molecular Cl 2 in an intense femtosecond laser field
Selmke et al. On the application of two-photon absorption for laser fault injection attacks: pushing the physical boundaries for laser-based fault injection
US20080242054A1 (en) Dicing and drilling of wafers
Petryk Investigation of sensitivity of different logic and memory cells to Laser Fault Injections
Herzig et al. Creation of quantum centers in silicon using spatial selective ion implantation of high lateral resolution
Della Picca et al. Laser-assisted photoionization beyond the dipole approximation
Deng et al. Femtosecond Laser Fault Injection into External SRAM Implementations
JP4557723B2 (en) Non-scanning time-resolved fluorescence microscope
Högner Spatio-spectrally tailored nonlinear enhancement cavities
CN111880765B (en) Quantum random number generation method based on pendulum operator
Gao Mapping organic molecular motions with RF compressed femtosecond electron diffraction

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant