Fig 1 - uploaded by Vincent van der Leest
Content may be subject to copyright.
Cross-coupled CMOS inverter circuit at the core of each SRAM cell. (Two SRAM access MOSFETs not shown.)
Source publication
Silicon aging, in particular NBTI, causes many PUFs to exhibit a natural tendency of growing less reliable over time. This is inconvenient or even unacceptable for in-the-field applications. In case of SRAM PUFs it is observed that the impact of NBTI aging depends on the data stored in the SRAM. In this work, we investigate the effects of data-depe...
Contexts in source publication
Context 1
... SRAM PUF [6] evaluates the power-up pattern of a standard 6T SRAM array. As shown in Fig. 1, at its core each SRAM cell in the array comprises two nominally matched CMOS inverters which are cross-coupled. Uncontrol- lable CMOS process variations introduce random parameter deviations which cause a mismatch between the inverter pairs affecting their power-up state. The predominant mismatch in an SRAM cell determining its ...
Context 2
... mean values (µ) of these dis- tributions are calculated for each of the (anti-)aging scenarios. The evolution of these µ's for the different quality measures and aging scenarios for the duration of the experiment is presented in Figures 3a-3c 1 , with colors indicating whether a quality measure is deteriorating over time (red) or not (green). The overall shift of the mean values for each of the quality measures during the total duration of the experiment is shown in Figures 3d-3f. ...
Citations
... Furthermore, the new technology nodes have smaller feature sizes, magnifying the effects of reliability characteristics on security. Various sources [126], [127], [128], [129], [130], [131], consider the relationship between different reliability characteristics, e.g., process variation temperature and aging, and security applications and primitives, e.g., Physically Unclonable Function (PUF) and True Random Number Generator (TRNG). Although certain characteristics, such as process variations, can be exploited for the design of PUF and TRNG, see Table 7, other reliability characteristics have a negative impact on these security primitives. ...
The trustworthiness of integrated circuits (ICs) has become increasingly important due to the ubiquitousness of ICs and the insecure nature of the current semiconductor supply chain. Throughout development and operation, ICs are exposed to several risks that can arise from malicious actors or harsh operational conditions. Therefore, the question arises: Does the trustworthiness of an IC indicate its security only or other attributes beyond? Various disciplines may have a different understanding of what
IC trustworthiness
means. Thus, a compact and unified definition that provides its main overarching attributes is required. Such a definition would lead to a greater readiness to deal with emerging challenges. To define trustworthiness at IC level, we identify the minimum number of attributes required to cover the various perspectives of development, focusing on correct functionality, reliability, security, and functional safety. Subsequently, we review and provide a structured description of identified critical pre-silicion issues that can negatively impact the defined attributes. Besides academic literature, standards, and industry-relevant publications, we consider industry experts’ opinions to achieve the maximum possible coverage of our topical review. We also provide an overview and analysis of several existing evaluation methodologies of the respective trustworthiness attributes, as evaluating the discussed issues is another important aspect for achieving trustworthiness. Our findings highlight the need for a comprehensive and universally applicable framework to evaluate the trustworthiness of ICs.
... In the subsequent sections, we explore the broader implications of these aginginduced changes, discussing potential security vulnerabilities, strategies for enhancing SRAM PUF resilience, and future directions in addressing the evolving landscape of semiconductor device aging. [27][28][29][30][31][32] Quantitative analysis, Statistical modeling, Reliability assessment Quantification of aging effects on SRAM PUFs and their impact on reliability. [3] Vulnerability assessment, Attack scenarios Investigation of potential security risks arising from aging effects in SRAM PUFs. ...
Impact of aging effects on Static Random-Access Memory Physical Unclonable Functions (SRAM PUFs) presents critical implications for security and reliability in modern hardware. Emerging as promising hardware-based security primitives, SRAM PUFs harness process variations in integrated circuits for secure key generation and device authentication. However, aging phenomena like Bias Temperature Instability (BTI) and Hot Carrier Injection (HCI) can potentially alter SRAM cell characteristics, compromising PUF responses. This study delves into the multifaceted challenges of aging-induced variations, exposing underlying security vulnerabilities and offering innovative strategies to mitigate risks. Examining reliability implications, it introduces mitigation techniques such as adaptive reconfiguration, error correction codes, and multi-modal PUFs to enhance the resilience of SRAM PUFs. The investigation concludes by mapping future research directions and prospects for improving SRAM PUF-based security solutions, in light of the complexities associated with semiconductor device aging.
... Similar to two different random numbers, the ideal Inter-PUF variation is 50%. [16] The Enrollment is an initial repeated set of measurements on the PUF. The repeated measurement of environmental conditions on a PUF are called the PUF Challenges. ...
... They represent how reliably the PUF measurement can be reproduced. [16] For a sensor PUF the Intra-PUF variation is dependent on the total electrical noise and EMI in the system. The Inter-PUF variation is a measure of how likely the same measurement from a different PUF coincides with the original PUFs measurement. ...
... Previous results show that SRAM PUF exhibited a bit error rate (BER) of approximately 0.05 in ambient environmental conditions [13][14][15]. There were also a few attempts to further reduce the BER [16][17][18], which will eventually improve the reliability of SRAM PUF [19][20][21]. To efficiently assess the robustness, it is necessary to analyze an error pattern of SRAM PUF, which can be used as a comparison. ...
SRAM-based physically unclonable function (PUF) is an attractive security primitive for cryptographic protocol and security architecture because SRAM itself is one of the most widely used embedded memories. In terms of robustness, however, there is a weakness for SRAM PUF owing to a bit error; thus, a method must be explored to reduce this error. In this work, a novel hardware chip to characterize cell-to-cell entropy is demonstrated for robust SRAM based PUF by implementation of a screening test to filter out poor cells. We design a chip with a power controller, circuits for error correction coding, a SRAM array and central processing unit. Then it was fabricated by a foundry service. We also propose a procedure to suppress the bit error by use of a screening test, which is based on SRAM cells possessing their own entropy. Through the screening test, the bit error rate (BER) is reduced to below 10-6\documentclass[12pt]{minimal} \usepackage{amsmath} \usepackage{wasysym} \usepackage{amsfonts} \usepackage{amssymb} \usepackage{amsbsy} \usepackage{mathrsfs} \usepackage{upgreek} \setlength{\oddsidemargin}{-69pt} \begin{document}$${10}^{-6}$$\end{document}, which is much smaller than the BER of 0.05 in previous reports, i.e., the robustness is notably improved. Moreover, this robustness was evaluated in terms of an error correction code (ECC) failure rate and temperature after the screening test. SRAM-based PUF with enhanced robustness can contribute to implementing a security protocol and architecture for chip authentication.
... Therefore, although such factors may have a profound effect on memory-based PUFs, it may be rather hard to utilise them in order to manipulate the responses of a PUF, in a manner that is easy to implement or that is cost-efficient. In general, we also note that it may be possible to easily mitigate such aging effects [188]. Finally, we also do not examine, in this work, other inherent factors that may affect the responses of memory-based PUFs, such as spatial correlation, but we do observe that, in the relevant literature [189,190], it has been noted that the values of the responses of memory-based PUFs do not appear to be highly correlated in terms of spatial correlation. ...
In this work, we examine whether Physical Unclonable Functions (PUFs) can act as lightweight security mechanisms for practical applications in the context of the Internet of Things (IoT). In order to do so, we first discuss what PUFs are, and note that memory-based PUFs seem to fit the best to the framework of the IoT. Then, we consider a number of relevant memory-based PUF designs and their properties, and evaluate their ability to provide security in nominal and adverse conditions. Finally, we present and assess a number of practical PUF-based security protocols for IoT devices and networks, in order to confirm that memory-based PUFs can indeed constitute adequate security mechanisms for the IoT, in a practical and lightweight fashion.
More specifically, we first consider what may constitute a PUF, and we redefine PUFs as inanimate physical objects whose characteristics can be exploited in order to obtain a behaviour similar to a highly distinguishable (i.e., “(quite) unique”) mathematical function. We note that PUFs share many characteristics with biometrics, with the main difference being that PUFs are based on the characteristics of inanimate objects, while biometrics are based on the characteristics of humans and other living creatures. We also note that it cannot really be proven that PUFs are unique per instance, but they should be considered to be so, insofar as (human) biometrics are also considered to be unique per instance.
We, then, proceed to discuss the role of PUFs as security mechanisms for the IoT, and we determine that memory-based PUFs are particularly suited for this function. We observe that the IoT nowadays consists of heterogeneous devices connected over diverse networks, which include both high-end and resource-constrained devices. Therefore, it is essential that a security solution for the IoT is not only effective, but also highly scalable, flexible, lightweight, and cost-efficient, in order to be considered as practical. To this end, we note that PUFs have been proposed as security mechanisms for the IoT in the related work, but the practicality of the relevant security mechanisms has not been sufficiently studied.
We, therefore, examine a number of memory-based PUFs that are implemented using Commercial Off-The-Shelf (COTS) components, and assess their potential to serve as acceptable security mechanisms in the context of the IoT, not only in terms of effectiveness and cost, but also under both nominal and adverse conditions, such as ambient temperature and supply voltage variations, as well as in the presence of (ionising) radiation. In this way, we can determine whether memory-based PUFs are truly suitable to be used in the various application areas of the IoT, which may even involve particularly adverse environments, e.g., in IoT applications involving space modules and operations.
Finally, we also explore the potential of memory-based PUFs to serve as adequate security mechanisms for the IoT in practice, by presenting and analysing a number of cryptographic protocols based on these PUFs. In particular, we study how memory-based PUFs can be used for key generation, as well as device identification, and authentication, their role as security mechanisms for current and next-generation IoT devices and networks, and their potential for applications in the space segment of the IoT and in other adverse environments. Additionally, this work also discusses how memory-based PUFs can be utilised for the implementation of lightweight reconfigurable PUFs that allow for advanced security applications. In this way, we are able to confirm that memory-based PUFs can indeed provide flexible, scalable, and efficient security solutions for the IoT, in a practical, lightweight, and inexpensive manner.
... By writing a proper value to the SRAM array and applying burn-in aging, the SRAM PUF cells can become more reliable. However, the bit-error rate cannot achieve a safe level by purely applying the burn-in aging and the ECC is still required afterwards [2,19,21,25]. In [16], instead of Negative-Bias Temperature Instability (NBTI) burn-in, the author exploit the Hot Carrier Injection (HCI) burn-In to reach nearly 100% reliable SRAM PUF cells. ...
A physical unclonable function (PUF) is a digital circuit that can generate a die specific unique and stable response, which can be used for authentication and key generation. Since no major design or manufacturing modifications are required, exploitation of SRAMs to implement PUFs is a promising option. When initially powered up, in dividual SRAM cells acquire unique logic states based on the inherent bias of the cell. At advanced technology nodes, this bias is primarily due to unavoidable random manufacturing process variations, which are unpredictable and vary randomly from cell to cell, as well as chip to chip. When an SRAM is read out, these power-up states provide a unique output that is largely consistent during repeated power-up cycles for a given SRAM, but varies for different copies of the same part, as required of a PUF. However, this powerup state of SRAMs cannot be directly used (e.g. in cartographic key generation), due to unpredictability in some of the SRAM cells caused by electrical and electromagnetic noise and temperature fluctuations. We show in this paper that power-up states are also influenced by the power supply ramp rate at power-up, which can be yet another source of cell instability. To address the general problem of instability in SRAM power-up states that can result in inconsistent responses from SRAM PUFs, we present an effective stable cell selection method to identify the cells in the SRAM that are strongly biased, thereby resistant to circuit noise, voltage and temperature changes, and also aging. The data from the Silicon experiments presented here shows that the selected stable SRAM cells are highly reliable over temperature and voltage variations, with a bit error rate (BER) close to zero.
... SRAM PUFs are widely available, cheap, easy to use, and fast [43]. This is a perfect technology to use to implement the methods presented in this paper, namely, key recovery, content delivery, and digital file protection. ...
Physical unclonable functions, embedded in terminal devices, can be used as part of the recovery process of session keys that protect digital files. Such an approach is only valuable when the physical element offers sufficient tamper resistance. Otherwise, error correcting codes should be able to handle any variations arising from aging, and environmentally induced drifts of the terminal devices. The ternary cryptographic protocols presented in this paper, leverage the physical properties of resistive random-access memories operating at extremely low power in the pre-forming range to create an additional level of security, while masking the most unstable cells during key generation cycles. The objective is to reach bit error rates below the 10−3 range from elements subjected to drifts and environmental effects. We propose replacing the error correcting codes with light search engines, that use ciphertexts as helper data to reduce information leakage. The tamper-resistant schemes discussed in the paper include: (i) a cell-pairing differential method to hide the physical parameters; (ii) an attack detection system and a low power self-destruct mode; (iii) a multi-factor authentication, information control, and a one-time read-only function. In the experimental section, we describe how prototypes were fabricated to test and quantify the performance of the suggested methods, using static random access memory devices as the benchmark.
... SRAM PUFs are widely available, cheap, easy to use, and fast [43]. This is a perfect technology to use to implement the methods presented in this paper, namely, key recovery, content delivery, and digital file protection. ...
Physical unclonable functions, embedded in terminal devices, can be used as part of the
recovery process of session keys that protect digital files. Such an approach is only valuable when
the physical element offers sufficient tamper resistance. Otherwise, error correcting codes should be
able to handle any variations arising from aging, and environmentally induced drifts of the terminal
devices. The ternary cryptographic protocols presented in this paper, leverage the physical properties
of resistive random-access memories operating at extremely low power in the pre-forming range to
create an additional level of security, while masking the most unstable cells during key generation
cycles. The objective is to reach bit error rates below the 10−3
range from elements subjected to drifts
and environmental effects. We propose replacing the error correcting codes with light search engines,
that use ciphertexts as helper data to reduce information leakage. The tamper-resistant schemes
discussed in the paper include: (i) a cell-pairing differential method to hide the physical parameters;
(ii) an attack detection system and a low power self-destruct mode; (iii) a multi-factor authentication,
information control, and a one-time read-only function. In the experimental section, we describe how
prototypes were fabricated to test and quantify the performance of the suggested methods, using
static random access memory devices as the benchmark.
... The data stored in a SRAM cell can gradually affect its startup state. This is called data-dependent aging [51]. Given that the key derivation is based on a physical primitive, we also consider aging attacks that may attempt to exploit the small changes in behavior of memory cells that occur as a result of aging the underlying electronic components. ...
... First, the aging effect is data dependent. The user can employ an anti-aging method, such as writing reverse data patterns to mitigate the aging effect validated as an efficient approach to counter aging [51]. Second, the SRAM unreliability induced by aging, even over six years, is small-only 2% [51]. ...
... The user can employ an anti-aging method, such as writing reverse data patterns to mitigate the aging effect validated as an efficient approach to counter aging [51]. Second, the SRAM unreliability induced by aging, even over six years, is small-only 2% [51]. Hence, a simple anti-aging method for NoisFre is to allow the server to intentionally assume a higher worst-case BER f during the enrollment phase to count for or tolerate the aging effect by trading off a slight increase in SRAM volume required to retain the same NoisFre key reliability. ...
Building hardware security primitives with on-device memory fingerprints is a compelling proposition given the ubiquity of memory in electronic devices, especially for low-end Internet of Things devices for which cryptographic modules are often unavailable. However, the use of fingerprints in security functions is challenged by the small, but unpredictable variations in fingerprint reproductions from the same device due to measurement noise. Our study formulates a novel and pragmatic approach to achieve highly reliable fingerprints from device memories. We investigate the transformation of raw fingerprints into a noise-tolerant space where the generation of fingerprints is intrinsically highly reliable. We derive formal performance bounds to support practitioners to easily adopt our methods for applications. Subsequently, we demonstrate the expressive power of our formalization by using it to investigate the practicability of extracting noise-tolerant fingerprints from commodity devices. Together with extensive simulations, we have employed 119 chips from five different manufacturers for extensive experimental validations. Our results, including an end-to-end implementation demonstration with a low-cost wearable Bluetooth inertial sensor capable of on-demand and runtime key generation, show that key generators with failure rates less than
$10^-6$
can be efficiently obtained with noise-tolerant fingerprints with a single fingerprint snapshot to support ease-of-enrollment.
... Programmable Gate Arrays (FPGAs) and Application-Specific Integrated Circuit (ASIC) platforms [MS11, RSS + 13, MvdL14,SCM15]. Owing to the fact that the functionality of APUFs and XOR-APUFs is based on a tiny delay difference between lines that should only be affected by process variations, the implementation of these PUF primitives encounter difficulties to achieve a symmetric structure/routing (particularly in FPGAs). ...
The developments in the areas of strong Physical Unclonable Functions (PUFs) predicate an ongoing struggle between designers and attackers. Such a combat motivated the atmosphere of open research, hence enhancing PUF designs in the presence of Machine Learning (ML) attacks. As an example of this controversy, at CHES 2019, a novel delay-based PUF (iPUF) has been introduced and claimed to be resistant against various ML and reliability attacks. At CHES 2020, a new divide-and-conquer modeling attack (splitting iPUF) has been presented showing the vulnerability of even large iPUF variants.
Such attacks and analyses are naturally examined purely in the simulation domain, where some metrics like uniformity are assumed to be ideal. This assumption is motivated by a common belief that implementation defects (such as bias) may ease the attacks. In this paper, we highlight the critical role of uniformity in the success of ML attacks, and for the first time present a case where the bias originating from implementation defects hardens certain learning problems in complex PUF architectures. We present the result of our investigations conducted on a cluster of 100 Xilinx Artix 7 FPGAs, showing the incapability of the splitting iPUF attack to model even small iPUF instances when facing a slight non-uniformity. In fact, our findings imply that non-ideal conditions due to implementation defects should also be considered when developing an attack vector on complex PUF architectures like iPUF. On the other hand, we observe a relatively low uniqueness even when following the suggestions made by the iPUF’s original authors with respect to the FPGA implementations, which indeed questions the promised physical unclonability.
