2016年12月23日 星期五

The State-of-the-Art in IC Reverse Engineering (Google翻譯 蕭新忠修正整理)

The State-of-the-Art in IC Reverse Engineering
<http://www.iacr.org/archive/ches2009/57470361/57470361. pdf>
 Google翻譯 蕭新忠修正整理 2016/12/23
Abstract 序言
This paper gives an overview of the place of reverse engi-neering (RE) in the semiconductor industry, and the techniques used to obtain information from semiconductor products.
The continuous drive of Moores law to increase the integration level of silicon chips has presented major challenges to the reverse engineer,obsolescing simple teardowns, and demanding the adoption of new and more sophisticated technology to analyse chips. Hardware encryption embedded in chips adds a whole other level of difficulty to IC analysis.
This paper covers product teardowns, and discusses the techniques used for system-level analysis, both hardware and software; circuit extraction,taking the chip down to the transistor level, and working back up through the interconnects to create schematics; and process analysis, looking at how a chip is made, and what it is made of. Examples are also given of each type of RE. The paper concludes with a case study of the analysis of an IC with embedded encryption hardware.
One of the most basic business requirements is the need to know what the competition is doing. If a company wants to get into a new area of business, the simplest thing to do is buy an existing product and take it apart to see what is inside it. Having done that, we know the parts list involved, and the technological challenges to be faced in manufacturing the new version.
Reverse engineering (RE) can cover objects from as large as aircraft down to the smallest microchip, and the motivations have varied from the paranoia of the Cold War, through commercial piracy, to competitive intelligence, product verification, and courts of patent law.
If we look back over the last few decades, reverse engineers around the world have had a significant inuence on the dissemination of technology in the electronics industry.
RE is now a recognised part of the competitive intelligence field, and is commonly used to benchmark products and support patent licensing activities. A side area is the need to RE archaic parts that have gone out of service, and need replacing in long-lived equipment such as military systems, nuclear reactors, airliners, and ships.
A fact of life these days is that simple teardowns of products are just not good enough any more. Advances in semiconductor technology,namely the massive integration of billions of individual devices and masses of functions into single components, have forced RE to evolve into a spe-cialised niche of the engineering profession.
RE in the Semiconductor Industry RE在半導體工業
The question most often asked about reverse engineering is"is it le-gal?" The short answer is { yes! In the case of semiconductors, RE is protected in the US by the Semiconductor Chip Protection Act, which allows it \for the purpose of teaching, analyzing, or evaluating the concepts or techniques embodied in the mask work or circuitry. . . " There is similar legislation in Japan, the European Union, and other jurisdictions.
關於逆向工程最常被問的問題是“合法嗎?”簡短的答案是 "是"!在半導體的情況下,RE在美國受到“半導體芯片保護法案”的保護,它被允許用在以教學的為目的教學上,它也被允許用來分析或評估在程式碼或電路中所呈現的概念或技術。...“在日本,歐盟和其他司法管轄區,都有類似的立法。
In the semiconductor business, RE customers fall into two groups:those who are interested in technical information, and those that are interested in patent-related information. The technical information customers are usually within manufacturing companies, performing product development, or strategic marketing or benchmarking studies. The patent clients are usually patent lawyers or intellectual property (IP) groups within companies. There are also companies that are purely licensing companies, and deal only in IP.
Types of RE RE的類型 (逆向工程技術內容)
Reverse engineering of semiconductor-based products can broadly take several forms:
_ Product teardowns { identify the product, package, internal boards,and components
_ System level analysis { analyse operations, functions, timing, signal paths, and interconnections
_ Process analysis { examine the structure and materials to see how it is manufactured, and what it is made of
_ Circuit extraction { delayer to transistor level, then extract interconnections and components to create schematics and netlists
1 產品拆卸:識別產品,包裝,內部板和組件
2 系統層次分析:分析操作,功能,時序,信號路徑和互連
3 製程分析:檢查結構和材料,了解它是如何製造的,以及它是哪些東西構成
4 電路提取:去除層次從最上層的連線到最底層的電晶體,一層一層依序剝開,然後提取互連和組件,以產生線路圖和網表(線路文字檔)
1 Product Teardowns 產品拆解
Product teardowns are the simplest type of RE in the electronics arena; the unit is simply disassembled, the boards and sub-assemblies are photographed, and the components are inventoried.
Reverse engineers are usually only interested in what components are in the device at this level, but there are also companies that use the data to provide a bill of materials and tentative costing for the manufacture.
Figure 1 shows an Apple 8 GB iPod nano personal media player, partly torn down to expose the internal board and the ICs used [1].
Optical and x-ray analyses (Fig. 2) showed that the 64 Gb flash memories were actually 2 x 32 Gb stacked packages, each containing four 8 Gb dice (total 64 Gb). In this case, we continued with detailed process analyses of the 8 Gb flash chips, since they were leading edge devices from Samsung and Toshiba.
圖1顯示了一個蘋果8 GB iPod nano個人媒體播放器,拆下一部分,露出內部板和使用的IC [1]。
(圖2)光學和x射線分析,表明64Gb快閃記憶體實際上是2×32Gb堆疊封裝,每個包含四顆8Gb的芯粒(總共64Gb)。在這種情況下,我們對8 Gb快閃記憶體芯片,繼續進行進一步的製程分析,因為它們來自於三星和東芝的先進元件。
2 System Level Analysis系統層次分析
Just as there is a huge variation in electronic systems, there is also a variety of methods for system analysis. Electronic systems can consist of hardware, software, firmware, comunications, transducers, etc. System analysis is useful for all of these.
2.1 Hardware 硬件
Hardware analysis takes one of two forms: reverse engineering or functional analysis.Reverse engineering is a hierarchical analysis method. Take the example of a cell phone. The first phase of reverse engineering is to tear down the phone, making notes of all connections between subsystems. Next, the main board is reverse engineered. Photos are taken of the board for future work.
All components on the board are catalogued and then selectively removed. If the board is multi-layered, it can be delayered and imaged (Figure 3). The connections between all components are then identified and entered into the board schematic. Alternatively, electrical probing can sometimes be used to _nd the connections. Either way, a complete schematic of the board can be re-created.
Functional analysis entails system monitoring during functional operation.
A system can be instrumented with probes wherever needed (sometimes with great difficulty, but it can usually be done, as shown in Figure 4). Microprobing is used to monitor on-chip signals. Test case are developed, and stimulus created for operating the system in its functional modes. Signal generators, logic analyzers, and oscilloscopes are used to drive the system and collect the results. The signals and full system are then analyzed.
Using the cell phone example once again, the phone can be partially disassembled, but still electrically connected to allow for operation. Probes can be used to monitor key buses, pins of chips, and connectors. The phone can then be operated, and the signals analyzed,to understand the operation.
2.2 Software 軟件
As with hardware, software can be analyzed using the same two techniques; reverse engineering and functional analysis.
Software reverse engineering is the process of taking machine code and converting it back into human-readable form.
The first task is often extraction of embedded code from an on-chip memory. Many techniques are available, such as EEPROM programmers, bus monitoring during code upload, and schematic extraction. Sometimes the code is protected with software or hardware locks. These can often be disabled via a collection of techniques. A chip's test port can be a good method of accessing its con-tents. IC microsurgery can be used to modify or bypass hardware locks. Usually these techniques require circuit analysis first, in order to identify the locks and second modifications that will disable them.
第一個任務通常是從晶片上記憶體提取嵌入代碼。有許多技術可用,例如EEPROM編程器,利用程式碼上傳期間的總線監視和示意圖提取。有時,程式碼受軟件或硬件鎖保護,這些通常可以通過一組技術來解鎖用。芯片的測試端口可以是提取程式內容的一種很好的方法。 也可利用IC顯微外科技術,進行修改或繞過硬件鎖的程序。通常這些技術首先需要電路分析,以便識別鎖和第二道修改,進行解禁。
Encrypted code requires encryption analysis, followed by decryption.This requires both the keys and an understanding of the encryption algorithm. The keys can often be read from the embedded memory, along with the code, using the techniques described above. The encryption algorithm can sometimes be discovered via documentation or functional analysis. If these methods fail, then circuit extraction can often be used to reverse engineer the algorithm.
Once the code is extracted, disassemblers can be used as long as the processor and instruction set are known. Tools are then available to help take assembly code and structure it into a more C-like format. This structured code can then be analyzed by software experts. Code can be analyzed in either \static" (\dead") mode or \dynamic" (\live") mode. Live analysis is undertaken when it is possible to obtain the full control of the processor: starting and stopping code, inspecting registers, memory, tracing code execution. Live analysis is always preferable to dead code analysis which consists of analyzing just the instructions without the ability to inspect the code while running.
一旦代碼被提取,可以使用反組譯器,只要處理器和指令集是已知的。然後可以使用工具來幫助獲取彙編代碼並將其結構化為更類似C的格式。然後可以由軟件專家分析該結構化代碼。代碼可以在\靜態(靜止)模式或\ 動態(送電實況)模式下進行分析。當處理器可以獲得完全控制時,進行實況分析:啟動和停止代碼,檢查寄存器,存儲器,追踪代碼執行。實況分析總是優於靜止不動的程式碼分析,靜態(靜止)模式只能分析指令,而無法在運行中檢查程式碼。
Using software simulators enables another mode of software RE which is in between these two.Software functional analysis is similar to hardware functional analysis.Test cases are designed, stimulus is created, the code can be instrumented,and the software executed. The outputs of this software can take many forms, from creating charts or driving a GUI, to controlling a robot or playing a song. These outputs can be analyzed to better understand the
software or system.
3 Process Analysis製程分析
Process analysis of chips is straightforward in theory, since microanalytical tools have been around for some time. Every wafer fab has a range of equipment for process control and failure analysis, and Chipworks uses the lab-scale equivalent.
Using a Sony DCR-DVD505 Handycam as an example, we were interested in the CMOS image sensor in the camera.We removed the camera module from the unit and took it apart,recording the details as we went, and ended up with the CMOS imager die (Figure 5), which turns out to be a Sony Clearvid IMX013 chip.Then we get into the actual chip analysis. This part was a fairly leading-edge sensor, with a small pixel size of 2.85 _m x 2.85 _m, so
emphasis was on a detailed examination of the pixel.
使用Sony DCR-DVD505 Handycam作為範例,我們對相機中的CMOS圖像傳感器感興趣。我們從設備中取出相機模塊,並將其拆開,記錄過程中所有細節,最後才進入到CMOS感測器晶粒(圖5),結果才發現是一顆索尼Clearvid IMX013芯片。然後我們進入實際的芯片分析。這零件是一個相當先進的傳感器,具有小的像素尺寸2.85 _m x 2.85 _m,所以 重點是對像素的詳細檢查。
Figures 6 to 9 show some of the features seen in the pixel area.When performing process analysis, plan-view imaging gives limited process information, so the primary source of data is cross-sectional analysis, usually using SEM, TEM, and scanning capacitance microscopy (SCM). For details of the chemical composition, the most commonly used technique is energy dispersive x-ray analysis, although occasionally we use other methods such as secondary ion mass spectrometry or Auger analysis.A few words of explanation here with respect to Figures 8 and 9.
A TEM looks through the sample to give high resolution images of the device structure, and SCM is a way of seeing the positive and negative doping that makes up the actual working transistors, resistors, etc., in the silicon chip.
Looking at Figure 6, we see a plan-view image of part of the pixel array, showing the transfer transistor (T1), and the T2 reset transistor and T3 source follower transistors, comprising the 3 transistor pixel circuit.
The short black line in the centre of the image represents a metal 1 strap joining the oating di_usion (FD), between T1 and T2, to the gate of T3.Figure 7 shows a cross section of the pixel structure, illustrating the organic and nitride lenses, the colour filters, three layers of copper metallization in the array, and the T3 transistors on the substrate.
TEM透過樣品觀察,給予元件結構高解析圖像,SCM是透過觀察正和負摻雜離子的方式,了解構成矽芯片中的實際工作電晶體,電阻器等。 參見圖6,我們看到像素陣列的一部分的平面圖像,示出了包括3電晶體像素電路的傳輸電晶體(T1),T2復位電晶體和T3源極跟隨器電晶體。 圖像中心中的短黑線表示將T1和T2之間的金屬離子(FD)連接到T3的柵極的金屬1帶。圖7示出像素結構的剖面,標示出了有機和氮化物透鏡,彩色濾光片,陣列中的三層銅金屬化,以及襯底上的T3電晶體。
There is also a fourth aluminium metal layer, not shown in this section, used for bond pads and as a light shield (the white bars in the die photograph in Figure 4). The 28_ angle of acceptance is also shown.Figure 8 is a TEM image of the transfer transistor gate, and it is clear that the nitride layer used for the sidewall spacer has only been partially etched o_ the top of the gate; the residual nitride on the photocathode (left) side has been used as an antireective (AR) layer in the photocathode area.
同樣還有在該部分中未示出的用於接合焊盤和作為遮光件的第四鋁金屬層(圖4中的晶片照片中的白色條)。還顯示了28°接受角。 圖8是轉移電晶體柵極的TEM圖像,並且清楚的是,用於側壁間隔物的氮化物層僅在柵極的頂部被部分地蝕刻;光電陰極(左)側的殘餘氮化物已經用作光電陰極區域中的抗反射(AR)層。
The doping structure of the pixels is illustrated in the SCM image in Figure 9. Chemical staining has been used for decades to highlight the doped areas in silicon, but even after many years of experiment, it is still more of an art than a science. The development of the SCM allows us to distinguish features such as the P-pinning layer above the photocathode,and the oating di_usion, more clearly. The deeper blue areas are the P-type isolation regions in the N-substrate.
在圖9中的SCM圖像中,標示出了像素的摻雜結構。化學染色已經使用了幾十年來突出矽中的摻雜區域,但是即使在多年的實驗之後,它仍然是一門藝術而不是科學。 SCM的發展使我們能夠更清楚地區分諸如光電陰極上方的P釘扎層以及浮雕凹陷的特徵。較深的藍色區域是N基底中的P型隔離區域。
There are two parallel trends in semiconductor processing. There is the well publicized Moores law shrinkage of dimensions, moving to the 45 nm node and below, with the introduction of high-k/metal gate transistors,and there is a drive to more process integration as RF/mixed signal and embedded memory processes are merged into CMOS logic processes.As can be imagined, examining features deep into the nanometer scale (gate oxides are now 1.2 nm - 1.5 nm thick) stretches analytical capabilities to the limits. They can be imaged with high-resolution electron microscopy, but obtaining details of the chemical composition of the structure is now in the realm of counting atoms [5,6].Similarly to the other forms of RE, our _nal documents can take several forms, from reports speci_cally focused on a feature described in a patent claim, to comprehensive reports detailing the full structural and process analysis of a high-end chip. It all depends on what the customer wants!
半導體處理有兩個平行的趨勢,被廣為宣傳的摩爾定律收縮的尺寸,移動到45nm節點和以下,隨著高k /金屬柵極晶體管的引入,驅動出更多的集成,讓RF /混合信號和嵌入式存儲器等等製程被合併到CMOS邏輯製程中。可以想像,深度檢視納米尺度的特徵(柵極氧化物現在是1.2nm-1.5nm厚)將分析能力擴展到極限。它們可以用高解析度電子顯微鏡成像,但獲得結構的化學組成的細節,現在在計數原子的領域[5,6]。類似於其他形式的RE,我們的文件可以採取幾種形式,從專門針對專利權利要求中描述的特徵的報告,到詳細描述高端芯片的全部結構和過程分析的綜合報告。這一切都取決於客戶的需求!
4 Circuit Extraction 電路提取
Circuit extraction of semiconductor chips becomes increasingly more difficult with each new generation. In the \good old days" of 10 to 20 years ago, a circuit analyst's life was much simpler. A typical IC of those days may have had one layer of metal, and used 1 _m - 2 _m technology.After package removal, all features could usually be seen from the top
level metal planar view.
越是新一代的半導體芯片,電路提取難度變得越高。在10到20年前的“美好的舊時代”中,電路分析師的生活簡單得多,這些日子的典型IC可能有一層或兩層金屬,並使用1 微米或2 微米技術。封裝去除後,所有功能通常從最上層金屬平面圖就可以被辨識出來。
The die could then be put under optical imaging equipment in order to take multiple high-magnification images. The photographs were developed and taped together in an array to recreate an image of the chip. Engineers then used the \crawl-aroundon- the-floor" technique (Figure 10),where they annotated the wires and transistors. This was followed by drawing out the schematic _rst on paper, then in a schematic editor.
Life has changed since those days. The complexity of devices has followed Moores law, and we are now extracting circuits from 45 nm chips.Moreover, these devices now have up to 12 layers of metal, and use an esoteric combination of materials to create both the conductors and dielectrics [2,3]. They may have hundreds of millions of logic gates, plus
huge analog, RF, memory, and other macrocell areas. MEMs, inductors,and other devices are also being integrated onchip.
晶片集成的複雜度,遵循摩爾定律的驅動下,我們現在面對的是從45nm芯片中提取電路。此外,這些晶片的連線,現在具有多達12層的金屬,並且使用材料的深奧組合來產生導體和電介質[2, 3]。他們可能有數億個邏輯門,加上大型的類比線路,RF,記憶體和其他各種不同功能的組合元件,還有微機電,電感器和其他器件也都進入芯片集成。自從這些事實一一呈現,美好的舊時代終於被改變。
The circuit extraction proceeds as follows: 電路提取進行步驟如下:
1 Package removal (known in the industry as device \depot") 封裝去除取晶粒
2 Delayering 層次去除
3 Imaging 成像
4 Annotation 標註各連線與元件序號名稱
5 Schematic read-back and organization 線路圖回讀整理重新組織
6 Analysis 分析
1 Device Depot封裝去除取晶粒
Depot may well be the only step of the process that still follows the traditional methods. Typically, packages are etched in a corrosive acid solution (Figure 11). A variety of acids at various temperatures are used depending on the composition and size of the particular package. These solutions dissolve away the packaging material, but do not damage the die.Hermetic and ceramic packages require di_erent techniques that usually involve mechanical or thermal treatment to remove lids, or dice from substrates, or even polish away a ceramic substrate.
2 Device Delayering層次去除
Modern semiconductor devices range from 1.0 um single metal bipolar chips, through 0.35 um BiCMOS diffused MOS (BCDMOS) chips, to 45 nm 12 metal microprocessors, and everything in between. Both aluminum and copper can be used for metal on the same chip. Depending on the process generation, the polysilicon gates and source/drains can use di_erent silicides. A variety of low-k dielectrics are now interspersed with uorosilicate glass (FSG), phosphosilicate glass (PSG), and SiO2. Layer thicknesses vary greatly. For instance, on a 7 metal 65 nm Texas Instruments (TI) [4] baseband processor chip we recently analyzed (Figure 12),we found:
_ Interconnect layers included Cu, Al, TiN, and TaN
_ Metal thicknesses ranged from 0.15 to 1.4 _m
_ Dielectrics included silicon nitride, oxynitride, oxide, SiOC, SiONC,and PSG
_ Dielectric thicknesses varied from _0.3 _m to 2.6 _m (with individual layers of particular materials as thin as 47 nm), and gate oxide was 2.2 nm thick.
現代半導體器件範圍從1.0 微米單金屬雙極芯片,通過0.35 微米 BiCMOS /BCDMOS芯片,到45 nm 12層金屬微處理器,以及之間的一切。鋁和銅都可以用於同一芯片上的金屬。根據製程發展過程,多晶矽柵極和源極/漏極可以使用不同的矽化物。各種低k電介質現在散佈有矽酸鹽玻璃(FSG),磷矽酸鹽玻璃(PSG)和SiO 2。各層厚度差別很大。例如,在我們最近分析的7個金屬65nm德州儀器(TI)[4]基帶處理器芯片上(圖12),我們發現:
A delayering lab needs to create a single sample of the device at each metal layer, and at the polysilicon transistor gate level. As such, it needs to accurately strip o_ each layer, one at a time, while keeping the surface planar. This requires detailed recipes for removal of each layer. These recipes include a combination of methods such as plasma (dry) etching,wet etching, and polishing. As the complexity and variation of chips increases, so too does the number of recipes. A modern chipdelayering lab would now have over a hundred such recipes, speci_c to di_erent processes and materials.
For unknown or unusual chips, it is advisable to start with a cross section (Figure 12). The cross section can be analyzed using scanning electron microscopes (SEM), transmission electron microscopes (TEM),and other techniques to determine the composition and thickness of all the layers. A delayering technician uses this information to choose the best delayering recipe for a chip. The recipe also varies depending on the type of imaging to be performed. Optical imaging looks best if the transparent dielectric is left on over the layer to be imaged. SEM, due to its operating methodology of electron reection from a non-planar surface, requires the dielectric to be removed.
對於未知或不常見的芯片,建議從剖面的製程分析開始(圖12)。可以使用掃描電子顯微鏡(SEM),透射電子顯微鏡(TEM)和其它技術分析橫截面,以確定所有層的組成和厚度。去層技術人員使用該信息來選擇芯片的最佳去層配方。配方還根據要執行的成像的類型而變化。如果透明電介質留在要成像的層上,則光學成像看起來最好。 SEM,由於其從非平面表面進行電子掃描的操作方法,需要除去電介質。
3 Imaging 成像
Advanced RE labs currently use two types of imaging, optical and SEM. Up to and including the 0.25 um generation of semiconductor chips,optical imaging was suficient. However, for 0.18um technologies and smaller, optical imaging cannot resolve the smallest features, and SEM must be used (Figure 13).The size of ICs, and the large magnitucations required for the advanced feature sizes, now means that manually shooting images is no longer practical. Imaging systems now must have automated steppers integrated with the microscope. Our twodimensional steppers allow us to set up a shoot in the evening, and come back in the morning to end the entire layer imaged.
Next we use specially developed software to stitch the thousands of images per layer together, with minimal spatial error. Then more software is required to synchronize the multiple layers so that there is no misalignment between layers. Contacts and vias must be lined up with the layers above and below in order for extraction to proceed.
4 Annotation標註各節點各元件序號名稱
Once all images are stitched and aligned, the actual work of reading back the circuit begins. Full circuit extraction requires taking note of all transistors, capacitors, diodes, and other components, all interconnect layers, and all contacts and vias. This can be done manually or using automation.
There are multiple tools available to help with this process, including Chipworks' ICWorks Extractor. This tool is used to view all the imaged layers of a chip individually and aligned to each other. In one mode it allows several layers of a chip to be visible in multiple windows simultaneously (Figure 14).
有多個工具可以幫助這個過程,包括Chipworks的ICWorks Extractor。該工具用於單獨查看芯片的所有成像層並彼此對齊。在一種模式下,它允許芯片的多個層同時在多個窗口中可見(圖14)
Each window shows the same two-dimensional area in each layer. A lock-step cursor allows the engineer to see exactly what lies above or below the feature he is looking at in one layer.An extraction engineer can then use the tool to annotate and number all wires and devices in his area of interest (Figure 15). 2D and 3D image recognition and processing software can be used (Figure 16), or the engineer may do it manually. Image recognition software can also be used to recognize standard cells in digital logic. This can greatly aid the extraction of large blocks of digital cells.
每個窗口在每個層中顯示相同的二維區域。同步鎖定光標,允許工程師準確地看到在一層中正在觀察的特徵的上方或下方。然後,提取工程師可以使用該工具來註釋和編號在他感興趣的區域中的所有連線和元件(圖15 )。可以使用2D和3D圖像識別和處理軟件(圖16),或者工程師可以手動進行。圖像識別軟件也可以用於識別數位邏輯中的標准元件。這可以極大地幫助提取大塊數位元件。
5 Verification and Schematic Creation驗證和線路圖創建
The annotation process can be error prone. Often the images are not perfect, manual techniques are used, bits of dust fall on the chip during imaging, or the image recognition software introduces an error. Hence,verification is performed at this stage. Design rule checks can find many issues, such as below minimum sized features or spaces, hanging wires,vias without wires, etc.At this stage the ICWorks tool can automatically extract a netlist from the annotations, and from this netlist create a at schematic (see Fig. 17). The schematic, netlist, and annotations are all associated with each other, such that one cannot be changed without changing all three.The netlist and schematic can now be checked for other simple rule violations. Floating gates, shorted outputs, nets with no inputs or outputs,and shorted supplies can be checked.
6 Schematic Analysis and Organization線路分析整理
This is one of the steps requiring the most thought, since the schematic organization on a page, or in hierarchy, goes a long way to making a design coherent. Devices placed poorly on a schematic, or a strange hierarchy,can make the design very diffficult to understand. Hence, this step usually requires very experienced analysts.
The analysis phase can be very iterative, and use many sources of information. Often public information is available for devices. This can take the form of marketing information, datasheets, technical papers, or patents. These can often help with the schematic organization, for instance if block diagrams are available. They can also help in the understanding of architectures and sometimes circuit designs.
Analysis can also be done using typical chip design techniques. A circuit can be hand analyzed using transistor and logic theory. Layout structures are often recognizable, for instance differential pairs, bipolar devices for bandgap references, etc. In fact, The ICWorks tool can _nd these structures automatically. Hierarchy can also sometimes be seen in the layout. If not, it can be created using a bottom-up schematic organization approach. Functional and timing analysis can be further validated using simulation.
Multiple methods are usually used for verification.The final product of circuit reverse engineering can take many forms.A complete set of hierarchical schematics can be delivered. This set of schematics can be used to also create a hierarchical netlist. Simulated waveforms, block diagrams, timing diagrams, analysis discussion, and circuit equations can be used to round out the report.Since RE companies analyze so many ICs, they can also create comparative and trend reports. For instance, Chipworks has analyzed many CMOS image sensors over the years. As the technology and circuit designs evolve, they are monitored. The evolution can be shown from both a process point of view and a circuit point of view.
A Case Study案例研究
Used together, the above techniques can be very powerful.
To illustrate that point, lets review a project we just _nished; analyzing a digital ASIC with embedded analog and memory blocks, and including embedded encryption hardware. The goal of the project was to fully understand the ASIC, build a model of the ASIC, and get simulations up and running.
The first step was to run system level functional tests while the chip was still in its system. Logic probes were connected, the system was powered up, and vectors were collected which could be used later for simulations. Next, the chip was depotted, delayered, imaged, stitched, and aligned.We found the chip contained 12,000 gates of digital logic and an embedded EEPROM. The entire chip was annotated, and the ICWorks tool created a netlist and at schematic from this annotation.
A portion of the digital logic annotation is shown in Figure 18. Annotation and schematic rule checks were used to verify a quality schematic starting point.
In fact, for this project we annotated the entire chip twice, then compared the results to minimize annotation errors.The schematics were then partially organized. The memory schematic was completely organized, and the main registers of the digital block were grouped. A few of the major busses were labeled and the I/Os were connected to the major blocks.
事實上,對於這個項目,我們標註了整個芯片兩次,然後比較結果達到最小化標註錯誤。然後部分線路圖被整理組織。記憶體線路圖被完全整理組織,數字模塊的主寄存器被集合分組。幾個主要的總線被標記,I / O連接到主要方塊
In order to run a full chip simulation on the netlist, we would need to extract all the contents of the chip, including both the hardware and memory contents. Different memory types have different challenges in reading them. Embedded SRAMs are the simplest. These memories are volatile, no data is stored in them during power down, so they do not need to be extracted. ROMs can be extracted using traditional RE techniques of physically reading back the mask programming. Figure 19 shows a metal 1 mask programmed ROM. Unfortunately EEPROMs are more dificult than either of these.
為了在線路文字檔上執行全芯片仿真,我們需要提取芯片的所有內容,包括硬件和記憶體內容。 不同記憶體類型,在讀取它們時有不同挑戰。嵌入式SRAM是最簡單的。這些存儲器內容是會消失的,在斷電期間沒有數據存儲在它們中,因此它們不需要被提取。可以使用物理地讀回程式碼編程的傳統RE技術來提取ROM。圖19示出了金屬1程式碼編程ROM。不幸的是,EEPROM比這些都更難。
We knew up front that this chip included on-chip encryption, and that the keys were stored in the EEPROM. Hence, we anticipated a challenge in being able to access this memory. As expected, the memory was well protected, and much of this memory could not be directly read on-chip.Additionally, the interface to this chip was encrypted, so we had no idea
how to generate a memory read command anyhow. The solution to this was to use the test hardware embedded in the chip.
This particular chip had both scan path test circuitry for the digital logic, and memory BIST for the EEPROM. Once we had organized the test and memory circuits, we set to work analyzing them. The scan test control circuit is shown in Figure 20. We found a method where we could almost read out the memory locations using a combination of the digital and memory test circuitry. A single application of microsurgery looked as though it would unlock the bits.
We took a single chip, used jet-etching to remove a portion of the package, then used focused ion beam (FIB) techniques to modify a connection on the chip (Figure 21). Next we used our analysis to create scan path vectors, with the appropriate control signals, and successfully read out the encryption keys and other memory contents via the test port.At this point, we created a memory model to use with our netlist.The vectors collected from the actual system were run on the netlist,and we verified that our chip model gave the same outputs as the actual chip tested. Hence, we confirmed our netlist and memory contents were correct.
The encryption algorithm also needs to be understood to be able to complete the analysis of this chip. This was accomplished via schematic organization and simula- tion. As we organized the chip, we found some interesting structures, such as a 56 bit register. Therefore, we ran our simulations, and monitored the busses in the area of this register. Sure enough, keys were read from our memory model, loaded into this embedded block, and a standard DES algorithm was observed.Now we understood the encryption, had the keys, and had full chip simulations running. Since we had a full netlist, we were able to run full chip simulations and monitor any internal nodes required. This allowed
us to complete the analysis of this chip and understand all the commands it could execute.
Summary 結論
In this paper we have reviewed the di_erent types of reverse engineering pertinent to the semiconductor industry. For reverse engineers, life will not get any easier in the electronics business. In semiconductors, the next challenge will be the 32 nm node devices already being ramped up in development fabs. The consumer electronics business keeps ouncing from new toy to yet another new toy, and it is necessary to be aware of all the new products that keep appearing.As is shown in this paper, the RE business has to keep evolving to keep up with the changes in electronics and design, and it has become a discipline in itself, created by the needs of the global market for competitive intelligence and IP support.
We would like to thank Chipworks' laboratory sta_ and engineers who actually do all the hard work of analyzing these complex devices. Without them, we would have no material for this paper!