Preventing IP Theft in Heterogeneous 2.5D/3D Integrated Circuits

Abstract

Recent breakthroughs in heterogeneous integration (HI) technologies using 2.5D and 3D ICs have led to significant advances in the semiconductor fabrication industry, enabling the design and development of disaggregated systems through stacked multi-die packages. HI systems provide several benefits including higher density/performance at reduced power consumption, lower development costs and diminished time-to-market. However, HI technology has also led to several sources of distrust due to the use of third-party (untrusted) IP, outsourced assembly, testing, and fabrication facilities in the design and manufacturing process. Furthermore, the globalization of the integrated circuit (IC) supply chain poses significant risk to the security of intellectual property (IP) used in the design and development of 2.5D/3D HI systems. Security challenges associated with the integration of chiplets on an interposer can lead to the existence of internal threats (arising from within the system), e.g., through rogue or untrusted chiplets as well as external threats (arising from outside the system), through an untrusted end-user. These threats may be mounted with the objective of either stealing IP, leaking information, or disrupting the normal functioning of the system. For example, untrusted chiplets can deliberately impact the functionality of trusted chiplets by affecting the power distribution networks (PDN) by introducing voltage droops through malicious design modifications. Similarly, an external attacker can steal IP by extracting the point-to-point interconnects across chiplet IPs and observing data transfers between chiplets through on-chip test infrastructure. This involves the use of physical side-channels such as data buses on the interposer and scan chains. This dissertation is focused on developing a comprehensive threat model and an end-to-end security methodology that provides bottom-up and top-down security for 2.5D/3D HI systems. It addresses shortcomings associated with prior 2D security solutions and focuses on four challenges: (1) Providing security assurance for each chiplet in an HI system through low-cost locking solutions. (2) Authenticated scan access and test data obfuscation for HI security in an untrusted supply chain. (3) Secure system-level integration through interconnect obfuscation and scrambling to prevent information leakage and prevent system-level reverse engineering.(4) Active monitoring, detection, prevention of side-channel threats leading to denial-of-service attacks arising from malicious modifications in HI systems. The low-cost locking solutions aim at augmenting on-chip test resources such as built in self test (BIST) and obfuscating logic architecture (gate type, flop type) along with locking FSMs to achieve dynamic obfuscation of the design, achieving IP security against both oracle-guided and oracle-free attacks. Interconnection security is achieved by designing centralized and distributed signal scramblers to obfuscate point-to-point connectivity between chiplets. Additionally, lightweight encryption blocks are integrated with on chip test architecture to provide end-user authentication and dynamic per-pattern authentication. A method for obfuscating both timing and logic functionality using custom standard cells is also presented. Finally, methodology for actively monitoring PDN-induced voltage related anomalies are proposed and integrated with machine learning (ML) guided anomaly detectors to prevent PDN-induced side-channel attacks focused on disruption of service.In summary, this dissertation tackles important problems related to preventing IP theft and maintaining runtime security. This involves developing low-cost solutions to mitigate vulnerabilities that enable attackers to steal on-chip resources leading to IP theft in heterogeneously integrated circuits. A suite of countermeasures that provide security assurance against IP theft and information leakage in a heterogeneous system while supporting secure and trusted integration in an untrusted supply chain are proposed. The proposed methods also support active runtime security during in-field operation. Furthermore, it is shown that the proposed methods are not only limited to 2.5D/3D HI systems but can be utilized to secure non-HI systems while also maintaining support for non-security goals such as monitoring silicon health, improving silicon reliability, and tracking aging. Recent breakthroughs in heterogeneous integration (HI) technologies using 2.5D and 3D ICs have led to significant advances in the semiconductor fabrication industry, enabling the design and development of disaggregated systems through stacked multi-die packages. HI systems provide several benefits including higher density/performance at reduced power consumption, lower development costs and diminished time-to-market. However, HI technology has also led to several sources of distrust due to the use of third-party (untrusted) IP, outsourced assembly, testing, and fabrication facilities in the design and manufacturing process. Furthermore, the globalization of the integrated circuit (IC) supply chain poses significant risk to the security of intellectual property (IP) used in the design and development of 2.5D/3D HI systems. Security challenges associated with the integration of chiplets on an interposer can lead to the existence of internal threats (arising from within the system), e.g., through rogue or untrusted chiplets as well as external threats (arising from outside the system), through an untrusted end-user. These threats may be mounted with the objective of either stealing IP, leaking information, or disrupting the normal functioning of the system. For example, untrusted chiplets can deliberately impact the functionality of trusted chiplets by affecting the power distribution networks (PDN) by introducing voltage droops through malicious design modifications. Similarly, an external attacker can steal IP by extracting the point-to-point interconnects across chiplet IPs and observing data transfers between chiplets through on-chip test infrastructure. This involves the use of physical side-channels such as data buses on the interposer and scan chains.This dissertation is focused on developing a comprehensive threat model and an end-to-end security methodology that provides bottom-up and top-down security for 2.5D/3D HI systems. It addresses shortcomings associated with prior 2D security solutions and focuses on four challenges: (1) Providing security assurance for each chiplet in an HI system through low-cost locking solutions. (2) Authenticated scan access and test data obfuscation for HI security in an untrusted supply chain. (3) Secure system-level integration through interconnect obfuscation and scrambling to prevent information leakage and prevent system-level reverse engineering.(4) Active monitoring, detection, prevention of side-channel threats leading to denial-of-service attacks arising from malicious modifications in HI systems. The low-cost locking solutions aim at augmenting on-chip test resources such as built in self test (BIST) and obfuscating logic architecture (gate type, flop type) along with locking FSMs to achieve dynamic obfuscation of the design, achieving IP security against both oracle-guided and oracle-free attacks. Interconnection security is achieved by designing centralized and distributed signal scramblers to obfuscate point-to-point connectivity between chiplets. Additionally, lightweight encryption blocks are integrated with on chip test architecture to provide end-user authentication and dynamic per-pattern authentication. A method for obfuscating both timing and logic functionality using custom standard cells is also presented. Finally, methodology for actively monitoring PDN-induced voltage related anomalies are proposed and integrated with machine learning (ML) guided anomaly detectors to prevent PDN-induced side-channel attacks focused on disruption of service.In summary, this dissertation tackles important problems related to preventing IP theft and maintaining runtime security. This involves developing low-cost solutions to mitigate vulnerabilities that enable attackers to steal on-chip resources leading to IP theft in heterogeneously integrated circuits. A suite of countermeasures that provide security assurance against IP theft and information leakage in a heterogeneous system while supporting secure and trusted integration in an untrusted supply chain are proposed. The proposed methods also support active runtime security during in-field operation. Furthermore, it is shown that the proposed methods are not only limited to 2.5D/3D HI systems but can be utilized to secure non-HI systems while also maintaining support for non-security goals such as monitoring silicon health, improving silicon reliability, and tracking aging.