A Novel Attack Mode on Advanced Technology Nodes Exploiting Transistor Self-Heating

Nikhil Rangarajan; Johann Knechtel; Nimisha Limaye; Ozgur Sinanoglu; Hussam Amrouch

doi:10.1109/TCAD.2022.3197496

A Novel Attack Mode on Advanced Technology Nodes Exploiting Transistor Self-Heating

Nikhil Rangarajan, Johann Knechtel, Nimisha Limaye, Ozgur Sinanoglu, Hussam Amrouch

Research output: Contribution to journal › Article › peer-review

Abstract

Self-heating (SH) is a phenomenon that can induce excessive heat inside the transistor channel. SH represents an emerging and serious concern especially in advanced technology nodes, where excessive heat acting on elevated channel geometries will notably shift the critical transistor parameters (e.g., threshold-voltage Vth and carrier mobility μ). The underlying 3-D device structures (e.g., FinFET, nanowire, or nanosheet structures), along with newly-employed materials like silicon-germanium (SiGe), which show worse thermal conductivity than traditional materials, can considerably exacerbate SH. On top of that, quantum confinement, a phenomenon that becomes dominant at sub-10nm, further increases the intensity of SH. In this paper, we are the first to explore SH effects from the perspective of hardware security, rather than the performance, reliability standpoints covered in state-of-the-art (SOTA) work. As proof of concept, we devise a SH-based hardware Trojan (HT) that exploits the SH-induced Vth change in 7nm FinFET circuits. Leveraging Vth-dependent reconfigurable logic, we design a reconfigurable HT payload that maliciously changes its functional behavior once the SH-induced Vth change takes effect. Following SOTA work, we present a comprehensive modeling and analysis of SH effects at the device-level, and highlight its impact on transistor Vth. Next, we study how fabrication-time changes in the transistor doping and geometry can promote the SH-assisted degradation. We then describe various payload configurations for the proposed HT, quantify its overheads, and discuss its resilience against standard HT detection techniques. Finally, we demonstrate two case studies using the proposed HT, one to leak the secret key from a pipelined design of an advanced encryption standard (AES) circuit, and another to showcase denial-of-service for a Gaussian-blur filter circuit. Our work utilizes industry-standard models with parameters extracted from measurements and calibrated with experiments. Our results are obtained from meticulous study and optimization across the device-, circuit-, and system-levels.

Original language	English (US)
Pages (from-to)	1
Number of pages	1
Journal	IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems
Volume	41
Issue number	11
DOIs	https://doi.org/10.1109/TCAD.2022.3197496
State	Published - Nov 1 2022

Keywords

AES
FinFETs
Hardware
Hardware Trojan
Heating systems
Logic gates
Reconfigurable Logic
Reliability
Security
Self-Heating
Transistor Aging
Transistors

ASJC Scopus subject areas

Software
Computer Graphics and Computer-Aided Design
Electrical and Electronic Engineering

Access to Document

10.1109/TCAD.2022.3197496

Cite this

@article{bd3a401a4cf44e9dada00536533290d8,

title = "A Novel Attack Mode on Advanced Technology Nodes Exploiting Transistor Self-Heating",

abstract = "Self-heating (SH) is a phenomenon that can induce excessive heat inside the transistor channel. SH represents an emerging and serious concern especially in advanced technology nodes, where excessive heat acting on elevated channel geometries will notably shift the critical transistor parameters (e.g., threshold-voltage Vth and carrier mobility μ). The underlying 3-D device structures (e.g., FinFET, nanowire, or nanosheet structures), along with newly-employed materials like silicon-germanium (SiGe), which show worse thermal conductivity than traditional materials, can considerably exacerbate SH. On top of that, quantum confinement, a phenomenon that becomes dominant at sub-10nm, further increases the intensity of SH. In this paper, we are the first to explore SH effects from the perspective of hardware security, rather than the performance, reliability standpoints covered in state-of-the-art (SOTA) work. As proof of concept, we devise a SH-based hardware Trojan (HT) that exploits the SH-induced Vth change in 7nm FinFET circuits. Leveraging Vth-dependent reconfigurable logic, we design a reconfigurable HT payload that maliciously changes its functional behavior once the SH-induced Vth change takes effect. Following SOTA work, we present a comprehensive modeling and analysis of SH effects at the device-level, and highlight its impact on transistor Vth. Next, we study how fabrication-time changes in the transistor doping and geometry can promote the SH-assisted degradation. We then describe various payload configurations for the proposed HT, quantify its overheads, and discuss its resilience against standard HT detection techniques. Finally, we demonstrate two case studies using the proposed HT, one to leak the secret key from a pipelined design of an advanced encryption standard (AES) circuit, and another to showcase denial-of-service for a Gaussian-blur filter circuit. Our work utilizes industry-standard models with parameters extracted from measurements and calibrated with experiments. Our results are obtained from meticulous study and optimization across the device-, circuit-, and system-levels.",

keywords = "AES, FinFETs, Hardware, Hardware Trojan, Heating systems, Logic gates, Reconfigurable Logic, Reliability, Security, Self-Heating, Transistor Aging, Transistors",

author = "Nikhil Rangarajan and Johann Knechtel and Nimisha Limaye and Ozgur Sinanoglu and Hussam Amrouch",

note = "Publisher Copyright: {\textcopyright} 1982-2012 IEEE.",

year = "2022",

month = nov,

day = "1",

doi = "10.1109/TCAD.2022.3197496",

language = "English (US)",

volume = "41",

pages = "1",

journal = "IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems",

issn = "0278-0070",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

number = "11",

}

TY - JOUR

T1 - A Novel Attack Mode on Advanced Technology Nodes Exploiting Transistor Self-Heating

AU - Rangarajan, Nikhil

AU - Knechtel, Johann

AU - Limaye, Nimisha

AU - Sinanoglu, Ozgur

AU - Amrouch, Hussam

PY - 2022/11/1

Y1 - 2022/11/1

N2 - Self-heating (SH) is a phenomenon that can induce excessive heat inside the transistor channel. SH represents an emerging and serious concern especially in advanced technology nodes, where excessive heat acting on elevated channel geometries will notably shift the critical transistor parameters (e.g., threshold-voltage Vth and carrier mobility μ). The underlying 3-D device structures (e.g., FinFET, nanowire, or nanosheet structures), along with newly-employed materials like silicon-germanium (SiGe), which show worse thermal conductivity than traditional materials, can considerably exacerbate SH. On top of that, quantum confinement, a phenomenon that becomes dominant at sub-10nm, further increases the intensity of SH. In this paper, we are the first to explore SH effects from the perspective of hardware security, rather than the performance, reliability standpoints covered in state-of-the-art (SOTA) work. As proof of concept, we devise a SH-based hardware Trojan (HT) that exploits the SH-induced Vth change in 7nm FinFET circuits. Leveraging Vth-dependent reconfigurable logic, we design a reconfigurable HT payload that maliciously changes its functional behavior once the SH-induced Vth change takes effect. Following SOTA work, we present a comprehensive modeling and analysis of SH effects at the device-level, and highlight its impact on transistor Vth. Next, we study how fabrication-time changes in the transistor doping and geometry can promote the SH-assisted degradation. We then describe various payload configurations for the proposed HT, quantify its overheads, and discuss its resilience against standard HT detection techniques. Finally, we demonstrate two case studies using the proposed HT, one to leak the secret key from a pipelined design of an advanced encryption standard (AES) circuit, and another to showcase denial-of-service for a Gaussian-blur filter circuit. Our work utilizes industry-standard models with parameters extracted from measurements and calibrated with experiments. Our results are obtained from meticulous study and optimization across the device-, circuit-, and system-levels.

AB - Self-heating (SH) is a phenomenon that can induce excessive heat inside the transistor channel. SH represents an emerging and serious concern especially in advanced technology nodes, where excessive heat acting on elevated channel geometries will notably shift the critical transistor parameters (e.g., threshold-voltage Vth and carrier mobility μ). The underlying 3-D device structures (e.g., FinFET, nanowire, or nanosheet structures), along with newly-employed materials like silicon-germanium (SiGe), which show worse thermal conductivity than traditional materials, can considerably exacerbate SH. On top of that, quantum confinement, a phenomenon that becomes dominant at sub-10nm, further increases the intensity of SH. In this paper, we are the first to explore SH effects from the perspective of hardware security, rather than the performance, reliability standpoints covered in state-of-the-art (SOTA) work. As proof of concept, we devise a SH-based hardware Trojan (HT) that exploits the SH-induced Vth change in 7nm FinFET circuits. Leveraging Vth-dependent reconfigurable logic, we design a reconfigurable HT payload that maliciously changes its functional behavior once the SH-induced Vth change takes effect. Following SOTA work, we present a comprehensive modeling and analysis of SH effects at the device-level, and highlight its impact on transistor Vth. Next, we study how fabrication-time changes in the transistor doping and geometry can promote the SH-assisted degradation. We then describe various payload configurations for the proposed HT, quantify its overheads, and discuss its resilience against standard HT detection techniques. Finally, we demonstrate two case studies using the proposed HT, one to leak the secret key from a pipelined design of an advanced encryption standard (AES) circuit, and another to showcase denial-of-service for a Gaussian-blur filter circuit. Our work utilizes industry-standard models with parameters extracted from measurements and calibrated with experiments. Our results are obtained from meticulous study and optimization across the device-, circuit-, and system-levels.

KW - AES

KW - FinFETs

KW - Hardware

KW - Hardware Trojan

KW - Heating systems

KW - Logic gates

KW - Reconfigurable Logic

KW - Reliability

KW - Security

KW - Self-Heating

KW - Transistor Aging

KW - Transistors

UR - http://www.scopus.com/inward/record.url?scp=85136063696&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85136063696&partnerID=8YFLogxK

U2 - 10.1109/TCAD.2022.3197496

DO - 10.1109/TCAD.2022.3197496

M3 - Article

AN - SCOPUS:85136063696

SN - 0278-0070

VL - 41

SP - 1

JO - IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems

JF - IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems

IS - 11

ER -

A Novel Attack Mode on Advanced Technology Nodes Exploiting Transistor Self-Heating

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this