Home Computer Science Hardware Security and Trust: Design and Deployment of Integrated Circuits in a Threatened Environment
Transistor Level Simulation
As previously discussed, setup-time violation can be induced by underfeeding the device. This attack can be completely simulated using SPICE level simulators, as proposed by Barenghi et al. . The authors evaluated if transistor level simulator is capable of correctly predicting the fault patterns which were measured on a real device. The simulation was carried out using Synopsys Nanosim, a fast SPICE simulator, using the netlist and the parasitics generated by Cadence Encounter after place and route. The device was simulated for different voltages, ranging from 0.3 to
0.5 V. The simulation generated a number of faulty ciphertexts reasonably close to the one observed in the experiments, allowing to speculate that Nanosim is capable of predicting the setup-time violations measured in practice.
Emulation-based fault injection has been introduced as a better solution for reducing the execution time compared to simulation-based fault injection. It is often based on the use of Field Programmable Gate Arrays (FPGAs) for speeding up fault simulation and exploits FPGAs for effective circuit emulation. This technique can allow the designer to study the actual behavior of the circuit in the application environment, taking into account real-time interactions. However, when an emulator is used, the initial VHDL description must be synthesizable.
Fault injection can be performed in hardware emulation models through compile time reconfiguration and runtime reconfiguration. Here reconfiguration refers to the process of adding hardware structures to the model which are necessary to perform the experiments. In compile-time reconfiguration, these hardware structures are added by the instrumentation of HDL models. The main disadvantage of compile-time reconfiguration is that the circuit must be resynthetised for each reconfiguration, which can impose a severe overhead on the time it takes to conduct a fault injection campaign.
|< Prev||CONTENTS||Next >|