Flylogic Engineering’s Analytical Blog

Given all the recent exposure from our Infineon research, we have had numerous requests regarding the ST mesh architecture and how Infineon’s design compares to the ST implementation. 

We took a few pictures of an area of each device with an electron microscope to give you a better idea.  Both devices are a 4 metal ~140 nanometer process.  Rather than have us tell you who we think is stronger (it’s pretty obvious), we’d like to see your comments on what you the readers think! 

In the picture above, the left side is the standard Infineon mesh with the standard ST mesh on the right.   Both images were taken at 3,500 magnification. 

The Infineon mesh consists of 5 zones with 4 circuits per zone.  This means the surface of the die is being covered by 20 different electrical circuits.

The ST mesh consists of a single wire routed zig-zag across the die.  It usually begins next to the VDD pad and ends at the opposite corner of the die.  The other wires are simply GND aka ground fingers.  On recent designs, we have caught ST using a few of the grounds to tie gates low (noise isolation of extra, unused logic we believe). 

Zooming in at 15,000 magnification, the details of each mesh really begin to show.  Where at lower resolutions, the Infineon mesh looked dark and solid but as you can see, it is not.

In the Infineon scheme above, each colored wire is the same signal (4 of them per zone).  Each color will be randomly spaced per chip design and is connected at either the top or bottom of the die via Metal 3 inter-connects.

The ST simply has the single conductor labeled in red.  All green are the fingers of ground which can be usually cut away (removed) without penalty.  The latest ST K7xxx devices have a signal present that appears analog.  A closer look and a few minutes of testing proved it to simply need to be held high (logic ‘1′) at the sampling side of the line.  Interesting how ST tried to obscure the signal.

Infineon does not permanently penalize you if the mesh is not properly repaired and the device is powered up. 

ST will permanently penalize you with a bulk-erase of the non-volatile memory (NVM) areas if the sense line (red) is ever a logic low (‘0′) with power applied (irrelevant of reset/clock condition).

You tell us your opinion what you think security wise.   Make sure you study the images closely beause there are other things we didn’t mention such as line spacing, etc. between the two designs which should be considered.

We probably should have been tweeting (sic?) for some time now but we are finally doing it!

You can join/follow us here: http://twitter.com/semiconduktor

As well, you can always get to Flylogic through Semiconduktor.com or Semiconduktor.net .

We want to personally thank every one of you who responded offering your help!

We followed what many of you said to do and this seems to have worked.

Thank you again!

Whenever the blog is enabled, spammers are able to deface the mainpages index.html file replacing it with hundreds of spam links to software.

The only way we can stop it is to stop the blog. We’ve tried cleaning the blog up but they still get in somehow through Wordpress .

If you think you can help us, please email tech at flylogic.net

Thanks!

During last years Blackhat and Defcon conferences, several individuals asked me about possibly giving classes on the security model of commonly found microcontrollers.  Jeff Moss’ group setup a poll here.  Given todays Silicon technology has become so small yet so large, it would be best to determine which architecture and which devices everyone is most interested in.  The current poll will determine which brand micro to target (Atmel AVR or Microchip PIC) and after this is decided, we will need more input to narrow the class down to a few devices of the chosen family.

While the classes are not cheap, all participants will learn and understand the chosen targets security model.  Armed with such knowledge will help you to understand and recognize potential risks in future design work allowing you to avoid the possiblity of compromise (and I suppose this would also enhance job security .   Full mosaic blowups of the targets, decapsulated devices, use of a probe station and all users will “modify” the security model of their devices themselves (unless they ask for some help).  I don’t believe such a class has ever been given and seating will be limited per class.

Feel free to comment here but Blackhat really needs the feedback.

Thank you,

-Christopher Tarnovsky

Before going deeper into the analysis of today’s chips, we will take a quick journey to where it all began: the Intel 4004, world’s first widely-used microprocessor. The 4004 and most other antiquated chips differ from modern chips in two main characteristics: They only use a single type of transistor (PMOS or NMOS) and each logic gate is custom-designed to best utilize the available area — an inevitable optimization for chips built from transistors about 150x larger than those used in their modern descendants.

The pictures below show four custom-designed variations of the same logic function, 2-NAND:

Each of the gates is composed of two transistors and one resistor. If either of the transistors is open (that is: having Vcc applied to its gate), the output is strongly connected to Vcc. If neither of the transistors is open, the gate is weakly connected to GND through the resistor, but still strong enough to pull the output to GND. The next image shows the only metal layer of the 4004, just above the 2-NANDs:

PMOS is very area-efficient, but more power hungry and slower than alternatives such as CMOS, which combines PMOS and NMOS transistors as illustrated in this post. It’s beautiful to see how none of the inefficiencies we see in modern chips are found on the 4004 and how the available space is completely filled with logic. The entire 4004 has only some 2,300 transistors and makes for a perfect exercise in learning neat chip layout and logic gate design (click for a high-res version):

[edit - Jan 9, 2009:  Adding mosaic of entire substrate]

(Clicking on the picture above will result in a 45 MB download!)

As a challenge for next time, identify the extra 3 layers that the Intel museum claims. Last episode’s challenge was correctly solved first by Jeri Ellsworth. Respect for her almost perfect circuit diagram as well as her remarkable on-your-kitchen-table semiconductors fab.

Credit for the chips go to Tim McNerney. Tim is an expert on the 4004 who has built an interactive exhibit of the chip for the Intel museum. For more information please visit the Intel 4004 35th anniversary project web site.

-Karsten Nohl

All of us at Flylogic want to wish all of our wonderful readers a wonderful new year as we enter into 2009!  We will make an effort to post more frequently on the blog this year and appologize for lack of content last year.

Let’s start the year off right!  Who out there can guess what the image below is?

All of you were really fast to guess the above image so we decided to append a few more interesting pictures onto this article for your viewing pleasure.

Could these be mushrooms in the forrest of the smurfs?

These appear to be snails but snails of what and they are not the same!

Today we are taking you one step deeper into a microchip than we usually go. We look at transistors and the logic functions they compose, which helps us understand custom ASICs now found in some secured processors.

To reverse-engineer the secret functionality of an ASIC, we identify logic blocks, map out the wiring between the blocks, and reconstruct the circuit diagram. Today, we’ll only be looking at the first step: reading logic. And we start with the easiest example of a logic function: the inverter:

To read logic, you first have to find the transistors and decide where Vcc (+) and ground (-) are located. Transistors are easy to spot. They will always look very similar to those two transistors marked in the picture: A rectangle shape with a line in the middle. Vcc is always next to the larger transistors (PMOS) and ground is closer to the smaller ones (NMOS).

Once you identified the transistors, you draw a small circuit diagram that shows how they are connected to each other. In the example, the inputs of the two transistors are connected and so are their outputs on the left side. From this circuit diagram you can read that whatever you assert at the input, the output will be forced to the opposite state — an inverter.

Every gate will follow these basic principles, but vary in the number and constellation of transistors. A 2-NOR gate (Y = !(A|B) ), for instance, is composed of 4 transistors in this setup:

Once you figured out a gate, you can recognize every occurrence of that function on the whole chip because the exact same shape is always used for the same function. Generally, you only need to read a few dozens gates at most to generate a map of functions across whole chip. Get a head start on reading logic and check out the logic gate collection at The Silicon Zoo.

Here is a challenge for you to try (open in GIMP or Photoshop and toggle between the different layers):

It’s about the hardest function found on most chips with a total of 34 transistors, 3 inputs, 2 outputs, and time-variant behavior. The solution will be posted next week.