Combating die and IC recycling (CDIR). Bulk counterfeiting happens at foundry and assembly locations, and there are two basic technologies that are used. First is anti-fuse/fuse based technology, which is similar to the technology used in programmable logic devices.
Essentially, when an IC with anti-fuse protection powers up, for a brief moment, the programmable logic is in read mode and the central processing unit (CPU) is able to read and verify the authenticity of the device by comparing it with the data supplied by the vendor. Since it requires programming of each device, this technique is used for high-value ICs like CPUs, precision analogue-to-digital converters and graphics processing units.
For low-cost devices, the solution is a little more ingenious. Typically, a semiconductor fuse is introduced in the IC, which gets blown during testing. So if a counterfeit IC has been used, which could either be a recycled IC or counterfeit die, the blown fuse will indicate that the device is a counterfeit. Fig. 4 shows how this is implemented.
One risk to the above approach is that counterfeiters can easily crack current technologies, so more complex counterfeit-avoidance mechanisms should be used.
One method that is quite popular and difficult to crack is the ring oscillator based CDIR. In this design, as part of the IC, two ring oscillators are introduced; a ring oscillator is a circuit in which several inverters are connected in series and the output is connected to the input so that the circuit oscillates. One of the oscillators is such that it ages faster (so the frequency changes) than the other, so that as the ICs work, the frequency of oscillation will not be the same as it was when it was produced (which can be measured with the other oscillator, which is part of the IC).
IP copying. Another popular counterfeiting is the copying or unlicensed usage of IP cores. With an increase in pressure on time-to-market, most semiconductor designers use off-the-shelf IP cores, which are tested and proven, and can be included in the IC design directly as a library.
As a business practice, companies sell the core typically under licence to the user under trust. However, if the licensee uses it without the IP owner’s licence, it becomes difficult for IP companies to track and prevent copying.
With increased sophistication in counterfeiting, protection of IP with advanced techniques has become a necessity. The most popular method is encryption, in which only when the authorised key is used, the code is enabled. This works when the IP is in the form of hardware description language (HDL) codes. In case of a hard IP, where it is in the form of a proven module, other techniques need to be used.
A popular technique for avoiding counterfeiting is watermarking. Normally, watermarking impacts the item that is being watermarked, but in the case of IPs this is not desirable. So most watermarking is done either by using constraints (known way of doing things) or additive to hardware IP. This way watermarks are distinctly visible.
Another popular counterfeit-avoidance technique uniquely identifies the IC so that it can be traced back to the original chip manufacturer. This technique is known as physically unclonable function (PUF). It is close to the biometrics collected for human beings and is called silicon fingerprints.
PUF implementation depends on the fact that process variation happens during fabrication of ICs and each chip has a distinct identity. Silicon PUF is a circuitry that extracts random characteristics out of an IC and, using those, generates a unique signature. By using a challenge-response protocol, which is similar to challenge handshake authentication protocol and password authentication protocol used in networking, the signature can be extracted and compared with the response already collected during manufacturing.
The challenge and response bits are known as challenge-response pairs. Response bits are known as PUF signatures. Silicon PUFs have turned out to be a good antidote for counterfeiting.
PUF signatures are either delays caused by process variations or by using aging-resistant ring oscillators, which have a frequency difference due to process variation.
While this sounds easy, there are certain challenges in implementing this technology such as:
1. Getting a stable response over a widely varying environment
2. Implementing parts that are already in use
3. Taking care of implementation costs
4. Securely storing and maintaining the servers to store challenge-response pairs
Another technique that supplements this technique is encrypted QR codes on the packaging of the IC, which allow identification when decrypted with proper keys.
Finally, a popular technique that ensures that counterfeits do not leak from foundry and assembly locations is known as the secure split test, also known as connecticut secure split test (CSST).
In Fig. 3, we can see leakages when ICs get rejected after testing. To plug this, CSST is implemented, in which a structure is added to the IC and the test response is uniquely perturbed. This process is devised by the IP owner, who alone can examine the test result through a proprietary communication and decide whether the device is genuine or counterfeited. If the IC is genuine, the IP owner sends the key to open the lock to the foundry and only then the IC is usable. Using this technique, the problem of over production can be addressed by keeping track of the number of keys that are released.
This technique also prevents IP cloning as the IP can be opened only with the right key issued by the IP owner.