Detecting Manipulations in Microchips

Identifying Differences Between Chips and Construction Plans
Becker and Puschner’s team analyzed chips produced in the four modern technology sizes of 28, 40, 65 and 90 nanometers. For this purpose, they collaborated with Dr. Thorben Moos, who had designed several chips as part of his PhD research at Ruhr University Bochum and had them manufactured. Thus, the researchers had both the design files and the manufactured chips at their disposal. They obviously couldn’t modify the chips after the fact and build in hardware Trojans. And so they employed a trick: rather than manipulating the chips, Thorben Moos changed his designs retroactively in order to create minimal deviations between the construction plans and the chips. Then, the Bochum researchers tested if they could detect these changes without knowing what exactly they had to look for and where.

In the first step, the team at Ruhr University Bochum and MPI-SP had to prepare the chips using complex chemical and mechanical methods in order to take several thousand images of the lowest chip layers with a scanning electron microscope. These layers contain several hundred thousand of the so-called standard cells that carry out logical operations.

“Comparing the chip images and the construction plans turned out to be quite a challenge, because we first had to precisely superimpose the data,” says Endres Puschner. In addition, every little impurity on the chip could block the view of certain sections of the image. “On the smallest chip, which is 28 nanometers in size, a single speck of dust or a hair can obscure a whole row of standard cells,” stresses the IT security expert.

Almost All Manipulations Detected
The researchers used image processing methods to carefully match standard cell for standard cell and looked for deviations between the construction plans and the microscopic images of the chips. “The results give cause for cautious optimism,” as Puschner sums up the findings. For chip sizes of 90, 65 and 40 nanometers, the team successfully identified all modifications. The number of false-positive results totaled 500, i.e. standard cells were flagged as having been modified, although they were in fact untouched. “With more than 1.5 million standard cells examined, this is a very good rate,” says Puschner. It was only with the smallest chip of 28 nanometers that the researchers failed to detect three subtle changes.

Higher Detection Rate Through Clean Room and Optimized Algorithms
A better recording quality could remedy this problem in the future. “Scanning electron microscopes do exist that are specifically designed to take chip images,” points out Becker. Moreover, using them in a clean room where contamination can be prevented would increase the detection rate even further.

“We also hope that other groups will use our data for follow-up studies,” as Steffen Becker outlines potential future developments. “Machine learning could probably improve the detection algorithm to such an extent that it would also detect the changes on the smallest chips that we missed.”