Security Properties Driven Pre-Silicon Laser Fault Injection Assessment

Laser fault injection (LFI) is a formidable physical attack due to its tremendous efficacy, high controllability, and precision. As a result, efforts to simulate laser effects have been undertaken in the literature to study its impact on digital designs. However, most of these efforts either model laser effects on standalone standard cells without considering the impact of layout parameters or propose scanning the entire chip grid-by -grid, which is extremely time-consuming to simulate at the layout level. In this paper, we propose LFI-aware sign-off solution for layouts to analyze the designs for LFI susceptibility and apply countermeasures. We employ security properties driven evaluation to identify critical LFI areas on the layout to reduce scanning time. And then perform dynamic power and rail analysis while replacing the cells under laser illumination with the generated cell-level power library, capturing the impact of laser-induced transient currents on the entire layout. Because the assessment is done at the layout level, the framework can capture the impact of different layout parameters (location of power pads, metal widths, power distribution network, DECAPs, etc.) while analyzing the design's susceptibility against LFI attacks to see which security properties of the design will be violated if laser faults are injected at the identified critical locations. We show the effectiveness of our approach on a fully implemented AES design layout for the proof-of-concent.