Attacks against digital circuits can be performed by directly tampering with the device's internal structure. These attacks are intrusive, and regroup attempts to directly probe or force signals, remove, add or modify features on the chip (metal routing, transistors).
Secure-IC's Active Shield technology is designed to deter such intrusive attacks by placing a mesh over the sensitive parts of the circuit and actively monitoring the mesh's integrity. This counter-measure protects the circuit's features such as metal routing and transistors that are beneath the mesh from undetected access or modification through the front-side, including:
- Wire micro-probing to read or force an equipotential with Focused Ion Beam (FIB)
- Wire cutting (e.g. alarms, entropy source disconnection from a true random number generator...)
- Wire re-routing
- Burnt fuses opening
- ROM Altering
- Scanning imaging attacks (PICA, LVP/LVI)
In order to further deter intrusive attacks, the mesh is actively monitored using random cryptographically-generated patterns to detect integrity violations. By using this technology, modifying and rerouting the mesh becomes very costly as the attacker has to reroute many wires to avoid detection. In addition, the data travelling through the shield mesh cannot be predicted by the attacker, because it is output by a cryptographic block cipher.