Industry Expert Blogs

The growing complexity and frequency of security threats facing organizations across the globe has transformed opinion about what's needed to keep devices secure. Modern system-on-chips (SoCs) take a 'Zero Trust' approach, assuming that no user, device or application is inherently trustworthy. In parallel to this approach, complementary solutions, including anti-tamper measures, are increasingly important.

Analog IPs such as clock, voltage and temperature monitors are all crucial components for tamper detection within ICs, helping to identify suspicious behavior or physical manipulation that could compromise critical infrastructure and expose sensitive information.

Tamper detection

Security threats are becoming more advanced than ever before, as attackers are discovering new techniques to exploit vulnerabilities. The secure area within a microprocessor and an SoC involves sensitive computations, so these can be especially vulnerable. There has been a surge in physical attacks, such as clock and voltage glitching, side-channel attacks and tampering incidents.

Until recently, digital anti-tamper solutions have been used in all but the most secure systems. However, these digital solutions come with compromises in their ability to detect all kinds of tamper attacks and could be impacted by reduced accuracy or increased false positives when there are variations in process, voltage, or temperature.

The role of tamper detection IP

Tamper detection IP provides a way to detect, measure, and respond to physical attacks or unauthorized access to an electronics device or system. Clock attack monitors, voltage glitch detectors, and temperature monitors are essential anti-tampering tools.

Clock attack monitors

Clock signal controls the timing and synchronization of processes. Attackers may try to manipulate the clock to disrupt the normal function of a root of trust and exploit vulnerabilities, either by slowing down or accelerating the clock. Clock attack monitors detect these irregularities and work with the wider secure enclave to rapidly deny access (Figure 1).

Figure 1 The agileCAM clock monitor IP provides frequency measurement with programmable alarm thresholds. Source: Agile Analog

Frequency variations such as unusual spikes or drops in clock frequency could indicate tampering. Loss of signal or abnormal clock signals could suggest physical attacks or tampering with the clock circuitry. Detecting these deviations in real-time enables the secure enclave to quickly implement counter measures like sending alerts, shutting down the IC, or isolating sensitive data.

Voltage glitch detectors

Voltage is a critical factor. Attackers may alter the voltage supplied to an IC in order to introduce faults or cause glitches that could allow access to encrypted data or breach security procedures. Attackers might also apply higher voltages to bypass security features or cause damage.

Figure 2 The agileVGLITCH IP identifies voltage side-channel attacks (SCAs) and tampering attempts. Source: Agile Analog

Voltage glitch detectors track the power supply and can identify changes (Figure 2). A drop in voltage could indicate a deliberate attempt to interrupt effective operation. Sudden voltage fluctuations can be a result of glitching or other tampering techniques. By continuously monitoring voltage levels, anomalies can be detected early and counter measures swiftly applied.

Temperature monitors

Temperature monitoring is another fundamental requirement as physical attacks often involve heating or cooling specific areas of a device to influence its behavior. Attackers may also use thermal methods to induce faults in ICs, causing errors that could be exploited.

Temperature monitors can detect unexpected thermal variations. High temperatures or temperature changes, either cooling or heating, could indicate tampering activity. Prompt detection means a prompt response to prevent potential tampering by triggering an alarm or initiating safe mode.

Product developments

Recent product developments include novel and customizable multi-process analog IPs that encompass anti-tampering solutions, which can be seamlessly integrated into any SoC. These IPs employ mixed-signal ring oscillator-based clock attack monitor that detects clock attacks involving changes in clock frequency, clock hold, and clock glitch errors. The IPs also provide frequency measurement with programmable alarm thresholds.

Then there are an enhanced voltage glitch detectors with programmable thresholds that identify voltage side-channel attacks (SCAs) and tampering, such as supply voltage changes/glitches and power supply manipulation. Next, temperature sensors featuring an integrated analog-to-digital converter (ADC) provide a digital output. On modern SoCs, temperature sensing is critical for detection of security attacks and optimization of power, performance and area (PPA).

Tamper detection is now a fundamental requirement for organizations across the globe. Government bodies, including the U.S. (FIPS 140-3), the EU (CC EAL) and China (CCCS), are constantly working to strengthen their cryptographic security standards to deal with rising security threats.

So, as the risk of security attacks accelerates, analog anti-tamper IPs such as clock attack monitors, voltage glitch detectors and temperature monitors are no longer just a 'nice to have' feature.

There is no doubt that as technologies advance and new security attack methods are developed, these tamper detection tools will continue to play a key role in safeguarding critical infrastructure and sensitive data.