Progressing a bit more on the #Silicon #RE side, I came across the structure used for manufacturing ROM (from the same paper as last time) and how it can affect #reverse #engineering.
1. Types of technology
There are four main types of technology, as seen in the first image, depending on how a bit is represented:
Active-Layer, Contact-Layer, Metal-Layer and Implant Programming ROMs.
The first three of them (Active-Layer, Contact-Layer, Metal-Layer) all share the fact that a physical construction is used to represent a bit:
Active-Layer: transistor present or absent
Contact-Layer: presence or absence of a contact connecting the cell
Metal-Layer: metal connection (short circuit) present or absent
2. Which one is harder to Reverse Engineer?
So, according to the information provided in the paper and the images included, second image, these constructions allow to “easily” read the bitstream using an optical microscope.
On the other hand, implant programming ROMs use different doping levels to turn on or off a transitors; during manufacturing additional dopants are selectively introduced to change the electrical behavior of each cell
So, from a #Reverse #Engineering point of view, implant-based systems are harder to analyze, since optical microscopy alone is typically not sufficient to distinguish the cells.
Original paper: https://www.researchgate.net/publication/301317714_A_Survey_on_Chip_to_System_Reverse_Engineering
Would you like to receive notifications about new posts?