Reverse engineering techniques have historically been developed to perform the opposite of a typical process flow used to build Integrated Circuits. IC reverse engineering can be used for validation, debugging, patent infringement/malicious circuit modification/backdoors detection and failure analysis 8. Typical reverse engineering flow is expensive in terms of equipment, time and skills and is composed of:
i. circuit de-packaging
ii. layer by layer de-processing
iii. hundreds of SEM acquisitions for each layer
iv. cross-layer alignment
v. individual element annotation
vi. net list reconstruction and analysis
Today, embedded systems rely heavily on non-volatile memory (ROM, EEPROM and Flash) 9 to store code and data. There is a constantly growing demand for the confidentiality of the information stored in embedded devices for Intellectual Property (IP) protection and sensitive data such as passwords and cryptographic keys. Kommerling and Kuhn 10 have performed various reverse engineering techniques. They show that Mask ROM contents can be revealed using a microscope after sample preparation (selective dash etching). Since then Mask ROMs have not been considered to be secure unless encrypted.
Each semiconductor manufacturer has many different designs with a unique layout for Flash memory cells. But they all have something in common, the information is stored in a form of electric charge inside the memory transistor. The actual number of electrons varies from 105 in old technologies to less than 103 in modern chips. These electrons shift the threshold voltage of the memory transistor and this is then detected by a readout circuit. The electrons are placed into a memory transistor by applying high voltages to the memory transistor employing either one of two mechanisms: Fowler-Nordheim tunneling or Channel Hot Electron (CHE) injection. In order to erase the cell another combination of high voltages is applied which force the electrons to tunnel through a very thin oxide barrier. Flash EEPROM is widely used as a protection against reverse engineering because conventional de-processing methods only reveal the transistor structure and not its state.
Several publications exist which refer to Scanning Probe Microscopy (SPM) techniques being used to highlight differences between `0′ and `1′ in Flash EEPROM. For instance, the use of a current applied on a conductive tip allows us to see some interaction whenever electron charges are present within memory cells.
Voltage Contrast imaging is one of the first use of Scanning Electron Microscope. The depicted technique is actually based on a mode which corresponds to the setup where no external bias is applied to the sample while setup parameters permit to obtain various information on the sample.
In Scanning electron microscope technique as suggested by Franck in 8 , an automated acquisition routine can be launched. Scanning area and magnification need to be first defined. It permits to collect a large set of images over a full memory without the presence of an operator. At last, image processing enables us to align all acquisitions together, to enhance the image contrast and to extract `0s’ and `1s’ in an automated way. It also allows us correlating the extracted data with the one load into the samples.