Abstract: The disclosure generally provides methods, systems and apparatus to construct a Physically Unclonable Function (PUF) value for an electronic package based on the package's internal components and their interconnects. In one embodiment, the package is a System-On-Chip (SOC) having a plurality of dielets and a plurality of interconnect connecting the dielets. Each of the dielets and each of the interconnects (at one or more locations) may define an entropy source. each entropy source may have an entropy value. Each entropy source communicates an initial entropy value to a PUF aggregator. The PUF aggregator receives and/or aggregates the various entropies from the various entropy sources to construct the native SOC PUF value. The native SOC PUF value defines the authentic PUF value of the SOC at SOC release. Any deviation from the native SOC PUF value may be deemed a security breach of the SOC.

Abstract: In one embodiment, memory cell includes a control gate, a floating gate, a substrate comprising a source region and a drain region, a first isolator between the control gate and floating gate, and a second isolator between the floating gate and the substrate. The memory cell is configured to have a retention time that is within a statistical window around a selected lifespan. The selected lifespan may be less than ten years, such as, for example, less than one year, less than one month, or less than one week.

Abstract: Various systems and methods for detecting and preventing side-channel attacks, including attacks aimed at discovering the location of KASLR-randomized privileged code sections in virtual memory address space, are described. In an example, a computing system includes electronic operations for detecting unauthorized attempts to access kernel virtual memory pages via trap entry detection, with operations including: generating a trap page with a physical memory address; assigning a phantom page at an open location in the privileged portion of the virtual memory address space; generating a plurality of phantom page table entries corresponding to an otherwise-unmapped privileged virtual memory region; placing the trap page in physical memory and placing the phantom page table entry in a page table map; and detecting an access to the trap page via the phantom page table entry, to trigger a response to a potential attack.

Abstract: Various systems and methods for detecting and preventing side-channel attacks, including attacks aimed at discovering the location of KASLR-randomized privileged code sections in virtual memory address space, are described. In an example, a computing system includes electronic operations for detecting unauthorized attempts to access kernel virtual memory pages via trap entry detection, with operations including: generating a trap page with a physical memory address; assigning a phantom page at an open location in the privileged portion of the virtual memory address space; generating a plurality of phantom page table entries corresponding to an otherwise-unmapped privileged virtual memory region; placing the trap page in physical memory and placing the phantom page table entry in a page table map; and detecting an access to the trap page via the phantom page table entry, to trigger a response to a potential attack.

Abstract: In one embodiment, a semiconductor device comprises one or more defense layers, the one or more defense layers each characterized by at least two lattice constants that are mismatched, wherein a mismatch in the lattice constants causes a destabilizing force that comprises at least one of a tensile force or a compressive force; and a plurality of other layers, wherein at least a sufficient part of the destabilizing force is restrained for the one or more defense layers to remain intact unless reduction in thickness of at least a section of one or more of the plurality of other layers, causes at least some of the destabilizing force that was restrained to no longer be restrained, and consequently at least part of at least one of the one or more defense layers to break.

Abstract: A multi-die chip assembly is described, the multi-die chip assembly including at least one detection apparatus which detects manipulations of the multi-die chip assembly, the detection apparatus including a distributed circuit including a circuit whose elements are distributed among those dies which include the elements of a local reference circuit, the distributed circuit including a free running clock, at least one local reference circuit disposed in at least one die of the multi-die chip assembly, each of the local reference circuits including a free running clock, and at least one non-volatile memory, in which is stored during manufacture of the multi-die chip assembly, an allowed range of a result of a function having at least two arguments for each reference circuit a value of the frequency of the local reference circuit as manufactured, and a value of the frequency of the distributed circuit as manufactured, at least one element of the plurality of memories being disposed in each die including the elem

Abstract: A method for data transfer includes receiving a control signal triggering a transfer of a secret value into an element (24) of a circuit (20). In response to the control signal, a dummy value (42, 50) and the secret value are inserted in succession into the element of the circuit.

Abstract: An electronic device (22, 48, 50) includes an array (26) of memory cells, which are configured to store data values. One or more sense amplifiers (40) have respective inputs for receiving signals from the memory cells and are configured to output the data values corresponding to the received signals. Switching circuitry (36, 52) is coupled between the array of the memory cells and the sense amplifiers and is configured to receive an indication of a temporal pattern and to route the signals from the memory cells among the inputs of the sense amplifiers in accordance with the temporal pattern.

Abstract: A multi-die chip assembly is described, the multi-die chip assembly including at least one detection apparatus which detects manipulations of the multi-die chip assembly, the detection apparatus including a distributed circuit including a circuit whose elements are distributed among those dies which include the elements of a local reference circuit, the distributed circuit including a free running clock, at least one local reference circuit disposed in at least one die of the multi-die chip assembly, each of the local reference circuits including a free running clock, and at least one non-volatile memory, in which is stored during manufacture of the multi-die chip assembly, an allowed range of a result of a function having at least two arguments for each reference circuit a value of the frequency of the local reference circuit as manufactured, and a value of the frequency of the distributed circuit as manufactured, at least one element of the plurality of memories being disposed in each die including the elem

Abstract: An integrated circuit device (20, 60) includes a plurality of memory cells (22), which are configured to store data. Multiple P-N junctions (24) are arranged so that a single, respective P-N junction is disposed in proximity to each memory cell and is configured to emit optical radiation during readout from the memory cell with a wavelength matching an emission wavelength of the memory cell.

Abstract: A method for data transfer includes receiving a control signal triggering a transfer of a secret value into an element (24) of a circuit (20). In response to the control signal, a dummy value (42, 50) and the secret value are inserted in succession into the element of the circuit.

Abstract: An integrated circuit device (20, 60) includes a plurality of memory cells (22), which are configured to store data. Multiple P-N junctions (24) are arranged so that a single, respective P-N junction is disposed in proximity to each memory cell and is configured to emit optical radiation during readout from the memory cell with a wavelength matching an emission wavelength of the memory cell.

Abstract: An electronic device (22, 48, 50) includes an array (26) of memory cells, which are configured to store data values. One or more sense amplifiers (40) have respective inputs for receiving signals from the memory cells and are configured to output the data values corresponding to the received signals. Switching circuitry (36, 52) is coupled between the array of the memory cells and the sense amplifiers and is configured to receive an indication of a temporal pattern and to route the signals from the memory cells among the inputs of the sense amplifiers in accordance with the temporal pattern.

Abstract: An electronic device (22, 72) includes an array (24, 74) of memory cells, including at least one range of the cells in which at least one cell (38, 40, 76) is permanently fixed during manufacture of the device to have a given value, while others of the cells are permitted to be programmed subsequently. A readout circuit (26) is configured to concurrently read out all the cells in the range, including the at least one permanently-programmed cell and the subsequently-programmed cells.