The joint venture has grown out of the TrulyUniqueChips partnership (see E-beam litho enables secure chip partnership). UniqIC is a 50:50 joint venture between Irdeto and Mapper. Irdeto is an expert in software security with experience of hardening software while Mapper is a provider of maskless multi-beam electron-beam lithography systems to semiconductor wafer fabs.
UniqIC’s general approach is to provide the technology to write unique codes into individual chips that can be distributed across the chip. Electron-beam lithography would write direct from a computer database to vary the interconnect or gate details within each chip. These codes can serve as a secure identity for the chip and can serve to make the hacking of a chip uneconomic. “We can provide high security at low cost, which makes it suitable for IoT,” said Werner Strydom, chief operating officer of UniqIC.
Because of the length of time taken to expose the resist direct-write e-beam lithography has found little traction in the semiconductor industry. Mapper’s approach is to use thousands of beamlets to simultaneously write to the die although its FLX-1200 platform is typically only capable of a few wafers per hour compared with typical lithography throughputs of 60 to 100 wafers per hour.
However, in the case of adding security the slower throughput may be seen as justifiable. The projected cost of adding UniqIC security is seen as being as low as less than 1 cent per chip in high volume although that does suppose the gradual introduction of e-beam lithography as a manufacturing option for wafer fabs.
E-beam lithography inserted into CMOS wafer flow as an option for security. Source: TrulyUniqueChips.
Strydom said the TrulyUniqueChips partnership had been working on the RTL design of a security chip or module that could be used as a unique code within or adjacent to a conventional chip.
UniqIC is now working with system engineering company Technolution BV (Gouda, The Netherlands) on that first prototype security chip called the Sand Grain. The chip design and an initial implementation in FPGA has been done. A third-party is conducting a security evaluation and the next step is to manufacture the security chip using the Mapper e-beam scanner, which is projected to happen during the second half of 2018, Strydom said.
UniqIC is being bankrolled by its parent companies and has enough resources for at least the next three years, executives at the company said. As a business model the company would likely provide some combination of security IP for license, secure chips and secure life-cycle management.
“Discussions are taking place with CEA-Leti and a semiconductor fab to facilitate developing the new process steps required for the prototype chip. UniqIC is currently in advanced stage discussions with a number of potential customers to use the prototype chip in proof-of-concept projects,” said Strydom in email correspondence with eeNews Europe.
Mapper, founded in 2000, has a long history of partnership with CEA-Leti as well as some involvement with the world’s leading foundry TSMC. Isabelle Servin of Leti presented a paper at the SPIE conference on the process development for a 40nm security application using Mapper’s FLX-1200 platform installed at CEA-Leti. The 40nm process in this case belongs to STMicroelectronics.
Initial applications are expected to be a mix of conventional and e-beam lithography and this could see CMOS wafers part-processed at a fab, then being moved to an e-beam lithography facility to work on deep metal layers and then returned to the original wafer fab for completion and sent on for test and packaging, said Strydom.
Next: Technology options
Hans Dekker, CTO at UniqIC, said that the use of e-beam lithography provides a couple of technology options. One is to build a wired algorithm representing a very long key – potentially thousands of bits – that is distributed in the form of vias and gaps between a couple of metal layers in the chip. Such a key would be very difficult, almost impossible to spot even with the use of focused ion-beam de-layering of multiple chips. And even if it could be done it would not reveal the codes in other chips. “The key is not in an array of cells or one-time programmable memory. The key is spread out across tens of thousands of vias,” said Strydom.
An alternative approach is to use the multi-beam lithography to trim circuits, such as SRAM cells, so that the SRAMs will power up in a known state. This is what Dekker and Strydom called a deterministic physically unclonable function (PUF).
PUF is an established security solution that is offered by Intrinsic-ID which started in Eindhoven, The Netherlands, but is now headquartered in Sunnyvale, California. PUF uses the natural variability of silicon and the metastability of structures such as SRAMs to create a unique and unknown code to serve as the seed for a key.
But the fact that you don’t know the key and cannot prove the code is unique is also a disadvantage of the security system, UniqIC argues. By creating a deterministic PUF the key can be written into the chip and it would be almost impossible to see optically, Dekker said. But Strydom added: “We are not necessarily going to displace PUF.”
“Although Irdeto may use the UniqIC technology in its own products in the future, its primary interest is as a provider of end-to-end security solutions for digital platforms,” said Strydom. “For now the focus [for UniqIC] is on military-aerospace applications and the Internet of Things,” he said.
Eduard Hoeberichts, CEO of UniqIC, said that company would be run with relatively few staff to begin with but could consider a venture capital funding round in 2019. “We have to scale the technology to the market,” Hoeberichts said.
The UniqIC website was not yet active when this story was first posted.
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.