Optical surveillance on silicon chips

Quantar Mepsicron II, S25 180–940 nm 1% 0% .005 e/s 50 ps Hamamatsu H6780-01 250–850 nm 0% 0% 400 e/s 780 ps Transistors emit photons when they switch. This has been well known for decades and is actively used in failure analysis. So far, observation of such emissions was associated with sophisticated and expensive equipment, because only a very limited number of photons emitted per every switch – usually 10 to 10. The peak of emission is in the near-infrared (NIR) spectrum (900 to 1200 nm) and this poses restrictions on sensors selection. The emission comes from an area close to the drain and primarily from the NMOS transistor (Fig.1). Optical emission significantly increases at higher power supply voltages (Tab.1). Optical emission has good correlation with power analysis and can be used for characterisation of leaking areas for later improvement of protection against power analysis attacks. A set of experiments was carried out using a PMT sensor attached directly to the opened chip (Fig.2). The results, presented in Fig.3-4, reveal that optical emission has higher bandwidth and thus data appearing at different times can be separated for further analysis. My research shows that modern low-cost CCD cameras are adequate for detecting photons emitted by modern CMOS circuits. Different sensors used for emission analysis are compared in Table 2. Photomultipliers are very fast, but they have limited sensitivity in the NIR region. Monochrome CCD cameras have good NIR sensitivity and low dark current, which is important with long exposure times.