Modern microprocessors are ubiquitously deployed in a wide variety of applications, from personal computers, laptops, tablets, and mobile phones for personal use, to space and automotive applications. It has been reported that the average household in the United States includes on average 40 microprocessors, premium class automobiles carry at least 75 embedded processors, while even low-profile vehicles can still include at least 50 processors.
Therefore, ensuring the integrity of a microprocessor is paramount, as security breaches can range from simple information leakage to life-threatening situations. Microprocessor designers incorporate extended security features in latest designs, in an effort to protect the system from external attacks. Due to the globalized supply chain, however, the final design may be tampered with during the design cycle and eventually fail to satisfy the security properties set forth by the designers.
Given the vast choice of intellectual property (IP) cores, circuit designers as well as system integrators can focus on the development of system architectures instead of manually designing, testing and implementing common functional modules. The wide usage of IP cores, however, comes at the cost of decreased security. Before eventually reaching the system integrator, an IP core has traveled through many stages and is modified by various design houses. There are plenty of design stages for attackers to insert malicious logic in the IP core throughout the whole IP transaction process. Such modifications, commonly referred to as hardware trojans, are purportedly done without the knowledge of the IP consumer. The additional functionality can be exploited by an attacker in order to cause catastrophic results, in case the functional module is embedded into mission-critical devices. Recently, silicon scanning revealed a backdoor in military chips, allowing the attacker to disable all the security of the chip. This discovery further emphasizes the need for malicious modification research, as the compromised chips are already deployed in the field.
As aggressive scaling continues to push technology into smaller feature sizes, various design robustness concerns continue to arise. Among them, the frequent occurrence of transient errors has resurfaced as a contemporary problem of interest. Part of the problem is attributed to strikes by neutrons or alpha particles and the corresponding single event upsets (SEUs) in memory bits, or single event transients (SETs) in combinational logic, which may potentially result in a soft error. As we move forward, however, errors occurring due to various other issues related to design marginalities, process variations and corner operating conditions are starting to play an equally important role. Notably, such errors may range in duration from single events to permanent faults. As a result, interest in enhancing on-line testability and error/fault resilience through concurrent error detection (CED) and/or correction methods has been revived.
While a plethora of CED solutions have been developed in the past, blindly applying them across the board is not only prohibitive in terms of cost but also unnecessary in terms of the attained coverage. Indeed, not all faults incur the same level of criticality and not all protection mechanisms contribute equally to the overall robustness of a design. Therefore, methods which analyze the relative importance of potential faults and the relative effectiveness of candidate countermeasures are invaluable for developing cost-effective solutions.
Modern microprocessors, in particular, exhibit an inherent effectiveness in suppressing a significant percentage of faults and preventing them from interfering with correct program execution (i.e. application-level masking). In other words, the probability that a fault will adversely impact the typical workload of a microprocessor varies greatly, depending on the frequency with which the corresponding hardware is used and the complexity of the control conditions necessary to propagate its effect to the architectural state of the microprocessor. Hence, application-level masking presents a great opportunity for developing cost-effective CED methods by identifying and targeting the most critical faults.