Missing Protection Against Hardware Reverse Engineering Using Integrated Circuit (IC) Imaging Techniques

Incomplete Base

Structure: Simple

Description

This vulnerability occurs when hardware lacks safeguards against physical inspection, allowing attackers to extract sensitive data by capturing and analyzing high-resolution images of the integrated circuit's internal structure.

Extended Description

Attackers can physically reverse-engineer chips to uncover secrets stored within the silicon. By removing the chip packaging and using advanced imaging techniques—from non-invasive X-ray microscopy to destructive layer-by-layer scanning electron microscopy—they can visually map the circuit's layout and memory contents. This process directly reveals information that software attacks cannot access. Hardware secrets like encryption keys, device identifiers, proprietary firmware, or circuit designs stored in non-volatile memory (such as Masked ROM) or within the circuit netlist itself are exposed. While some memory types like One-Time Programmable (OTP) memory offer more resistance, the absence of dedicated anti-tampering protections makes extraction feasible for determined adversaries with specialized equipment.

Common Consequences 1

Scope: Confidentiality

Impact: Varies by Context

A common goal of malicious actors who reverse engineer ICs is to produce and sell counterfeit versions of the IC.

Potential Mitigations 1

Phase: Architecture and Design

The cost of secret extraction via IC reverse engineering should outweigh the potential value of the secrets being extracted. Threat model and value of secrets should be used to choose the technology used to safeguard those secrets. Examples include IC camouflaging and obfuscation, tamper-proof packaging, active shielding, and physical tampering detection information erasure.

Demonstrative Examples 1

Consider an SoC design that embeds a secret key in read-only memory (ROM). The key is baked into the design logic and may not be modified after fabrication causing the key to be identical for all devices. An attacker in possession of the IC can decapsulate and delayer the device. After imaging the layers, computer vision algorithms or manual inspection of the circuit features locate the ROM and reveal the value of the key bits as encoded in the visible circuit structure of the ROM.

References 2

A Survey on Chip to System Reverse Engineering

Shahed E. Quadir, Junlin Chen, Domenic Forte, Navid Asadizanjani, Sina Shahbazmohamadi, Lei Wang, John Chandy, and Mark Tehranipoor

https://dl.acm.org/doi/pdf/10.1145/2755563(2023-04-07)

ID: REF-1092

Security Failures In Secure Devices

Christopher Tarnovsky

21-02-2008

https://www.blackhat.com/presentations/bh-dc-08/Tarnovsky/Presentation/bh-dc-08-tarnovsky.pdf

ID: REF-1129

Applicable Platforms

Languages:

Not Language-Specific : Undetermined

Technologies:

Not Technology-Specific : Undetermined

Modes of Introduction

Architecture and Design

Related Attack Patterns

Related Weaknesses

ChildOf:

Protection Mechanism Failure (CWE-693)

Notes

MaintenanceThis entry is still under development and will continue to see updates and content improvements. It is more attack-oriented, so it might be more suited for CAPEC.