Data Remanence and Data Retention based Approach
- Sara Faour
- 1 Relevant Related Works
- 2 References for Data Remanence-based Approach
- 2.1 A data remanence based approach to generate 100% stable keys from an SRAM physical unclonable function → 2017
- 2.2 Evaluation of SRAM PUF characteristics and generation of stable bits for IoT security → 2020
- 2.3 Data Remanence Based Approach towards Stable Key Generation from Physically Unclonable Function Response of Embedded SRAMs using Binary Search → 2024
- 2.4 Open-Source Software-Based SRAM-PUF for Secure Data and Key Storage Using Off-The-Shelf SRAM → 2018
- 2.5 Using both Stable and Unstable SRAM Bits for the Physical Unclonable Function → 2022 (could not download it)
- 2.6 Juliet-PUF: Enhancing the Security of IoT-Based SRAM-PUFs Using the Remanence Decay Effect → 2023
- 2.7
- 2.8 Analysis of Data Remanence and Power-up States of SRAM Cells in Embedded Systems
- 2.9 Remanence decay side-channel: The PUF case
- 2.10 Attacking SRAM PUFs using very-low-temperature data remanence → 2019
- 3 References for Data Retention-based Approach
- 3.1 Improving the reliability of SRAM-based PUFs in the presence of aging → 2020
- 3.2 Improving the reliability of SRAM-based PUFs under varying operation conditions and aging degradation → 2021
- 3.3 A DRV-based bit selection method for SRAM PUF key generation and its impact on ECCs → 2022
- 3.4 A Systematic Bit Selection Method for Robust SRAM PUFs → 2022
- 3.5 Reliable physical unclonable functions using data retention voltage of SRAM cells → 2015
- 3.6 6T SRAM and 3T DRAM Data Retention and Remanence Characterization in 65nm bulk CMOS → 2012
- 4 Data Remanence attacks
- 5 Related works
check the state-of-the-art of different papers
Relevant Related Works
Selection approach using ramp rate A Systematic Bit Selection Method for Robust SRAM PUFs
Check carefully the repo https://github.com/Tribler/software-based-PUF/tree/master for relevant data remanence implementation and other open-source implementations
References for Data Remanence-based Approach
A data remanence based approach to generate 100% stable keys from an SRAM physical unclonable function → 2017
documentation: liu17data
(this is the original work on SRAM PUF using data remanence, all the other works cited this work)
Abstract → Temporal majority voting (TMV) and bit masking were used in previous works to identify and store the location of unstable or marginally stable SRAM cells. However, TMV requires a long test time and significant hardware resources. In addition, the number of repetitive power-ups required to find the most stable cells is prohibitively high. To overcome the shortcomings of TMV, we propose a novel data remanence based technique to detect SRAM cells with the highest stability for reliable key generation. This approach requires only two remanence tests: writing ‘1’ (or ‘0’) to the entire array and momentarily shutting down the power until a few cells flip. We exploit the fact that the cells that are easily flipped are the most robust cells when written with the opposite data. The proposed method is more effective in finding the most stable cells in a large SRAM array than a TMV scheme with 1,000 power-up tests. Experimental studies show that the 256-bit key generated from a 512 kbit SRAM using the proposed data remanence method is 100% stable under different temperatures, power ramp up times, and device aging.
cited by A novel SRAM PUF stability improvement method using ionization irradiation as: Liu and Zhou et al. [13] offered one more efficient preselection strategy making use of data remanence effect. This approach requires only two remanence tests—writing ‘1’ (or ‘0’) to the entire array and momentarily shutting down the power until a few cells flip and the easily flipped cells are the most robust ones. Almost 100% stable bits can be generated by the scheme but many stable cells are identified as unstable ones (e.g., over-selection) so that only a small portion of memory cells can be utilized. To make matters worse, the selected cells randomly straggle across the whole chip, which encumbers reusing SRAM chip to store data in source-constraint internet of things (IOT) devices [12].
The SRAM chips we tested were fabricated in an ultra-low leakage technology, requiring a relatively long power down time to observe data remanence effects. We expect a much shorter data remanence time (e.g. microseconds) for SRAMs built in advanced CMOS technologies. → The overall data remanence trends will be agnostic to the technology node.
(for SCuM that is using 6T SRAM in low-power 65nm CMOS process I checked:) 6T SRAM and 3T DRAM Data Retention and Remanence Characterization in 65nm bulk CMOS
“the 50% retention time (i.e., half the bits retained data) is 44 ms for the 6T SRAM in BULK CMOS technology”
(44ms is the total time required for all the SRAM cells to collapse, to extract 128-bit the time is smaller of course)
In a realistic scenario, we can select more bits than we need and then pick the number of stable bits requested by our target application. (less stringent condition on power-off time)
Note that we perform this extensive test on one of the chips to determine the appropriate power down period of all chips.
Evaluation of SRAM PUF characteristics and generation of stable bits for IoT security → 2020
(checked, not fully read)
Abstract: Better security is essential for IoT devices these days. Device authentication of IoT devices can be done by using Static Random-Access Memory Physical Unclonable Functions (SRAM PUF). However, SRAM PUF has poor stability and relatively high error rate. Temporal Majority Voting (TMV) and other Error Correction Codes (ECCs) has been used to improve SRAM PUF performance. But they require a lot of processing time and hardware resources. Most of the microcontrollers used in IoT devices do not have that. Still, those methods cannot produce sufficiently stable bits of SRAM PUF. The data remanence nature of SRAM cells can be utilized to generate much better SRAM PUF with low error rate and very stable bits. In this paper, we made use of both TMV and data remanence to obtain SRAM PUF characteristics of microcontrollers used in IoT devices. The characteristics of SRAM PUF such as biasness, uniqueness and stability have been analyzed and investigated for better understanding of SRAM PUF on different chips. Moreover, by using the data remanence method, we managed to obtain 128 bits of SRAM PUF from 512 bits of initial SRAM values with the error rate of 3.77x10-8 and the stability of 99.983% which can be implemented on simple microcontrollers.
SRAM PUF on AtMega328 Microcontrollers
The authors made use of both TMV and data remanence to obtain SRAM PUF characteristics of microcontrollers used in IoT devices.
The error rate of an AtMega238 is ranging from 0.2% to 2.4% but it never goes to zero. It means that there are always a few bits flipping for each iteration and therefore the stability of 100% could not be achieved using the TMV method alone.
- raw SRAM PUF characteristics
The individual strong ‘1’ and strong ‘0’ tests have the best results at T = 300ms. When both of 128 strong ‘1’ bits and 128 strong ‘0’ bits were used at the same time, we managed to obtain the error rate of 3.77 x 10-8 (3.77 x 10-6%) and the stability of more than 99.98%. This method used fewer number of iterations and consuming less time than TMV method and it is clear that this method can achieve significant error rate reduction and stability improvements over the TMV method.
Data Remanence Based Approach towards Stable Key Generation from Physically Unclonable Function Response of Embedded SRAMs using Binary Search → 2024
Documentation: aung24data (seams as extended work to Evaluation of SRAM PUF characteristics and generation of stable bits for IoT security)
Ram et al., [37] had researched this phenomenon in detail in 2002. They have done several SRAM experiments and their data remanence properties under various temperatures and power-off times. The amount of data retained is greatly affected by the duration of power cut-off and the temperature (????)
Different chips have different values of the power-off time when some of the bits start flipping [38](-> liu et al.). (????) (This argument is reinforced by experiments and calculations shown in Table 4)
Since the relationship between the power-off time for SRAMs and the number of flipped bits is almost linear within a specific range, changing the power-off time will be able to control the number of flip bits. ??????? (back to liu17data Figure 5, the relation does not look linear at all
, except the mid-time range)
Different microcontrollers behave differently under the same power-off time, but for most microcontrollers, the cells start flipping around 200ms to 300ms.
The lower the temperature is, the more effect it has on the error rate of the SRAM PUF. But the temperature above 30oC does not affect the error rate significantly. This is consistent with the property of SRAM PUFs which is affected most by the decrease in temperature [46].
Although temperatures above 20oC have no apparent effect on the optimal power-off time, lower temperatures can drastically increase the optimal power-off time. This is because the SRAMs have a higher tendency to undergo data remanence under lower temperatures and can maintain the data longer without any power [46]. However, the error rate and the stability are not affected by lower temperatures for the strong-1 and strong-0 cells, which are selected using the optimal power-off times.
Thus, the overall computational time has been reduced drastically. For instance, binary search method took 51.57 seconds or nine iterations to find the optimal power-off time of 626ms compared to linear search, with one-millisecond resolution, would take 626 iterations or approximately 33,626 seconds, which is almost one hour, to find the result.
Open-Source Software-Based SRAM-PUF for Secure Data and Key Storage Using Off-The-Shelf SRAM → 2018
(partially checked, not fully read) → 99 pages, very rich and interesting paper!
The authors introduce the first open source project to develop software-based SRAM PUF technology using off-the-shelf SRAM.
Between two tested brands of off-the-shelf SRAMs, only Cypress CY62256NLL shows a viable result as a PUF component.
The authors propose a procedure to develop SRAM PUF-based applications using any off-the-shelf SRAM. The procedure consists of three main steps:
testing the off-the-shelf SRAMquality to be a PUF component,
creating a PUF-generated key using enrollment-reconstruction mechanism,
developing any PUF-based application utilizing the PUF-generated key.
the developed key generation scheme can tolerate up to 12.7%
cited by Data Remanence Based Approach towards Stable Key Generation from Physically Unclonable Function Response of Embedded SRAMs using Binary Search as: Sajim [39] has researched SRAM PUF from off-the-shelf serial SRAM chips using the data remanence method and neighbour analysis. They verified their results by implementing it to generate Bitcoin keys [39].
Neighbor Analysis: A stable cell surrounded by more stable cells has a tendency to become more stable because its neighboring cells are likely to experience similar aging stress and operating conditions. In this algorithm, all the stable cells are given weight according to the number of stable bits surrounding it. The more stable neighbor cells it has, the higher weight it gets.
Before the algorithm is performed, one should collect lots of SRAM cells value first. The data should be retrieved in various condition, for example, different voltages, temperatures, and time differences
between enrollment.
Data Remanence: The authors used the same approach introduced in A data remanence based approach to generate 100% stable keys from an SRAM physical unclonable function and they searched for the required power down time
If data remanence approach is utilized, there is no need to gather many data. One only need to determine the temporal power down required to get strong bits required. Since usually the temporal down period required is less than 0.5 seconds, this analysis only takes few minutes.
Microchip 23LC1024 uses Low-Power CMOS Technology smaller than 90nm (this is all what I know about the fabrication technology)
To get 4662 bits, strong 1’s are generated using power down period of 0.185 seconds, while strong 0’s are calculated when 0.27 seconds are used as the power down period. The difference between power down period during generation of strong 1’s and strong 0’s is because the number of 1’s that flipped fast are more compared to 0’s. This is also related to the 0’s and 1’s distribution during normal initialization. (not recommended as PUF)
Cypress CY62256NLL uses 90nm Low-Power CMOS Technology
Unlike SRAM 23LC1024, power down period when enrolling strong 1’s and 0’s on CY62256NLL is not different. To get 4662 stable bits, both are enrolled using power down period 0.34 seconds. During the voltage and time interval variation, the stable bits produced by using algorithm also shows a promising result. It only accounts for maximum 73 bits difference (HDintra 1.56%) → obtained BER → be aware that the power-down time does not lead to ZERO BER! BER is later used to reduce the BER to nearly 0 value.
the SRAM size and the technology used in SRAM manufacturing affects a lot of SRAM quality as a PUF candidate.
an older manufacturing technology does not always produced a more stable SRAM (Cypress
CY7C15632KV18 (65nm) is more stable than Virage HP ASAP SP ULP 32-bit (90nm), even though the most stable is IDT 71V416S15PHI which produced using 180nm technology).not tested with temperature variation
The more dense an SRAM (smaller manufacturing technology), the more environments affect the performance of the SRAM (more prone to voltage and temperature difference) [48]. However, we cannot conclude that high density level always lead to low quality of an SRAM as a PUF candidate.
Another conclusion that can be retrieved is that data remanence analysis is proven to be a better bit selection algorithm than neighbor analysis
Using both Stable and Unstable SRAM Bits for the Physical Unclonable Function → 2022 (could not download it)
Next, we analyze the data remanence effect on the SRAM under various power-off times from
… We use the data remanence effect to help us choose our PUF bits.
Juliet-PUF: Enhancing the Security of IoT-Based SRAM-PUFs Using the Remanence Decay Effect → 2023
JULIET-PUF, a novel PUF-based method for IoT identification, which relies on SRAM content retrieval after power glitches with time differences. Our scheme comes with no added hardware cost on the edge device.
Since the data collection consists of traces obtained while performing power glitches of various duration, from zero to seven milliseconds at 10 microsecond intervals, to estimate the accuracy of each device, we measured the glitch duration we obtained in practice for various durations from 10 microseconds and up to seven milliseconds with 100 microsecond intervals.
The SRAM content of a particular device which gradually changes over the various glitch duration, is also influenced by the temperature, as can be seen in Figure 11.
Data remanence vulnerabilities in embedded SRAM at low temperature
Analysis of Data Remanence and Power-up States of SRAM Cells in Embedded Systems
Remanence decay side-channel: The PUF case
The use of SRAM remanence decay has been proposed as a time-keeping mechanism for clockless low-power devices, such as passive RFID tags [19]. This mechanism, called TARDIS, allows a clockless device to estimate how much time has passed since its last power-down and aims to impede oracle attacks.
Attacking SRAM PUFs using very-low-temperature data remanence → 2019
extended work of Low-Temperature Data Remanence Attacks Against Intrinsic SRAM PUFs → 2018
References for Data Retention-based Approach
Improving the reliability of SRAM-based PUFs in the presence of aging → 2020
Improving the reliability of SRAM-based PUFs under varying operation conditions and aging degradation → 2021
(extended work of Improving the reliability of SRAM-based PUFs in the presence of aging)
This method is defined as the Maximum Trip Supply Voltage (MTSV) method.
The authors show experimental results at:
MTSV method at nominal conditions
Resilience to circuit aging
Resilience to temperature variations
Resilience to supply voltage variations
This approach is very robust against circuit degradation and temperature variations
The 50 strongest cells according to the MTSV method prove to be very resilient against environmental variations, in this case against temperature variations ranging from 0 ◦C to 40 ◦C. In fact, the worst BER obtained for the 50 strongest cells is 0.0024%, which is even slightly lower than the average BER for the 50 strongest cells obtained at nominal conditions of temperature and supply voltage, which was 0.0025%.
The 0.0024% BER obtained in the worst case for temperature variations translates into roughly 1 erroneous power-up out of every 42,000 evaluations.
these results make clear that the MTSV classification performed at nominal temperature and supply voltage conditions is able to select cells that will have an extremely reproducible power-up behavior even under supply voltage variations.
The methodology in A data remanence based approach to generate 100% stable keys from an SRAM physical unclonable function has proven to be effective for experiments performed under different temperatures and power ramp times, and under device aging [8]. This approach has been tested in a design fabricated in an ultra-low leakage technology,which requires relatively long power-down times (in the order of hundreds of milliseconds)
The strongest cells correspond to the right tail of the histogram, i.e., those with a higher DRV value, while the weakest cells correspond to the left tail of the histogram. Unstable cells do not appear in the histogram, since no DRV value could be assigned to them.
based on measuring Data Retention Voltage (DRV, i.e., supply voltage value at which the cell loses its stored value)
if the range of supply voltages within which the cells experience a bit flip is bounded between ~80mV and ~280mV (as it is the case of our work)
A DRV-based bit selection method for SRAM PUF key generation and its impact on ECCs → 2022
(checked partially)
the Maximum Trip Supply Voltage (MTSV) method, easier to implement than the methods presented inData Remanence and Data Retention based Approach | ✅ A data remanence based approach to generate 100% stable keys from an SRAM phy...
While in Ref. Data Remanence and Data Retention based Approach | ⌛ Improving the reliability of SRAM based PUFs under varying operation conditio... the MTSV method is presented and experimentally validated only through the characterization of the PUF response, this work aims at experimentally proving the benefits of this method when used for key generation. To achieve this goal, bit selections are performed arbitrarily and by using two different methods (ME and MTSV). The resulting selections are evaluated in terms of reliability and compared at nominal conditions, under supply voltage and temperature variations, and after applying accelerated aging on an array of 6T SRAM cells.
(surveying bit-selection methods) To illustrate the benefits of using the MTSV method, a variety of bit selections were carried out in this work using different selection methods. First, arbitrary cell
selections methods were considered, then cells were selected using the ME method, and finally cells were selected with the MTSV method.Arbitrary selection: Two arbitrary selections were taken here: First and Random. First simply takes the first 128 cells of the SRAM array. Random takes a random selection of 128 cells out of the 832 ones available.
ME method: The higher the number of power-ups performed, the higher the confidence in identifying unreliable cells. However, a high number of power-ups is expensive in terms of test time and hardware. Therefore, a limited number of evaluations must be chosen for this procedure, thus establishing a trade-off between the quality of the evaluation and its complexity.
Improved Generation of Identifiers, Secret Keys, and Random Numbers From SRAMs → 2015
The method can be implemented easily with the memory embedded in its application context, either by adding simple circuitry to the digital design or by executing simple software. It does not need to be implemented by specialized vendors, or in the factory where the memory is manufactured
“20 power-ups under nominal conditions were deemed a good trade-off to discard unreliable cells.“
The MTSV method [14] works as follows: first, the non-preferred value is written in a cell. Then, a loop is stablished where, in each iteration, the supply voltage is lowered, more and more, in equidistant steps and for a short while, to a value in the range [VDD-VM, VDD-Vm] (where VM > Vm), and then raised again to its nominal value. The cell is then read to find out if the value store has been flipped from the non-preferred value to the preferred one. After that, the non-preferre value is written again before lowering the supply voltage to the next value in the range. This loop ends when the supply voltage is finally lowered to the value VDD-Vm. If there is a supply voltage below which the cell always flips to its preferred value, this voltage is known as the DRV. Then, the cell is deemed as reliable and its strength/weakness depends on DRV value itself: the higher (lower) the DRV, the stronger (weaker) the cell. Otherwise, if no voltage is found below which the cell consistently flips to its preferred value, the cell is labelled as unreliable and, obviously, no DRV is assigned.
A Systematic Bit Selection Method for Robust SRAM PUFs → 2022
wang22systematic & https://crystalfree.atlassian.net/wiki/spaces/SaraPhD/pages/2419556353
This work cites Improving the reliability of SRAM-based PUFs under varying operation conditions and aging degradation as [24]
Despite the Data Remanence method, this method is highly reliable over temperature and voltage variations, with a bit error rate (BER) close to zero.
It was tested on SRAM memory fabricated using low-power CMOS technology.
Data Retention approach is used afterwards to select stable cells.
Effect of temperature variation: Note that if the VDD,Min of 0.58 V (or higher) is employed during the
data retention test, all the selected cells are stable for 1000 power up cycles, and their use in a PUF will ensure very high reliability. Observe also, from comparing data for 85°C and the data for 50 °C, the percentage (%) of unstable cells at 85 °C is larger than that at 50 °C. This is because it is well known that higher temperature causes higher cell instability [28].Based on the reliability experiments presented for varying voltages, temperatures and aging, it has been shown that by selecting an appropriate VDD,Min voltage for stable cell strength selection, it is always possible to ensure desired reliability of an SRAM PUF. The trade-off is that while using a higher VDD,Min during cell selection yields more stable and reliable cells, there are fewer such cells in any given size of an SRAM array. This limits the reliability of the PUF (with a given number of bits) that can
be realized from any size of SRAM array.
Reliable physical unclonable functions using data retention voltage of SRAM cells → 2015
(partially checked, not fully read)
The PUF studied in this paper utilizes the variation sensitivity of static random access memory (SRAM) data retention voltage (DRV), the minimum voltage at which each cell can retain state.
If supply voltage is below data retention voltage (DRV), then transistors operate in the sub-threshold (sub-Vth) region [26] where they are highly sensitive to variations and may lose state. Such a loss of state on account of insufficient supply voltage is termed a data retention failure. The voltage at which data retention failures occur in each SRAM cell depends on its asymmetric process variation. Because DRV is randomly assigned to each cell through process variation, the DRV fingerprint of SRAM is a physical fingerprint suitable for use in a PUF.
This paper is not concerned with remaining above DRV, but instead with characterizing the DRV of each cell and using this unique variation-sensitive information as part of a PUF.
6T SRAM and 3T DRAM Data Retention and Remanence Characterization in 65nm bulk CMOS → 2012
(partially checked, not fully read)
(same authors as Reliability Enhancement of Bi-Stable PUFs in 65nm Bulk CMOS )
To precisely measure retention and remanence in SRAM and DRAM, we implemented specially
instrumented 6T SRAM and 3T DRAM test structures in 65nm bulk CMOS and tested them from -40◦C to 85◦C and under accelerated aging conditions. Results show that the 50% retention time (i.e., half the bits retained data) is 44 ms for the 6T SRAM and 3.8 ms for the 3T DRAM at -40◦C. Further, the data remanence effects were exploited to predict stored bits with over 82% accuracy for 22% of a 4kb SRAM array.(this paper has a different definition of data retention and data remanence)
Data Remanence attacks
Low-Temperature Data Remanence Attacks Against Intrinsic SRAM PUFs → 2018
Attacking SRAM PUFs using very-low-temperature data remanence (extension of the previous work)
Analysis of Data Remanence and Power-up States of SRAM Cells in Embedded Systems
Data Remanence Vulnerabilities in Embedded SRAM at Low Temperature
On the effectiveness of the remanence decay side-channel to clone memory-based PUFs
The Art of SRAM Security: Tactics for Remanence-based Attack and Strategies for Defense
Related works
Hardware security implications of reliability, remanence, and recovery in embedded memory → 2018
This paper introduces a new power glitching technique that reduces the data remanence time in embedded SRAM from seconds to microseconds at almost no cost.
The effect of data remanence and data retention on hardware security is discussed and possible countermeasures are suggested.