MSIPS: Multi-tiered Security IPs Architecture for Secure SoC Design

The demand for dedicated on-chip security modules, such as infrastructure Intellectual Properties (IIPS), which is utilized to facilitate the verification, test, and validation of SoC, has become a new trend in Design-for-Security (DfS) technology. However, IIPS does not take into account of the diversity of different functional IPs, so that it cannot provide comprehensive security protection for different functional IPs. In this paper, to provide protection against various threats for SoC during test time and run time, we propose a Multi-tiered Security IPs (MSIPS) architecture and a preliminary theoretical study. This paper presents the design of the structure and security functions of MSIPS. The specific implementation of MSIPS that we study here can provide protection against: SoC or hardware IP theft with a Physical Unclonable Function (PUF) primitive, hardware Trojan attack with a multi-parameters side-channel analysis primitive, illegal user/operator identification with a user/system authentication primitive. Experimental results verify the effectiveness of MSIPS in providing protections against diverse attacks. As a centralized low-overhead on-chip module, MSIPS resides outside the functional IPs and has the features of flexibility, scalability, and diversity.