A Near-Instantaneous and Non-Invasive Erasure Design Technique to Protect Sensitive Data Stored in Secure SRAMs

Abstract

On-chip memories, and in particular SRAMs, are among the most critical components in terms of data security because they might contain sensitive data such as secret keys. Whenever a tampering event is detected, one should be able to erase efficiently and rapidly the full content of a memory holding such sensitive data, but current solutions based on simple power-off lead to very long erasure times. In this paper, we present a non-invasive design technique based on an innovative mechanism to remove electric charges from SRAM bitcells still powered on, before refreshing them with a new content not correlated with the previous one. The particularity of this novel hardware countermeasure is to be natively compatible with any SRAM circuit designed from pushed-rule foundry bitcells. We have designed and characterized an 8kB SRAM in 22nm FD-SOI process technology exploiting the proposed security strategy demonstrating an erase operation accomplished in the nanosecond time scale (versus 295µs with the conventional power-off solution) at the cost of an additional area of less than 5%. We have also shown that our solution is more efficient than a solution without prior erasure consisting in writing identical data to all memory addresses in a single clock cycle (1 ns). The use of the latter drops the ratio of zeroized addresses at 92 %, while increasing the operating energy consumption by 2.1x under nominal operating conditions.