WO2007018761A2 - Security method for data protection - Google Patents

Security method for data protection Download PDF

Info

Publication number
WO2007018761A2
WO2007018761A2 PCT/US2006/024161 US2006024161W WO2007018761A2 WO 2007018761 A2 WO2007018761 A2 WO 2007018761A2 US 2006024161 W US2006024161 W US 2006024161W WO 2007018761 A2 WO2007018761 A2 WO 2007018761A2
Authority
WO
WIPO (PCT)
Prior art keywords
integrated circuit
electrical shield
security
circuit board
printed circuit
Prior art date
Application number
PCT/US2006/024161
Other languages
French (fr)
Other versions
WO2007018761A3 (en
Inventor
Alain Peytavy
Alexandre Croguennec
Original Assignee
Atmel Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from FR0507766A external-priority patent/FR2888975B1/en
Application filed by Atmel Corporation filed Critical Atmel Corporation
Priority to BRPI0613561-7A priority Critical patent/BRPI0613561A2/en
Priority to CN2006800325295A priority patent/CN101258552B/en
Publication of WO2007018761A2 publication Critical patent/WO2007018761A2/en
Publication of WO2007018761A3 publication Critical patent/WO2007018761A3/en

Links

Classifications

    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L23/00Details of semiconductor or other solid state devices
    • H01L23/57Protection from inspection, reverse engineering or tampering
    • H01L23/576Protection from inspection, reverse engineering or tampering using active circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F13/00Interconnection of, or transfer of information or other signals between, memories, input/output devices or central processing units
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/86Secure or tamper-resistant housings
    • G06F21/87Secure or tamper-resistant housings by means of encapsulation, e.g. for integrated circuits
    • GPHYSICS
    • G11INFORMATION STORAGE
    • G11CSTATIC STORES
    • G11C5/00Details of stores covered by group G11C11/00
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2224/00Indexing scheme for arrangements for connecting or disconnecting semiconductor or solid-state bodies and methods related thereto as covered by H01L24/00
    • H01L2224/01Means for bonding being attached to, or being formed on, the surface to be connected, e.g. chip-to-package, die-attach, "first-level" interconnects; Manufacturing methods related thereto
    • H01L2224/42Wire connectors; Manufacturing methods related thereto
    • H01L2224/47Structure, shape, material or disposition of the wire connectors after the connecting process
    • H01L2224/48Structure, shape, material or disposition of the wire connectors after the connecting process of an individual wire connector
    • H01L2224/4805Shape
    • H01L2224/4809Loop shape
    • H01L2224/48091Arched
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2224/00Indexing scheme for arrangements for connecting or disconnecting semiconductor or solid-state bodies and methods related thereto as covered by H01L24/00
    • H01L2224/01Means for bonding being attached to, or being formed on, the surface to be connected, e.g. chip-to-package, die-attach, "first-level" interconnects; Manufacturing methods related thereto
    • H01L2224/42Wire connectors; Manufacturing methods related thereto
    • H01L2224/47Structure, shape, material or disposition of the wire connectors after the connecting process
    • H01L2224/48Structure, shape, material or disposition of the wire connectors after the connecting process of an individual wire connector
    • H01L2224/481Disposition
    • H01L2224/48151Connecting between a semiconductor or solid-state body and an item not being a semiconductor or solid-state body, e.g. chip-to-substrate, chip-to-passive
    • H01L2224/48221Connecting between a semiconductor or solid-state body and an item not being a semiconductor or solid-state body, e.g. chip-to-substrate, chip-to-passive the body and the item being stacked
    • H01L2224/48225Connecting between a semiconductor or solid-state body and an item not being a semiconductor or solid-state body, e.g. chip-to-substrate, chip-to-passive the body and the item being stacked the item being non-metallic, e.g. insulating substrate with or without metallisation
    • H01L2224/48227Connecting between a semiconductor or solid-state body and an item not being a semiconductor or solid-state body, e.g. chip-to-substrate, chip-to-passive the body and the item being stacked the item being non-metallic, e.g. insulating substrate with or without metallisation connecting the wire to a bond pad of the item
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2224/00Indexing scheme for arrangements for connecting or disconnecting semiconductor or solid-state bodies and methods related thereto as covered by H01L24/00
    • H01L2224/73Means for bonding being of different types provided for in two or more of groups H01L2224/10, H01L2224/18, H01L2224/26, H01L2224/34, H01L2224/42, H01L2224/50, H01L2224/63, H01L2224/71
    • H01L2224/732Location after the connecting process
    • H01L2224/73251Location after the connecting process on different surfaces
    • H01L2224/73265Layer and wire connectors
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L24/00Arrangements for connecting or disconnecting semiconductor or solid-state bodies; Methods or apparatus related thereto
    • H01L24/01Means for bonding being attached to, or being formed on, the surface to be connected, e.g. chip-to-package, die-attach, "first-level" interconnects; Manufacturing methods related thereto
    • H01L24/42Wire connectors; Manufacturing methods related thereto
    • H01L24/47Structure, shape, material or disposition of the wire connectors after the connecting process
    • H01L24/48Structure, shape, material or disposition of the wire connectors after the connecting process of an individual wire connector
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/0001Technical content checked by a classifier
    • H01L2924/00014Technical content checked by a classifier the subject-matter covered by the group, the symbol of which is combined with the symbol of this group, being disclosed without further technical details
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/01Chemical elements
    • H01L2924/01057Lanthanum [La]
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/10Details of semiconductor or other solid state devices to be connected
    • H01L2924/11Device type
    • H01L2924/14Integrated circuits
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/15Details of package parts other than the semiconductor or other solid state devices to be connected
    • H01L2924/151Die mounting substrate
    • H01L2924/153Connection portion
    • H01L2924/1531Connection portion the connection portion being formed only on the surface of the substrate opposite to the die mounting surface
    • H01L2924/15311Connection portion the connection portion being formed only on the surface of the substrate opposite to the die mounting surface being a ball array, e.g. BGA
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/15Details of package parts other than the semiconductor or other solid state devices to be connected
    • H01L2924/151Die mounting substrate
    • H01L2924/153Connection portion
    • H01L2924/1532Connection portion the connection portion being formed on the die mounting surface of the substrate
    • HELECTRICITY
    • H01ELECTRIC ELEMENTS
    • H01LSEMICONDUCTOR DEVICES NOT COVERED BY CLASS H10
    • H01L2924/00Indexing scheme for arrangements or methods for connecting or disconnecting semiconductor or solid-state bodies as covered by H01L24/00
    • H01L2924/30Technical effects
    • H01L2924/301Electrical effects
    • H01L2924/3025Electromagnetic shielding

Definitions

  • the present device relates to data security devices and methods .
  • the data are commonly encrypted prior to transmission.
  • data or software could still be accessed prior to encryption, as by accessing the leads of an integrated circuit to which the unencrypted data are first sent.
  • 6,646,565 discloses a device for security of electronic circuits in which an electronic device is encased between a first and a second circuit board each of which has a serpentine conductive layer.
  • a tamper detection circuit is connected to the conductive layer to detect circuit tampering.
  • the entire device is wrapped in a mesh. Any tampering with the circuit boards or the mesh is sensed by detection of disturbance in a current flowing through a security layer in the circuit boards and mesh. This current disturbance signals a security system to erase sensitive data, such that it will not be intercepted.
  • Other similar devices include U.S. Patent Nos . 4,593,384; 4,691,350; and 4,807,284.
  • U.S. Patent No. 5,406,630 discloses a tamper proof integrated circuit (IC) device.
  • the package and lid include heavy metals to prevent both x-ray radiation and infrared detection of the functioning of the chip. This effectively provides an electrical shield of the workings of the IC.
  • U.S. Patent No. 6,396,400 discloses a security system for protecting a data storage device.
  • the data storage device is enclosed in a first housing, which is mounted within and separated from a second housing by a number of support structures.
  • a vacuum is created in an interstitial space between the first housing and the second housing. Breach of the second housing causes a pressure change.
  • the pressure change is detected by a sensor which signals the data storage device to act to protect the data from tampering.
  • a device and method to protect data using a cavity down pinless contact grid array on a printed circuit board must have an integrated circuit housing additional circuitry.
  • the packaging of this integrated circuit includes a dielectic layer and a conductive layer beneath the dielectric layer.
  • the circuit board also includes a conductive layer used as an electrical shield layer. Both the printed circuit board and the cavity down grid array integrated circuit have a current introduced through the conductive layer on each respective device. If tampering is detected by a disturbance of the current, then the chip is instructed to scramble or erase data on the chip, preventing access.
  • Fig. 1 is a cross section of an integrated circuit positioned on a printed circuit board.
  • Fig. 2 is a flow chart of an embodiment of the security process .
  • Fig. 3 is a cross sectional view of another embodiment showing an integrated circuit and a printed circuit board.
  • Fig. 4a is a top view of a serpentine trace having two ball contacts.
  • Fig. 4b is a top view of an alternative serpentine trace having two ball contacts.
  • Fig. 5a is a top view of a first embodiment of a two net serpentine trace, each net having two ball contacts .
  • Fig. 5b is a top view of a second embodiment of a two net serpentine trace, each net having two ball contacts .
  • Fig. 5c is a top view of a third embodiment of a two net serpentine trace, each net having two ball contacts .
  • Fig. 6 is a top view of a serpentine trace having two ball contacts in which the trace extends into two layers .
  • Fig. 7a is a top view of a first embodiment of a two net serpentine trace, each net having two ball contacts, with the nets occupying two layers.
  • Fig. 7b is a top view of a second embodiment of a two net serpentine trace, each net having two ball contacts, with the nets occupying two layers. - A -
  • a secure integrated circuit has security protection such that it may be used for secure transactions.
  • a cavity down ball grid array integrated circuit 20 is positioned on a printed circuit board 30.
  • Integrated circuit 20 includes balls 14 on the ball grid array.
  • the cavity 18 faces down towards the printed circuit board 30.
  • a wire pin 16 within the cavity 18 is thus not accessible to tampering without drilling through the integrated circuit packaging or the circuit board.
  • the packaging of the integrated circuit includes an electrical shield layer 12.
  • Layer 10 is a dielectric layer (such as black epoxy or similar material) .
  • Layer 10 protects the electrical shield from physical tampering without prior de-processing.
  • a conductor layer 13 for example a plated copper layer.
  • Layer 13 is a conductive layer used for other signal routing.
  • Layer 12 is made by a serpentine trace. This conductor layer 12 is connected to a monitoring circuit, a current source, and to the memory of the integrated circuit. If the integrated circuit is tampered with, as by drilling or other interference, the security circuit is triggered to erase the data on the integrated circuit 20.
  • the printed circuit board 30 includes an dielectric layer 34.
  • the security device erases the data such that it cannot be accessed.
  • a ball grid array integrated circuit was used.
  • Other contact arrays, such as a column grid array may alternatively be used.
  • the lead array not include pins (i.e., be a pinless array.) Pins extending into and/or through a printed circuit board would negate the ability to protect signal on the leads.
  • the integrated circuit that is put in a secure package is designed to embed a specific circuitry that will drive both the integrated circuit security layer 12 and the printed circuit board security layer 32. This circuitry checks to ensure that the integrity of the circuit has not been compromised or been subject to tampering.
  • the flow diagram of the security feature in operation is similar to the operation of prior devices in which a combination of multiple printed circuit boards and mesh polymer was used although the device of the present invention is significantly different from the prior art.
  • the continuous security operation at operation 70 the current flowing through the security system is monitored. The voltage detected at any given time may be compared to a known set voltage level to determine if the voltage is expected and consistent with past voltage levels.
  • a logic queries whether the current has been disrupted.
  • the logic instructs a continuation of operation 70 where the security circuit is monitored. If operation 72 does detect tampering with the circuit (indicated by a disruption of the current) , operation 74 is initiated, and a security measure is initiated to protect the data. Generally, this security measure will be to erase the data .
  • FIG. 3 a cross section of an alternative integrated circuit and circuit board is shown.
  • This device includes integrated circuit 43 mounted on circuit board 41.
  • Packaging 40 prevents physical examination of the underlying security shield.
  • This material may be a black epoxy or other similar material .
  • Embedded in packaging 40 is integrated circuit security shield 42.
  • This security shield may be any conductive means that may be monitored by a security circuit to allow detection of tampering.
  • a serpentine trace is one security shield implementation.
  • Attached to the outer edges of security shield 42 are conductive connections 44, which connects to layer 64, which in turn is connected to conductive element 46, which terminates at ball 50.
  • Conductive elements 44, 46 and ball 50 of the ball grid array provide a continuous conductive side shield such that any physical tampering of the chip would be detectable by the security circuit.
  • Conductive elements 44 and 46 are connected to layer 64 such that other signals may be sent on layer 64. These would include signals from device 62 sent via connections 60, signals from ball 51 sent via connection 57, and signals from ball 53 sent via connection 55.
  • Ball connectors 50 are connected to conductive element 52 on printed circuit board 41. This conductive element is connected to security shield layer 54 on the printed circuit board.
  • the combination of conductive elements 44, 46 and ball 50 provide a continuous conductive barrier which protects against side invasion of the integrated circuit while conductive element 52 (to which ball 50 is conductively coupled) provides the same sort of barrier for the circuit board 41.
  • Security shield 54 on printed circuit board 41 and electrical shield 42 on the integrated circuit 43 complete this security protection such that a security envelope is formed, protecting all sides with a conductive shield. Tampering with this shield would be detected by a security circuit, which could then take the appropriate action (e.g., erasing sensitive data on the chip and prevention of data transmission from the printed circuit board) .
  • Packaging 40 prevents physical inspection of both electrical shield 42 and the side conductive elements 44 and 46.
  • a number of elements within this security- envelope could carry sensitive data.
  • Ball 53 is connected to layer 58 on printed circuit board 41.
  • Sensitive data could be carried on the circuit board at layer 58, transmitted though balls 53, carried on integrated circuit layer 64, and carried on device 62 or conductive connections 60. All elements contained in internal cavity 61 would be protected by the security envelope, as would be the internal elements within integrated circuit 43 and printed circuit board 41 within the security envelope. The same approach may be used with different integrated circuits and other elements (such as displays, keyboards) on the same printed circuit board.
  • the security shields may be produced having an number of different designs. For example, single layer, single net, two ball serpentine shield designs are shown in Figs. 4a, 4b. In Fig. 4a, at the ends of trace 80 are vias 81, 83. In Fig. 4b, at the ends of trace 82 are vias 84, 85. In these two figures, the security shield forms a single layer until the location of vias 81, 83, 84, 85, where conductive elements extend to a via contact.
  • the balls can be at a central location, at an edge location, or in some combination of locations.
  • the conductive trace can have a spiral pattern or a pattern that makes regular sweeps back and forth as just two examples .
  • first net trace 90 includes two vias 90a, 90b, and a second net trace 92 terminates at vias 92a, 92b.
  • first net trace 94 has vias 94a, 94b, and second trace 96 terminates at vias 9 ⁇ a, 96b.
  • first trace 100 terminates at vias 100a, 100b at the ends of the trace and second trace 98 terminates at vias 98a, 98b.
  • the length of the trace is on a single plane, while the vias are connected through a conductive path down the sides of the integrated circuit .
  • Fig. 6 illustrates a two layer, single net serpentine security device.
  • Trace 102 terminates at vias 102a, 102b.
  • a connection through a thickness of the packaging allows the serpentine trace to include sections 102c and 102d, which are in different layers (i.e., above or below) than the rest of the serpentine trace.
  • Figs. 7a, 7b illustrates two layer, two net serpentine security devices.
  • a first layer includes a first trace 104, which terminates at vias 104a, 104b.
  • a second trace 106 terminates at end vias 106a, 106b.
  • the vias may extend via connectors to a surface location on the integrated circuit as shown in
  • each of the traces are similar to the trace of Fig. 6.
  • Trace 108 terminates at vias 108a, 108b.
  • Sections 108c, 108d of trace 108 extend into a different layer than the layer containing the rest of trace 108.
  • Trace 110 terminates at vias 110a, 110b.
  • Sections 110c, 11Od of trace 110 extend into the layer holding the longer sections of trace 108.
  • Many other possible configurations for the electrical shield exist.
  • an external power supply is provided to the chip. This allows sensitive data to be stored on the chip.
  • the power also drives the security circuit, with the current through the security circuit being continually monitored.
  • the integrated circuit can receive sensitive communications and relate sensitive data to the circuit board.
  • the storage of information on the integrated circuit and the running of the security on the chip may be ensured by a supply battery on the printed circuit board.
  • a main supply may be used for power transfer of sensitive information from the integrated circuit to the circuit board, and throughout the board.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Microelectronics & Electronic Packaging (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Condensed Matter Physics & Semiconductors (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)

Abstract

A method and device for data security including a printed circuit board (30) and an integrated circuit (20) each having a conductive trace layer shielded by a electrical shield layer (12, 32) . Tampering with either side of the device causes disturbance of a current flowing through a conductive trace layer (13) used as an electrical shield. This triggers a security circuit to erase the data stored in the integrated circuit (20) and stop data flow between the printed circuit board (30) and the integrated circuit (20) .

Description

Description
SECURITY METHOD FOR DATA PROTECTION
TECHNICAL FIELD
The present device relates to data security devices and methods .
BACKGROUND ART There presently is a need to provide security for data and software. For example, in bank terminals, data are entered using a touchpad or derived by a card reader (e.g., magnetic card reader). These data are used to make a secure transaction. Security is necessary for such a transaction and access to the data must be protected.
To ensure that the data are not tampered with, stolen, or otherwise accessed without authorization, the data are commonly encrypted prior to transmission. However data or software could still be accessed prior to encryption, as by accessing the leads of an integrated circuit to which the unencrypted data are first sent.
In prior devices a three dimensional mesh has been used to enclose a set of integrated circuits and prevent tampering. For example, U.S. Patent No.
6,646,565 discloses a device for security of electronic circuits in which an electronic device is encased between a first and a second circuit board each of which has a serpentine conductive layer. A tamper detection circuit is connected to the conductive layer to detect circuit tampering. The entire device is wrapped in a mesh. Any tampering with the circuit boards or the mesh is sensed by detection of disturbance in a current flowing through a security layer in the circuit boards and mesh. This current disturbance signals a security system to erase sensitive data, such that it will not be intercepted. Other similar devices include U.S. Patent Nos . 4,593,384; 4,691,350; and 4,807,284.
U.S. Patent No. 5,406,630 discloses a tamper proof integrated circuit (IC) device. The package and lid include heavy metals to prevent both x-ray radiation and infrared detection of the functioning of the chip. This effectively provides an electrical shield of the workings of the IC. U.S. Patent No. 6,396,400 discloses a security system for protecting a data storage device. The data storage device is enclosed in a first housing, which is mounted within and separated from a second housing by a number of support structures. A vacuum is created in an interstitial space between the first housing and the second housing. Breach of the second housing causes a pressure change. The pressure change is detected by a sensor which signals the data storage device to act to protect the data from tampering. These disclosed devices are complex and expensive. Alternative, simpler solutions are sought.
SUMMARY OF THE INVENTION
A device and method to protect data using a cavity down pinless contact grid array on a printed circuit board. The grid array package must have an integrated circuit housing additional circuitry. The packaging of this integrated circuit includes a dielectic layer and a conductive layer beneath the dielectric layer. In a similar manner, the circuit board also includes a conductive layer used as an electrical shield layer. Both the printed circuit board and the cavity down grid array integrated circuit have a current introduced through the conductive layer on each respective device. If tampering is detected by a disturbance of the current, then the chip is instructed to scramble or erase data on the chip, preventing access.
BRIEF DESCRIPTION OF THE DRAWINGS Fig. 1 is a cross section of an integrated circuit positioned on a printed circuit board.
Fig. 2 is a flow chart of an embodiment of the security process .
Fig. 3 is a cross sectional view of another embodiment showing an integrated circuit and a printed circuit board.
Fig. 4a is a top view of a serpentine trace having two ball contacts.
Fig. 4b is a top view of an alternative serpentine trace having two ball contacts.
Fig. 5a is a top view of a first embodiment of a two net serpentine trace, each net having two ball contacts .
Fig. 5b is a top view of a second embodiment of a two net serpentine trace, each net having two ball contacts .
Fig. 5c is a top view of a third embodiment of a two net serpentine trace, each net having two ball contacts . Fig. 6 is a top view of a serpentine trace having two ball contacts in which the trace extends into two layers .
Fig. 7a is a top view of a first embodiment of a two net serpentine trace, each net having two ball contacts, with the nets occupying two layers.
Fig. 7b is a top view of a second embodiment of a two net serpentine trace, each net having two ball contacts, with the nets occupying two layers. - A -
DETAILED DESCRIPTION OF THE INVENTION
In the illustrated exemplary embodiment of Fig. 1, a secure integrated circuit has security protection such that it may be used for secure transactions. In this embodiment a cavity down ball grid array integrated circuit 20 is positioned on a printed circuit board 30. Integrated circuit 20 includes balls 14 on the ball grid array. The cavity 18 faces down towards the printed circuit board 30. A wire pin 16 within the cavity 18 is thus not accessible to tampering without drilling through the integrated circuit packaging or the circuit board.
The packaging of the integrated circuit includes an electrical shield layer 12. Layer 10 is a dielectric layer (such as black epoxy or similar material) . Layer 10 protects the electrical shield from physical tampering without prior de-processing. Below this shield layer 12 is a conductor layer 13, for example a plated copper layer. Layer 13 is a conductive layer used for other signal routing. Layer 12 is made by a serpentine trace. This conductor layer 12 is connected to a monitoring circuit, a current source, and to the memory of the integrated circuit. If the integrated circuit is tampered with, as by drilling or other interference, the security circuit is triggered to erase the data on the integrated circuit 20. In a similar manner the printed circuit board 30 includes an dielectric layer 34. If the current is interrupted or otherwise tampered with, the security device erases the data such that it cannot be accessed. In the illustrated example, a ball grid array integrated circuit was used. Other contact arrays, such as a column grid array may alternatively be used. It is preferred that the lead array not include pins (i.e., be a pinless array.) Pins extending into and/or through a printed circuit board would negate the ability to protect signal on the leads.
The integrated circuit that is put in a secure package is designed to embed a specific circuitry that will drive both the integrated circuit security layer 12 and the printed circuit board security layer 32. This circuitry checks to ensure that the integrity of the circuit has not been compromised or been subject to tampering. In Fig. 2, the flow diagram of the security feature in operation is similar to the operation of prior devices in which a combination of multiple printed circuit boards and mesh polymer was used although the device of the present invention is significantly different from the prior art. During the continuous security operation at operation 70, the current flowing through the security system is monitored. The voltage detected at any given time may be compared to a known set voltage level to determine if the voltage is expected and consistent with past voltage levels. At operation 72 a logic queries whether the current has been disrupted. If not, the logic instructs a continuation of operation 70 where the security circuit is monitored. If operation 72 does detect tampering with the circuit (indicated by a disruption of the current) , operation 74 is initiated, and a security measure is initiated to protect the data. Generally, this security measure will be to erase the data .
With respect to Fig. 3, a cross section of an alternative integrated circuit and circuit board is shown. This device includes integrated circuit 43 mounted on circuit board 41. Packaging 40 prevents physical examination of the underlying security shield. This material may be a black epoxy or other similar material .
Embedded in packaging 40 is integrated circuit security shield 42. This security shield may be any conductive means that may be monitored by a security circuit to allow detection of tampering. A serpentine trace is one security shield implementation. Attached to the outer edges of security shield 42 are conductive connections 44, which connects to layer 64, which in turn is connected to conductive element 46, which terminates at ball 50. Conductive elements 44, 46 and ball 50 of the ball grid array provide a continuous conductive side shield such that any physical tampering of the chip would be detectable by the security circuit. Conductive elements 44 and 46 are connected to layer 64 such that other signals may be sent on layer 64. These would include signals from device 62 sent via connections 60, signals from ball 51 sent via connection 57, and signals from ball 53 sent via connection 55. Ball connectors 50 are connected to conductive element 52 on printed circuit board 41. This conductive element is connected to security shield layer 54 on the printed circuit board. The combination of conductive elements 44, 46 and ball 50 provide a continuous conductive barrier which protects against side invasion of the integrated circuit while conductive element 52 (to which ball 50 is conductively coupled) provides the same sort of barrier for the circuit board 41. Security shield 54 on printed circuit board 41 and electrical shield 42 on the integrated circuit 43 complete this security protection such that a security envelope is formed, protecting all sides with a conductive shield. Tampering with this shield would be detected by a security circuit, which could then take the appropriate action (e.g., erasing sensitive data on the chip and prevention of data transmission from the printed circuit board) . Packaging 40 prevents physical inspection of both electrical shield 42 and the side conductive elements 44 and 46. A number of elements within this security- envelope could carry sensitive data. Ball 53 is connected to layer 58 on printed circuit board 41. Sensitive data could be carried on the circuit board at layer 58, transmitted though balls 53, carried on integrated circuit layer 64, and carried on device 62 or conductive connections 60. All elements contained in internal cavity 61 would be protected by the security envelope, as would be the internal elements within integrated circuit 43 and printed circuit board 41 within the security envelope. The same approach may be used with different integrated circuits and other elements (such as displays, keyboards) on the same printed circuit board.
The security shields may be produced having an number of different designs. For example, single layer, single net, two ball serpentine shield designs are shown in Figs. 4a, 4b. In Fig. 4a, at the ends of trace 80 are vias 81, 83. In Fig. 4b, at the ends of trace 82 are vias 84, 85. In these two figures, the security shield forms a single layer until the location of vias 81, 83, 84, 85, where conductive elements extend to a via contact. The balls can be at a central location, at an edge location, or in some combination of locations. The conductive trace can have a spiral pattern or a pattern that makes regular sweeps back and forth as just two examples .
A number of single layer, two network shield designs are shown in Figs. 5a, 5b, and 5c. In Fig. 5a, first net trace 90 includes two vias 90a, 90b, and a second net trace 92 terminates at vias 92a, 92b. In a similar manner, in Fig. 5b first net trace 94 has vias 94a, 94b, and second trace 96 terminates at vias 9βa, 96b. For Fig. 5c, first trace 100 terminates at vias 100a, 100b at the ends of the trace and second trace 98 terminates at vias 98a, 98b. In all three of these examples, the length of the trace is on a single plane, while the vias are connected through a conductive path down the sides of the integrated circuit .
Fig. 6 illustrates a two layer, single net serpentine security device. Trace 102 terminates at vias 102a, 102b. A connection through a thickness of the packaging allows the serpentine trace to include sections 102c and 102d, which are in different layers (i.e., above or below) than the rest of the serpentine trace. Figs. 7a, 7b illustrates two layer, two net serpentine security devices. In Fig. 7a, a first layer includes a first trace 104, which terminates at vias 104a, 104b. In a second layer a second trace 106 terminates at end vias 106a, 106b. The vias may extend via connectors to a surface location on the integrated circuit as shown in
Fig. 3. In Fig. 7b, each of the traces are similar to the trace of Fig. 6. Trace 108 terminates at vias 108a, 108b. Sections 108c, 108d of trace 108 extend into a different layer than the layer containing the rest of trace 108. Trace 110 terminates at vias 110a, 110b.
Sections 110c, 11Od of trace 110 extend into the layer holding the longer sections of trace 108. Many other possible configurations for the electrical shield exist. When the integrated circuit including the security shield of this invention is mounted on a printed circuit board, an external power supply is provided to the chip. This allows sensitive data to be stored on the chip. The power also drives the security circuit, with the current through the security circuit being continually monitored. The integrated circuit can receive sensitive communications and relate sensitive data to the circuit board. The storage of information on the integrated circuit and the running of the security on the chip may be ensured by a supply battery on the printed circuit board. A main supply may be used for power transfer of sensitive information from the integrated circuit to the circuit board, and throughout the board.

Claims

Claims
1. A method comprising: a) providing a printed circuit board including a first electrical shield and surface contact pads; b) providing a pinless lead grid array in a packaged integrated circuit including a second electrical shield on a side of the integrated circuit opposite contacts in said lead grid array in a cavity down orientation, the integrated circuit being in contact with said printed circuit board; c) introducing current through said first electrical shield and said second electrical shield; d) monitoring said current flowing through said first electrical shield and said second electrical shield; and e) stopping transmission of data transmitted between said packaged integrated circuit and said printed circuit board when said monitoring a disturbance in said current is detected.
2. The method of claim 1, further including a subsequent step : f) erasing sensitive data stored in said packaged integrated circuit when said disturbance in said current is detected.
3. An integrated circuit security device comprising: a printed circuit board; a first electrical shield on said printed circuit board; a pinless contact array integrated circuit adapted to be mounted on said printed circuit board; a second electrical shield on said integrated circuit; vias extending between said first electrical shield and said second electrical shield such that a security envelope is formed; and a security circuit configured to monitor current flowing through said security envelope and act to secure data if the tampering is detected.
4. The device of claim 3, wherein said integrated circuit is a ball grid array.
5. The device of claim 3, wherein said integrated circuit is a column grid array.
6. The device of claim 4, wherein said integrated circuit is a cavity down ball grid array.
7. The device of claim 5, wherein said integrated circuit is a cavity down column grid array.
8. The device of claim 3, wherein said second electrical shield layer is a serpentine trace.
9. The device of claim 8, wherein said serpentine trace is contained within one layer of said integrated circuit.
10. The device of claim 8, wherein said serpentine trace includes at least two nets on at least two layers of said integrated circuit .
PCT/US2006/024161 2005-07-21 2006-06-20 Security method for data protection WO2007018761A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
BRPI0613561-7A BRPI0613561A2 (en) 2005-07-21 2006-06-20 security method for data protection
CN2006800325295A CN101258552B (en) 2005-07-21 2006-06-20 Security method and device for data protection

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
FR0507766 2005-07-21
FR0507766A FR2888975B1 (en) 2005-07-21 2005-07-21 SECURITY METHOD FOR DATA PROTECTION
US11/256,124 US7791898B2 (en) 2005-07-21 2005-10-21 Security apparatus
US11/256,124 2005-10-21

Publications (2)

Publication Number Publication Date
WO2007018761A2 true WO2007018761A2 (en) 2007-02-15
WO2007018761A3 WO2007018761A3 (en) 2007-10-25

Family

ID=37727787

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2006/024161 WO2007018761A2 (en) 2005-07-21 2006-06-20 Security method for data protection

Country Status (2)

Country Link
KR (1) KR20080033418A (en)
WO (1) WO2007018761A2 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009036611A1 (en) * 2007-09-21 2009-03-26 Pax Computer Technology (Shenzhen) Co., Ltd. Security protection cover
EP2854086A1 (en) * 2013-09-30 2015-04-01 Intelligent Data, S.L. Electronic Payment Device
US9859226B1 (en) 2016-12-13 2018-01-02 International Business Machines Corporation Core-shell particles for anti-tampering applications
WO2018219924A1 (en) * 2017-06-01 2018-12-06 Innogy Se Protective housing for a circuit board
CN115148118A (en) * 2022-07-07 2022-10-04 黑芝麻智能科技有限公司 Flexible circuit board and display device

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102428479B1 (en) 2021-11-12 2022-08-03 우진라페 주식회사 Powder transfering system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4691350A (en) * 1985-10-30 1987-09-01 Ncr Corporation Security device for stored sensitive data
US5639696A (en) * 1996-01-31 1997-06-17 Lsi Logic Corporation Microelectronic integrated circuit mounted on circuit board with solder column grid array interconnection, and method of fabricating the solder column grid array

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4691350A (en) * 1985-10-30 1987-09-01 Ncr Corporation Security device for stored sensitive data
US5639696A (en) * 1996-01-31 1997-06-17 Lsi Logic Corporation Microelectronic integrated circuit mounted on circuit board with solder column grid array interconnection, and method of fabricating the solder column grid array

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2009036611A1 (en) * 2007-09-21 2009-03-26 Pax Computer Technology (Shenzhen) Co., Ltd. Security protection cover
US8223503B2 (en) 2007-09-21 2012-07-17 Suxian Shi Security cover for protecting the components mounted on a printed circuit board (PCB) against being attached
EP2854086A1 (en) * 2013-09-30 2015-04-01 Intelligent Data, S.L. Electronic Payment Device
US9489668B2 (en) 2013-09-30 2016-11-08 Flypos, S.L. Electronic payment device
US9859226B1 (en) 2016-12-13 2018-01-02 International Business Machines Corporation Core-shell particles for anti-tampering applications
US10249578B2 (en) 2016-12-13 2019-04-02 International Business Machines Corporation Core-shell particles for anti-tampering applications
WO2018219924A1 (en) * 2017-06-01 2018-12-06 Innogy Se Protective housing for a circuit board
CN115148118A (en) * 2022-07-07 2022-10-04 黑芝麻智能科技有限公司 Flexible circuit board and display device

Also Published As

Publication number Publication date
WO2007018761A3 (en) 2007-10-25
KR20080033418A (en) 2008-04-16

Similar Documents

Publication Publication Date Title
US7791898B2 (en) Security apparatus
US8836509B2 (en) Security device
EP1421549B1 (en) A pin pad
US9846459B2 (en) Shield for an electronic device
US5389738A (en) Tamperproof arrangement for an integrated circuit device
CN101611382B (en) Anti-tamper protected enclosure
US7812428B2 (en) Secure connector grid array package
CN107787499B (en) Integrated circuit chip protection against physical and/or electrical modification
WO2007018761A2 (en) Security method for data protection
US11886626B2 (en) Physical barrier to inhibit a penetration attack
US7701244B2 (en) False connection for defeating microchip exploitation
US7855102B2 (en) Method, system, and apparatus for a secure bus on a printed circuit board
BR102012010461B1 (en) SYSTEM FOR MECHANICAL AND ELECTRONIC PROTECTION OF SAFE EQUIPMENT
US8552566B1 (en) Integrated circuit package having surface-mount blocking elements
US6078537A (en) Semiconductor circuit, in particular for use in an integrated module
BR102021006577A2 (en) SYSTEM FOR CONNECTOR PROTECTION FOR SMART CARDS IN EQUIPMENT THAT REQUIRE DATA SECURITY
BRPI1101244A2 (en) smart card connector protection system for data security equipment
IE20010797A1 (en) A PIN pad

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200680032529.5

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application
DPE1 Request for preliminary examination filed after expiration of 19th month from priority date (pct application filed from 20040101)
NENP Non-entry into the national phase

Ref country code: DE

WWE Wipo information: entry into national phase

Ref document number: 1020087003789

Country of ref document: KR

122 Ep: pct application non-entry in european phase

Ref document number: 06773697

Country of ref document: EP

Kind code of ref document: A2

ENP Entry into the national phase

Ref document number: PI0613561

Country of ref document: BR

Kind code of ref document: A2

Effective date: 20080121