skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


Title: Microcontroller Fingerprinting Using Partially Erased NOR Flash Memory Cells
Electronic device fingerprints, unique bit vectors extracted from device's physical properties, are used to differentiate between instances of functionally identical devices. This article introduces a new technique that extracts fingerprints from unique properties of partially erased NOR flash memory cells in modern microcontrollers. NOR flash memories integrated in modern systems-on-a-chip typically hold firmware and read-only data, but they are increasingly in-system-programmable, allowing designers to erase and program them during normal operation. The proposed technique leverages partial erase operations of flash memory segments that bring them into the state that exposes physical properties of the flash memory cells through a digital interface. These properties reflect semiconductor process variations and defects that are unique to each microcontroller or a flash memory segment within a microcontroller. The article explores threshold voltage variation in NOR flash memory cells for generating fingerprints and describes an algorithm for extracting fingerprints. The experimental evaluation utilizing a family of commercial microcontrollers demonstrates that the proposed technique is cost-effective, robust, and resilient to changes in voltage and temperature as well as to aging effects.  more » « less
Award ID(s):
2007403
PAR ID:
10285910
Author(s) / Creator(s):
; ;
Date Published:
Journal Name:
ACM Transactions on Embedded Computing Systems
Volume:
20
Issue:
3
ISSN:
1539-9087
Page Range / eLocation ID:
1 to 23
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. ; (, 29th USENIX Security Symposium)
    null (Ed.)
    Digital sanitization of flash based non-volatile memory system is a well-researched topic. Since flash memory cell holds information in the analog threshold voltage, flash cell may hold the imprints of previously written data even after digital sanitization. In this paper, we show that data is partially or completely recoverable from the flash media sanitized with “scrubbing” based technique, which is a popular technique for page deletion in NAND flash. We find that adversary may utilize the data retention property of the memory cells for recovering the deleted data using standard digital interfaces with the memory. We demonstrate data recovery from commercial flash memory chip, sanitized with scrubbing, by using partial erase operation on the chip. Our results show that analog scrubbing is needed to securely delete information in flash system. We propose and implement analog scrubbing using partial program operation based on the file creation time information. 
    more » « less
  2. ; (, IEEE)
    This paper uses a mutual-information maximization paradigm to optimize the voltage levels written to cells in a Flash memory. To enable low-latency, each page of Flash memory stores only one coded bit in each Flash memory cell. For example, three-level cell (TL) Flash has three bit channels, one for each of three pages, that together determine which of eight voltage levels are written to each cell. Each Flash page is required to store the same number of data bits, but the various bits stored in the cell typically do not have to provide the same mutual information. A modified version of dynamic-assignment Blahut-Arimoto (DAB) moves the constellation points and adjusts the probability mass function for each bit channel to increase the mutual information of a worst bit channel with the goal of each bit channel providing the same mutual information. The resulting constellation provides essentially the same mutual information to each page while negligibly reducing the mutual information of the overall constellation. The optimized constellations feature points that are neither equally spaced nor equally likely. However, modern shaping techniques such as probabilistic amplitude shaping can provide coded modulations that support such constellations. 
    more » « less
  3. ; ; (, Proceedings of the 15th ACM Workshop on Hot Topics in Storage and File Systems)
    In this paper, we propose a new page-writing technique to hide secret information using the threshold voltage variation of programmed memory cells. We demonstrate the proposed technique on the state-of-the-art commercial 3D NAND flash memory chips by utilizing common user mode commands. We explore the design space metrics of interest for data hiding: bit accuracy of public and secret data and detectability of holding secret data. The proposed method ensures more than 97% accuracy of recovered secret data, with negligible accuracy loss in the public data. Our analysis shows that the proposed technique introduces negligible distortions in the threshold voltage distributions. These distortions are lower than the inherent threshold voltage variations of program states. As a result, the proposed method provides a hiding technique that is undetectable, even by a powerful adversary with low-level access to the memory chips. 
    more » « less
  4. ; ; ; (, ACM Transactions on Embedded Computing Systems)
    Instant data deletion (or sanitization) in NAND flash devices is essential for achieving data privacy, but it remains challenging due to the mismatch between erase and write granularities, which leads to high overhead and accelerated wear. While page-overwrite-based instant data sanitization has proven effective for 2D NAND, its applicability to 3D NAND is limited due to the unique sub-block architecture. In this study, we experimentally evaluate page-overwrite-based sanitization on commercial 3D NAND flash memory chips and uncover significant threshold voltage disturbances in erased cells on adjacent pages within the same layer but across different sub-blocks. Our key findings reveal that page-overwrite sanitization increases the median raw bit error rate (RBER) beyond correction limits (exceeding 0.93%) in Floating-Gate (FG) Single-Level Cell (SLC) technology, whereas Charge-Trap (CT) SLC 3D NAND flash memories exhibit higher robustness. In Triple-Level Cell (TLC) 3D NAND, page-overwrite sanitization proves impractical, with the median RBER of ∼13% for FG and ∼5% for CT devices. To overcome these challenges, we proposePULSE, a low-disturbance sanitization technique that balances sanitization efficiency ({{\eta }_{san}}) and data integrity (RBER). Experimental results show that PULSE eliminates RBER increases in SLC devices and reduces the median RBER to below 0.57% for FG and 0.79% for CT in fresh TLC blocks, demonstrating its practical viability for 3D NAND flash sanitization. 
    more » « less
  5. ; ; (, IEEE Transactions on Information Forensics and Security)
    This article introduces a novel, low-cost technique for hiding data in commercially available resistive-RAM (ReRAM) chips. The data is kept hidden in ReRAM cells by manipulating its analog physical properties through switching (set/reset) operations. This hidden data, later, is retrieved by sensing the changes in cells’ physical properties (i.e., set/reset time of the memory cells). The proposed system-level hiding technique does not affect normal memory operations and does not require any hardware modifications. Furthermore, the proposed hiding approach is robust against temperature variations and the aging of the devices through normal read/write operation. The silicon results show that our proposed data hiding technique is acceptably fast with ∼0.12bit/s of encoding and ∼3.26Kbits/s of retrieval rates, and the hidden message is unrecoverable without the knowledge of the secret key, which is used to enhance the security of hidden information. 
    more » « less
  • Citation Formats
  • MLA
  • APA
  • Chicago
  • BibTeX
  • Save / Share this Record
  • Send to Email