Abstract
Localizing security-relevant hard blocks on modern System-on-Chips (SoCs) for physical attacks, such as sidechannel analysis and fault attacks, has become increasingly time-consuming due to ever-increasing chip-area and - complexity. While this development increases the effort and reverse engineering cost, it is not sufficient to withstand resolute attackers. This paper explores the application of camera-based lock-in thermography (LIT), a nondestructive testing method, for identifying and localizing security hard blocks on integrated circuits. We use a synchronous signal to periodically activate security-related functions in the firmware, which causes periodic temperature changes in the activated die areas that we detect and localize via an infra-red camera. Using this method, we demonstrate the precise detection and localization of security-related hard blocks at the die level on a modern SoC.
