IEEE TRANSACTIONS ON VERY LARGE SCALE INTEGRATION (VLSI) SYSTEMS, VOL. 15, NO.

4, APRIL 2007

461

Transactions Briefs
Testable Designs of Multiple Precharged Domino Circuits
Themistoklis Haniotakis, Yiorgos Tsiatouhas, Dimitris Nikolos, and Constantine Efstathiou

AbstractDomino CMOS circuits are an option for speeding up critical units. An inherent problem of Domino logic is that under specic input conditions the charge redistribution between parasitic capacitances at internal nodes of a circuit can violate the noise margins and cause erroneous responses at the output. The dominant solution to this problem is the multiple precharging of the gates internal nodes. However, the added precharge transistors are not testable for stuck-open faults. Undetectable stuck-open faults at these transistors may cause noise margins reduction and consequently may affect the reliability of the circuit since its operation in the eld will be sensitive to environmental factors such as noise. In this paper, we propose new multiple precharging design schemes that enhance Domino circuits testability with respect to transistor stuck-open and stuck-on faults. Index TermsDesign for testability, Domino CMOS, multiple precharge.

Fig. 1. Domino gate and the charge sharing problem.

I. INTRODUCTION Domino CMOS logic provides circuits with silicon area requirements, smaller than full static CMOS logic, while they operate 1.5 to 2 times faster than full static CMOS logic circuits [1][3]. Due to these features, Domino circuits have been widely used in high performance CMOS microprocessors [4][7]. In Domino logic, a single clock is used to precharge and evaluate a cascaded set of dynamic logic blocks [8]. In Fig. 1, a Domino circuit is shown. During the precharge phase (CLK = 0) the pMOS transistor MP precharges node F 0 to high and, thus, the output F is discharged. During the evaluation phase (CLK = 1), node F 0 is either discharged or remains high (and the output F goes to high or remains low) depending on the function realized by the nMOS logic network N . During the evaluation phase, the transition of node F (F 0 ) can be only from low to high (high to low). Since there are cascaded logic blocks, the evaluation of a stage causes the next stage to evaluate and so on. The dynamic node F 0 is precharged high and then may be left oating so its voltage will drift over time due to leakage currents. The problem is solved with the use of keepers [8].

Manuscript received December 18, 2005; revised June 17, 2006 and December 9, 2006. This work was supported in part by the European Social Fund (ESF) and by the Greek Government within the framework of project Archimedes. A preliminary version of this work has been included (as a poster presentation) in the program of the International Symposium on Quality Electronic Design in 2000. T. Haniotakis is with the Department of Electrical and Computer Engineering, Southern Illinois University, Carbondale, IL 62901 USA (e-mail: haniotak@siu. edu). Y. Tsiatouhas is with the Department of Computer Science, University of Ioannina, Panepistimioupolis, 45110 Ioannina, Greece (e-mail: tsiatouhas@cs. uoi.gr). D. Nikolos is with the Department of Computer Engineering and Informatics, University of Patras, 26500 Rio, Patras, Greece (e-mail: nikolosd@cti.gr). C. Efstathiou is with the Department of Informatics, Technology Education Institute of Athens, 12210 Egaleo, Athens, Greece (e-mail: cefsta@teiath.gr). Digital Object Identier 10.1109/TVLSI.2007.893664

Physical failures that permanently leave transistors in a nonconducting or a conducting state are modelled by the transistor stuck-open (TSOP) and the transistor stuck-on (TSON) faults, respectively, [9]. Domino CMOS logic provides circuits with higher testability compared to full static CMOS [10]. In full static CMOS circuits, a single TSOP fault is detected by a two-pattern test with the rst being an initializing vector. This test procedure can be invalidated due to circuit delays [11]. In the case of Domino logic, the vast majority of TSOP faults require a single-pattern [12], which cannot be invalidated due to arbitrary signal delays [13]. This remains valid in the case of multiple faults in the circuit [10]. Finally, the detection of TSON faults in static CMOS requires the use of current monitoring techniques [14], whose application becomes difcult as we move deeper into submicrometer technologies [15], while the majority of all possible TSON faults in a Domino gate can be detected by logic tests. A point deserving special attention is that the test vectors for testing most stuck-at, TSOP, and TSON faults in a Domino circuit can be derived using an automatic test pattern generation (ATPG) tool for stuck-at faults. However, Domino CMOS circuits can suffer from an inherent noise margin problem due to charge redistribution between parasitic capacitances at the internal nodes of the circuit, which can cause an erroneous response at the output of a Domino gate [16]. For example, consider the Domino gate of Fig. 1 and two successive vectors, the rst one setting only transistor MN1 at the nonconducting state and the second vector setting only transistors MN5 and MN6 at the nonconducting state, during the corresponding evaluation phases. Then, in the second evaluation phase, the charge of node F 0 is distributed among the internal capacitances C2 0 C5 which had been discharged during the rst evaluation phase. If the charge sharing is small, the keeper will eventually restore the dynamic output to VDD . However, if the charge sharing is large, the output may ip and turn off the keeper, leading to incorrect results [17]. Charge sharing can be overcome by precharging some or all of the internal nodes with secondary precharge transistors [16][18] as shown in Fig. 2. A technique to minimize the charge sharing vulnerability by reordering the nMOS transistors of the dynamic logic block has also been proposed in [19], but this is not always a robust solution. We can easily see that TSON faults at the secondary precharge transistors, transistor MP2 in Fig. 2, can be detected by current monitoring

1063-8210/$25.00 2007 IEEE

462

IEEE TRANSACTIONS ON VERY LARGE SCALE INTEGRATION (VLSI) SYSTEMS, VOL. 15, NO. 4, APRIL 2007

Fig. 2. Multiple precharged Domino logic.

Fig. 3. Proposed testable multiple precharged Domino circuit.

techniques, while the TSOP faults are undetectable. To the best of our knowledge, the testability of TSOP faults at the secondary precharge transistors of multiple precharged Domino CMOS circuits has not been addressed in the open literature. In this paper, we propose new multiple precharging schemes to overcome the problem of the undetectable TSOP faults which in many cases improves also the testability of TSON faults. This paper is organized as follows. In Section II, testing aspects of Domino logic are presented. In Section III, new testable multiple precharge techniques for Domino logic gates are proposed, and in Section IV, simulation results are presented to validate their operation. Finally, in Section V, the conclusions are drawn. II. DOMINO LOGIC TESTABILITY ISSUES As mentioned in the Introduction, standard Domino logic provides many testability advantages over static CMOS logic [10]. In order to test a Domino CMOS circuit is useful to derive its gate-level model rst. A gate-level model for a Domino CMOS gate is obtained from its nMOS network simply by replacing a parallel connection of transistors by an OR gate and a series connection by an AND gate [14]. For example, the gate-level model of the Domino CMOS gate of Fig. 1 consists of an AND logic gate with output F and two inputs, one is the output of an AND logic gate with inputs A, B , C , and D and an OR logic gate with inputs E and H . If there is a stuck-at 0 fault at the input of any transistor in the nMOS network of the Domino gate it will lead to that TSOP fault. Similarly, a stuck-at 1 fault will result in a TSON fault. Therefore, if we derive, using a ATPG tool, a test set for all single stuck-at faults at the gate-level model, it will detect all single stuck-at, TSON, and TSOP faults in the nMOS network in the evaluation phase as well as a single stuck-at fault at the dynamic node and the output of the gate [14]. in Fig. 2) is A TSOP fault at the clocked nMOS transistor ( equivalent to a stuck-at 1 fault at node F 0 or a stuck-at 0 at F . Similarly, a TSOP fault at the pMOS transistor of the inverter is equivalent to a stuck-at 0 fault at F . A TSOP fault at the nMOS transistor of the inverter, however, requires a two-pattern test that will result in a 1 to 0 transition at F . This two-pattern test can be taken by ordering two stuck-at test vectors, the rst is a test vector for the stuck-at 0 fault at F (initializing vector) and the second is a test vector for the stuck-at 1 fault at F (test vector). The same two-pattern test can detect a TSOP fault at the pMOS transistor precharging the dynamic output node (MP1 in Fig. 2). The TSON fault for the transistors in the inverter and the transistor precharging the dynamic output node (MP1 in Fig. 2) can be tested

with current monitoring. Finally, a TSON fault at the clocked nMOS is not robustly testable. However, the presence of this transistor transistor is not essential for the functionality or the noise margins of the circuit and can be omitted [20]. Testability problems, with respect to the TSOP faults, are faced for the keeper and the secondary precharge transistors in a Domino gate (MP2 in Fig. 2), since these faults are not robustly testable. The detection of TSON faults at the secondary precharge transistors can be achieved exploiting current monitoring-based techniques. However, in the keeper case, this is not an effective approach since the keepers are weak transistors to provide excessive defective currents and the fault is considered undetectable. In Section III, we present new design techniques to achieve complete testability, with respect to TSOP and TSON faults, of the secondary precharge transistors in a Domino gate.

MN

III. DESIGN OF TESTABLE MULTIPLE PRECHARGED DOMINO CIRCUITS A. Completely Testable Multiple Precharged Domino Logic A solution to the testability problem of TSOP and TSON faults for the secondary precharge transistors is to put them on a chain which starts from VDD , passes through every internal node, which must be precharged, and ends at the output of the dynamic gate, as it is shown in Fig. 3. In the fault-free operation, the precharging of node F 0 and the internal node S is accomplished through the pMOS transistors 1 and 2 . A TSOP fault at 1 or 2 is detected using a pair of test vectors; the rst must set node F 0 to low during the evaluation phase or equivalently node F to high. The second vector in the fault-free case must set network N1 at a nonconducting state and N2 to a conducting state, that is F 0 to VDD or equivalently node F to low. In the case of a 0 TSOP fault in one of 1 or 2 node F will not go to high in the precharge phase of the second vector, hence, node F 0 will remain low and the fault is detected. A gate-level model for the Domino CMOS gate of Fig. 3 consists of two logic gate networks modeling N1 and N2 , whose outputs drive a two-input AND gate with output F . Then, the previous discussion implies that the rst vector can be derived by an ATPG for a stuck-at 0 fault at the gate output node F , while the second test vector can be derived by an ATPG for a stuck-at 1 fault at one of the inputs of N1 network at the logic gate-level model. The detection of a TSON fault at transistor 1 can be done using a single vector that leaves network N2 in a conducting state during the evaluation phase and applying current monitoring techniques, just as in the conventional Domino design. A TSON fault at transistor 2 can

MP

MP

MP

MP

MN

MP MP

MP

MP

IEEE TRANSACTIONS ON VERY LARGE SCALE INTEGRATION (VLSI) SYSTEMS, VOL. 15, NO. 4, APRIL 2007

463

Fig. 5. Proposed robust testable multiple precharged Domino circuit.

Fig. 4. General structure of a testable multiple precharged Domino circuit.

be detected by a single vector that sets network N1 to a nonconducting state and network N2 to a conducting state during the evaluation phase. In the fault-free case, the node F 0 will not be discharged while in the presence of the fault it will be discharged through MP2 and the network N2 . Taking into account the gate-level model for the Domino CMOS gate of Fig. 3, we conclude that the test vector for the detection of the TSON fault at MP2 can be derived by an ATPG for the stuck-at 1 fault at one of the inputs of network N1 . The keeper is not capable to invalidate the test since it is a weak transistor. The remaining transistors of the circuit can be tested for TSOP or TSON faults according to the standard Domino logic testing techniques presented in Section II. The general case of our design methodology is shown in Fig. 4. The rule is that the internal nodes Si of a Domino gate, that must be precharged, are accessed in a serial manner using pMOS transistors to isolate each node from the other. According to the previous discussion, a test vector for the stuck-at 1 fault at node F followed by a test vector for the stuck-at 0 fault at node F detects the TSOP fault at MP1 ; MP2 ; . . ., or MPn A gate level model for the Domino CMOS gate of Fig. 4 consists of n logic gate networks modeling N1 ; N2 ; . . ., and Nn whose outputs drive a n-input AND gate. A test vector for the 6 1, can be derived by an detection of the TSON fault at MPi , with i = ATPG for the stuck-at 1 fault at one of the inputs of the Ni logic network at the logic gate equivalent circuit. Note that this test vector can be the second vector of the two pattern test that detects the TSOP fault at MPi . A TSON fault at MP1 can be tested as in the standard Domino logic case. From the previous discussion, we conclude that using the proposed technique for the arrangement of the secondary precharge transistors we ensure that they are tested by logic tests and the required test vectors can be derived using available ATPG tools for stuck-at faults at logic gate level. B. Robustly Testable Multiple Precharged Domino Logic A test invalidation problem may occur in the detection of a TSOP fault at a secondary precharge transistor of the proposed design. For example, in Fig. 3, despite a TSOP fault at MP2 node F 0 is possible to

be precharged to high through network N1 during the transition from the evaluation phase of the initializing vector to the precharge phase of the test vector. Note that in the evaluation phase of the initializing vector of the pair required for testing the TSOP fault at MP2 , both N1 and N2 networks are in the conducting state. Under the realistic assumption that the Domino gate under consideration is embedded in a larger circuit, a practical solution to the above problem is illustrated in Fig. 5. According to this, the precharge of the internal node Q of the gate under consideration and the node G0 of another gate without charge sharing problems, is implemented using a common precharge transistor MP2 . In order to isolate node Q from the node G0 during the evaluation phase, a pMOS pass transistor MP3 is inserted between these two nodes, which is also driven by the clock signal CLK. Note that also this design does not need any extra test transistors. In the new design, testing of transistor MP1 is done in the same way as in the standard Domino logic for both TSOP and TSON faults. A TSOP fault either at transistor MP2 or MP3 can be tested as follows. The initializing vector sets nodes Q and G0 to low (networks N2 and N3 must be set at conducting states) and network N1 to a nonconducting state. Then, the test vector changes the state of N3 to nonconducting. In the fault-free case, G0 will be at VDD , while under the occurrence of the fault G0 will be at 0 since its charging is not feasible during the precharge phase of the second vector. A gate-level model for the Domino CMOS gates of Fig. 5 consists of three logic gate networks modeling N1 , N2 , and N3 . The outputs of N1 and N2 drive a two-input AND gate with output K , while the output of N3 is the output G. The initializing vector for the detection of a TSOP fault at MP2 or MP3 can be derived by an ATPG for the stuck-at 0 fault at node G under the constraint that the outputs of N1 and N2 logic networks in the gate level model is equal to 0 and 1, respectively. The second vector (test vector) for the detection of a TSOP fault at MP2 or MP3 can be derived by an ATPG for the stuck-at 1 fault at node G under the constraint that the output of the logic network N1 in the gate level model is equal to 0. We have to note that commonly available ATPG tools offer the ability to set constraints. A TSON fault at transistor MP2 can be tested using current monitoring as described in Section III-A for the TSON at MP1 in Fig. 3. A TSON fault at MP3 can be tested using a single test vector that sets network N2 at a conducting state and network N3 at a nonconducting state. The application of a vector of this type discharges node G0 through the transistor MP3 and network N2 during the evaluation phase and, thus, node G turns erroneously to high and the fault is detected. Taking into account the gate-level model for the Domino CMOS gates of Fig. 5 described earlier, the test vector for the detection of the TSON fault at MP3 can be derived by an ATPG for the stuck-at 1 fault at node G

464

IEEE TRANSACTIONS ON VERY LARGE SCALE INTEGRATION (VLSI) SYSTEMS, VOL. 15, NO. 4, APRIL 2007

under the constraint that the output of the N2 logic network in the gate level model is equal to 1. As in Section III-A, we conclude that using the new robust design for testability technique for the arrangement of the secondary precharge transistors, we ensure that they are tested by logic tests and the required test vectors can be derived using available ATPG tools for stuck-at faults at logic gate level. Finally, all the other transistors in the circuit can be tested for TSOP or TSON faults using the methods discussed in Section II for the standard Domino logic. IV. SIMULATION RESULTS The design for testability techniques proposed in this paper, were evaluated through extensive SPICE simulations. At rst we investigate how much our multiple precharge techniques affect the delay of a circuit. Gates F , K , and G in Figs. 2, 3, and 5 were implemented using the 0.18-m CMOS technology of UMC. Each of the nMOS networks N1 , N2 , and N3 realize an OR function with equal number of transistors which changes from two to ten in order to get several parasitic capacitances at nodes F 0 , S , K 0 , Q, and G0 . In the standard multiple precharged circuit the transistor sizes were Wp =Lp = 0:48=0:18 m for the pMOS transistors and Wn =Ln = 0:24=0:18 m for the nMOS transistors of the network close to the dynamic gate output (networks N1 and N3 ); Wn is increased by 0.04 m for each stacked network of transistors as we move toward the ground. Furthermore, the supply voltage was equal to VDD = 1:8 V, while the output load for each gate was equal to the gate capacitance of four minimum size nMOS transistors (Wn =Ln = 0:24=0:18 m). For equal sized transistors in the standard and the two proposed designs the energy and the worst case delay overhead (due to lengthened evaluation time) is less than 6.4% and 8.7%, respectively, for our rst design and less than 2.2% and 5.8% for our second design. To get equal energy dissipation per cycle with the standard design in the rst of our designs the transistor widths of network N2 and the tail transistor MN in Fig. 3 are decreased by 0.04 and 0.08 m, respectively, with respect to the corresponding transistors of the standard design, offering an area reduction between 5.3% and 9.1% (the exact value depends on the number of transistors in N1 and N2 ). In the second of the proposed designs the transistors widths of N2 and the tail transistor of MN2 in Fig. 5 are decreased by 0.04 m providing an area reduction between 2.4% and 4%. Note, that in these cases, the clock signal capacitance load is decreased due to the reduction of the clocked nMOS transistors width. The delay overhead is less than 13.9% and 6.5% for the rst and the second of the proposed designs with respect to the standard one. To get equal evaluation delay times, the width of the clocked nMOS transistor under network N2 (Figs. 3 and 5) has been increased by 0.10m, which implies a small area increase less than 3.3%. The extra energy dissipation per cycle is less than 10.7% for the rst of the proposed designs and less than 2.7% for the second one. Part of this extra energy (about 70% for the rst and 90% for the second technique) is dissipated to charge the internal precharged nodes due to the addition of an extra drain capacitance and the rest (30% for the rst and 10% for the second design) by the clock signal on the previously mentioned clocked nMOS transistor that its width has slightly increased. Due to the fact that in the proposed designs the internal nodes are precharged through a chain of pMOS transistors, the precharge delay increases from 70% up to 124% for the rst of the proposed designs and from 58% up to 99% for the second (equal energy dissipation cases) as the number of transistors in the nMOS networks increases from two to ten. In the rst of the proposed designs, the precharge delay increases further as the number of the stacked nMOS networks increases, while

in the second of the proposed designs, is not affected. Considering a gate as stand alone a portion of the increase, which depends on the duty cycle of the clock, is hidden in the evaluation phase and does not affect the cycle time. In the cases that the circuit consists of two or more cascaded Domino gates and the duty cycle of the clock is 50%, as in the cases of pipelined structures, all the precharge delay is hidden in the evaluation phase. The operation of the robustly testable design presented in Section III-B is validated through simulations for the circuit of Fig. 5 for every possible fault condition and for various gate sizes. The simulation results conrm the testability of the precharge transistors according to the proposed multiple precharge techniques with respect to the fault models under consideration. In addition, a Domino 32-bit, four stages pipeline carry look-ahead (CLA) adder has been designed. The basic building block is a 4-bit CLA unit designed according to the techniques described in [8]. Due to the noninverting nature of the Domino logic, the race-free design technique, proposed in [21], has been adopted for the implementation of the sum XOR gates. Each stage consists of two 4-bit CLA units in a ripple carry topology. Three versions of the CLA unit have been designed: 1) using keepers and secondary transistors for internal node precharging according to the standard multiple precharging technique; 2) using keepers and secondary transistors for internal node precharging according to the rst testable multiple precharging technique proposed in this paper; and 3) using keepers and secondary transistors for internal node precharging according to the second robustly testable multiple precharging technique. These proposed techniques have been applied to three of the four gates of each CLA unit, those with the higher fan-in, where the depth of the nMOS transistor networks is high and charge sharing is a problem so that the use of a multiple precharge technique is imperative. By optimizing the size of the nMOS transistors in the evaluation networks for performance, the stage evaluation propagation delay of the standard design is 562 ps and the required precharge time (using minimum size precharge transistors) is 248 ps. Aiming to retain the circuit performance (propagation delay equal to 562 ps) under the application of the proposed multiple precharging techniques: 1) a 4.8% overhead in silicon area and a 3.9% increase in the average energy dissipation per cycle are reported for the rst technique with a required precharge time equal to 526 ps and 2) a 3.4% silicon area overhead and 3.3% increase in the average energy dissipation per cycle are reported for the second technique with a required precharge time equal to 521 ps. The cost, either in delay, energy dissipation, or silicon area, from the application of the proposed design for testability techniques in a whole circuit is expected to be less than this reported in our simulation results for a single gate or a couple of gates. This is due to the fact that in a circuit only those gates with charge sharing problems require multiple precharging solutions and, consequently, the application of these techniques. The previous statement is conrmed by the provided results on the CLA adder, where, for equal delay among the standard and the two proposed techniques, the energy and silicon area cost is small. V. CONCLUSION Simple to implement design for testability techniques for multiple precharge Domino circuits have been proposed. These designs retain the ability to overcome charge sharing problems and provide 100% fault coverage for TSOP and TSON faults. The test vectors for the detection of TSOP and TSON faults at the secondary precharge transistors can be derived by an ATPG for stuck-at faults at logic gate level. According to experimental results, the silicon area and the power consumption overhead from the application of these techniques can be very small even when the aim is to retain the performance.

IEEE TRANSACTIONS ON VERY LARGE SCALE INTEGRATION (VLSI) SYSTEMS, VOL. 15, NO. 4, APRIL 2007

465

REFERENCES
[1] R. H. Krambeck, C. M. Lee, and H.-F. S. Law, High-speed compact circuits with CMOS, IEEE J. Solid-State Circuits, vol. 17, no. 3, pp. 614619, Jun. 1982. [2] D. Harris and M. A. Horowitz, Skew-tolerant Domino circuits, IEEE J. Solid-State Circuits, vol. 32, no. 11, pp. 17021711, Nov. 1997. [3] C. Cornelius, S. Koppe, and D. Timmermann, Dynamic circuit techniques in deep submicron technologies: Domino logic reconsidered, in Proc. Int. Conf. IC Des. Technol. (ICICDT), 2006, pp. 5356. [4] K. Bernstein, J. Ellis-Monaghan, and E. Nowak, High-speed design styles leverage IBM technology prowess, IBM Micro News, vol. 4, no. 3, pp. 17, 1998. [5] R. Heald, K. Aingaran, C. Amir, and M. Ang et al., A third-generation SPARC V9 64-b microprocessor, IEEE J. Solid-State Circuits, vol. 35, no. 11, pp. 15261538, Nov. 2000. [6] S. D. Naffziger, G. Colon-Bonet, T. Fischer, R. Riedlinger, T. J. Sullivan, and T. Grutkowski, The implementation of the Itanium 2 microprocessor, IEEE J. Solid-State Circuits, vol. 37, no. 11, pp. 14481460, Nov. 2002. [7] S. Wijerante, N. Siddaiah, S. Mathew, M. Anders, R. Krishnamurthy, J. Anderson, S. Hwang, M. Ernest, and M. Nardin, A 9 GHz 65 nm Intel Pentium 4 processor integer execution core, in Proc. Int. Solid-State Circuits Conf. (ISSCC), 2006, pp. 353355. [8] J. M. Rabaey, A. Chandrakasan, and B. Nikolic, Digital Integrated Circuits: A Design Perspective. Englewood Cliffs, NJ: Prentice-Hall, 2003. [9] R. L. Wadsack, Fault modelling and logic simulation of CMOS and MOS integrated circuits, Bell Syst. Tech. J., vol. 57, pp. 14491474, 1978. [10] N. K. Jha, Testing for multiple faults in Domino CMOS logic circuits, IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst., vol. 7, no. 1, pp. 109116, Jan. 1988. [11] S. M. Reddy and M. K. Reddy, Testable realisations for FET stuck-open faults in CMOS combinational logic circuits, IEEE Trans. Comput., vol. 35, no. 8, pp. 742754, Aug. 1986. [12] N. K. Jha and Q. Tong, Testing multiple-output domino logic (MODL) CMOS circuits, IEEE J. Solid-State Circuits, vol. 25, no. 3, pp. 800805, Mar. 1990. [13] V. G. Oklobdzija and P. G. Kovijanic, On testability of CMOSDomino logic, in Proc. Int. Symp. Fault Tolerant Comput., 1984, pp. 5055. [14] N. Jha and S. Gupta, Testing of Digital Systems. Cambridge, U.K.: Cambridge Univ. Press, 2003. [15] S. S. Sabade and D. M. H. Walker, IDDX-based test methods: A survey, ACM Trans. Design Autom. Electron. Syst., vol. 9, no. 2, pp. 159198, Feb. 2004. [16] J. A. Pretorius, A. S. Shubat, and A. T. Salama, Charge redistribution and noise margins in Domino CMOS logic, IEEE Trans. Circuits Syst., vol. 33, no. 8, pp. 786793, Aug. 1986. [17] N. H. E. Weste and D. Harris, CMOS VLSI Design: A Circuits and Systems Perspective. Reading, MA: Addison Wesley, 2005. [18] L. Ding and P. Mazunder, On circuit techniques to improve noise immunity of CMOS dynamic logic, IEEE Trans. Very Large Scale Integr. (VLSI) Syst., vol. 12, no. 9, pp. 910925, Sep. 2004. [19] S.-C. Chang, C.-H. Cheng, W.-B. Jone, S.-D. Lee, and J.-S. Wang, Charge-sharing alleviation and detection for CMOS Domino circuits, IEEE Trans. Comput.-Aided Des. Integr. Circuits Syst., vol. 20, no. 2, pp. 266280, Feb. 2001. [20] K. Bernstein, K. Carrig, C. Durham, P. Hansen, D. Hogenmiller, E. Nowak, and N. Rohrer, High Speed CMOS Design Styles. Norwell, MA: Kluwer, 1999. [21] C.-H. Huang, J.-S. Wang, C. Yeh, and C.-J. Fang, The CMOS carry-forward adders, IEEE J. Solid-State Circuits, vol. 39, no. 2, pp. 327336, Feb. 2004.

Aiding Side-Channel Attacks on Cryptographic Software With Satisability-Based Analysis

Nachiketh R. Potlapally, Anand Raghunathan, Srivaths Ravi, Niraj K. Jha, and Ruby B. Lee

AbstractCryptographic algorithms, irrespective of their theoretical strength, can be broken through weaknesses in their implementations. The most successful of these attacks are side-channel attacks which exploit unintended information leakage, e.g., timing information, power consumption, etc., from the implementation to extract the secret key. We propose a novel framework for implementing side-channel attacks where the attack is modeled as a search problem which takes the leaked information as its input, and deduces the secret key by using a satisability solver, a powerful Boolean reasoning technique. This approach can substantially enhance the scope of side-channel attacks by allowing a potentially wide range of internal variables to be exploited (not just those that are trivially related to the key). The proposed technique is particularly suited for attacking cryptographic software implementations which may inadvertently expose the values of intermediate variables in their computations (even though, they are very careful in protecting secret keys through the use of on-chip key generation and storage). We demonstrate our attack on standard software implementions of three popular cryptographic algorithms: DES, 3DES, and AES. Our attack technique is automated and does not require mathematical expertise on the part of the attacker. Index TermsAES, cryptanalysis, side-channel attacks, software, 3DES. DES, satisability, security,

I. INTRODUCTION Security has emerged as a critical concern in a wide range of electronic systems. Extensive experience with the use and deployment of security technologies has shown that, in practice, most security systems are broken by exploiting weaknesses in their implementations, making it important to consider security during the complete design process. Cryptographic primitives, such as encryption and hashing algorithms, form the basis of most security mechanisms. A cryptographic system may be abstracted as a mathematical function that performs a given mapping of its input to its output. However, in reality, it should be viewed as a specic (hardware or software) implementation of the mathematical function. Cryptanalysis refers to the process of breaking a cryptographic system without a brute-force search (e.g., for an encryption algorithm, deriving the n-bit key without 2n operations). Traditionally, cryptanalysis has focused on just the mathematical function underlying the system, e.g., by analyzing statistical properties of the outputs under the application of targeted inputs [1], [2]. However, many of these attacks are infeasible in practice due to the large amount of data required to implement them. More recently, a powerful class of attacks, called side-channel attacks, has emerged, which exploits information from the implementation to substantially reduce the complexity of performing cryptanalysis [3][7]. Side-channel attacks can be viewed as consisting of two phases: an observation phase, wherein information is gathered by monitoring a side-channel in the target system and an analysis or deduc-

Manuscript received March 2, 2006; revised May 27, 2006. This work was supported by the National Science Foundation under Grant CCR-0326372. N. R. Potlapally, N. K. Jha, and R. B. Lee are with the Department of Electrical Engineering, Princeton University, Princeton, NJ 08544 USA (e-mail: npotlapa@princeton.edu; jha@princeton.edu; rblee@princeton.edu). A. Raghunathan and S. Ravi are with NEC Laboratories America, Princeton, NJ 08540 USA (e-mail: anand@nec-labs.com; sravi@nec-labs.com). Digital Object Identier 10.1109/TVLSI.2007.893665 1063-8210/$25.00 2007 IEEE